Oracle E-Business Suite Vulnerability in Field Service Component
CVE-2016-3466

9.1CRITICAL

Key Information:

Vendor: Oracle
Status: Field Service
Vendor: CVE Published:; 21 April 2016

Summary

An unspecified vulnerability in the Oracle Field Service component of Oracle E-Business Suite versions 12.1.1, 12.1.2, and 12.1.3 poses serious risks by allowing remote attackers to manipulate data integrity and confidentiality via certain vectors related to wireless communication. Organizations using these affected versions should take immediate steps to mitigate potential exploitation and safeguard sensitive information.

References

http://www.oracle.com/technetwork/security-advisory/cpuap...

x_refsource_CONFIRM

http://www.securitytracker.com/id/1035603

vdb-entryx_refsource_SECTRACK

CVSS V3.1

Score:

9.1

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 21, 2016
Vulnerability Reserved
Mar 17, 2016