Unspecified Vulnerability in Oracle Supply Chain Products Suite 6.4.1
CVE-2016-3470

7.1HIGH

Key Information:

Vendor

Oracle
Status
Transportation Management
Vendor
CVE Published:
21 July 2016

What is CVE-2016-3470?

An unspecified vulnerability in the Oracle Transportation Management component of Oracle Supply Chain Products Suite 6.4.1 allows remote authenticated users to potentially compromise the confidentiality and integrity of the system. This vulnerability can be exploited through vectors associated with the Install feature, raising significant security concerns for organizations reliant on this software for their supply chain management.

References

http://www.oracle.com/technetwork/security-advisory/cpuju...
x_refsource_CONFIRM
http://www.securityfocus.com/bid/91979
vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1036402
vdb-entryx_refsource_SECTRACK

CVSS V3.1

Score:
7.1
Severity:
HIGH
Confidentiality:
High
Integrity:
Low
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2016-3470 : Unspecified Vulnerability in Oracle Supply Chain Products Suite 6.4.1