Information Disclosure Vulnerability in Oracle Siebel CRM by Oracle
CVE-2016-3475

4.3MEDIUM

Key Information:

Vendor

Oracle
Status
Knowledge
Vendor
CVE Published:
21 July 2016

What is CVE-2016-3475?

An unspecified vulnerability in the Oracle Knowledge component of Oracle Siebel CRM 8.5.x permits remote authenticated users to impact confidentiality. This issue arises from certain vectors associated with the Information Manager Console, potentially exposing sensitive information and increasing the risk of unauthorized data access. Organizations using this product should assess their security posture and implement necessary mitigations to safeguard against potential exploitation.

References

http://www.securitytracker.com/id/1036400
vdb-entryx_refsource_SECTRACK
http://www.oracle.com/technetwork/security-advisory/cpuju...
x_refsource_CONFIRM
http://www.securityfocus.com/bid/91787
vdb-entryx_refsource_BID

CVSS V3.1

Score:
4.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.