Remote Access Vulnerability in Oracle HTTP Server - Oracle Fusion Middleware
CVE-2016-3482

3.7LOW

Key Information:

Vendor
Oracle
Vendor
CVE Published:
21 July 2016

Summary

The Oracle HTTP Server component within Oracle Fusion Middleware versions 11.1.1.9 and 12.1.3.0 contains a vulnerability that allows remote attackers to potentially impact the confidentiality of affected systems. This vulnerability is associated with the SSL/TLS module, exposing sensitive information through improper handling of SSL/TLS connections. As a result, unauthorized entities may exploit this issue to gain access to confidential data.

References

CVSS V3.1

Score:
3.7
Severity:
LOW
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.