Remote Access Vulnerability in Oracle HTTP Server - Oracle Fusion Middleware
CVE-2016-3482
3.7LOW
Summary
The Oracle HTTP Server component within Oracle Fusion Middleware versions 11.1.1.9 and 12.1.3.0 contains a vulnerability that allows remote attackers to potentially impact the confidentiality of affected systems. This vulnerability is associated with the SSL/TLS module, exposing sensitive information through improper handling of SSL/TLS connections. As a result, unauthorized entities may exploit this issue to gain access to confidential data.
References
CVSS V3.1
Score:
3.7
Severity:
LOW
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved