Vulnerability in Oracle Supply Chain Products Suite Affects Transportation Management
CVE-2016-3490

3LOW

Key Information:

Vendor

Oracle
Status
Transportation Management
Vendor
CVE Published:
21 July 2016

What is CVE-2016-3490?

An unspecified vulnerability exists within the Oracle Transportation Management component of the Oracle Supply Chain Products Suite. This weakness allows remote authenticated users to potentially compromise the confidentiality of sensitive data via certain vectors related to the Database. Oracle has made users aware of the issue and recommends ensuring that the latest security updates and patches are applied to mitigate potential risks.

References

http://www.oracle.com/technetwork/security-advisory/cpuju...
x_refsource_CONFIRM
http://www.securityfocus.com/bid/92024
vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1036402
vdb-entryx_refsource_SECTRACK

CVSS V3.1

Score:
3
Severity:
LOW
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.