Unspecified Vulnerability in Oracle Database Server and Retail Products
CVE-2016-3506

8.1HIGH

Key Information:

Vendor

Oracle
Status
Jdbc
Vendor
CVE Published:
21 July 2016

What is CVE-2016-3506?

This unspecified vulnerability within the JDBC component of Oracle Database Server and various Oracle Retail products allows remote attackers to manipulate the systems, potentially compromising the confidentiality, integrity, and availability of data. Impacted products include multiple versions of Oracle Database Server, Retail Xstore Point of Service, Warehouse Management, and other key retail solutions. System administrators should ensure their environments are up-to-date with the latest security patches to mitigate any risks associated with this vulnerability.

References

http://www.oracle.com/technetwork/security-advisory/cpuju...
x_refsource_CONFIRM
http://www.oracle.com/technetwork/security-advisory/cpuap...
x_refsource_CONFIRM
http://www.oracle.com/technetwork/security-advisory/cpuju...
x_refsource_CONFIRM

CVSS V3.1

Score:
8.1
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.