Unspecified vulnerability in Oracle Agile PLM component of Oracle Supply Chain Products
CVE-2016-3509

5.4MEDIUM

Key Information:

Vendor

Oracle
Status
Agile Product Lifecycle Management Framework
Vendor
CVE Published:
21 July 2016

What is CVE-2016-3509?

A vulnerability exists in the Oracle Agile PLM component of the Oracle Supply Chain Products Suite versions 9.3.4 and 9.3.5. This issue allows remote authenticated users to potentially compromise the confidentiality and integrity of the system through specific vector attacks involving File Folders and URL Attachments. The implications of this vulnerability can lead to unauthorized access and manipulation of critical data within the Oracle Supply Chain ecosystem.

References

http://www.securityfocus.com/bid/92005
vdb-entryx_refsource_BID
http://www.oracle.com/technetwork/security-advisory/cpuju...
x_refsource_CONFIRM
http://www.securitytracker.com/id/1036402
vdb-entryx_refsource_SECTRACK

CVSS V3.1

Score:
5.4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.