Unspecified Vulnerability in Oracle Enterprise Communications Broker
CVE-2016-3515

7.5HIGH

Key Information:

Vendor
Oracle
Status
Enterprise Communications Broker
Vendor
CVE Published:
21 July 2016

Summary

The Oracle Enterprise Communications Broker component in Oracle Communications Applications prior to version PCz 2.0.0m4p1 contains an unspecified vulnerability that may allow remote attackers to compromise the confidentiality of sensitive information. This vulnerability is exploitable through unknown vectors, emphasizing the need for organizations to ensure that their systems are up-to-date with security patches and to implement robust security measures.

References

http://www.synacktiv.com/ressources/oracle_sbc_logfiles_l...
x_refsource_MISC
http://www.oracle.com/technetwork/security-advisory/cpuju...
x_refsource_CONFIRM
http://www.securitytracker.com/id/1036401
vdb-entryx_refsource_SECTRACK

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.