Unspecified Vulnerability in Oracle E-Business Suite Affected Remote Administration
CVE-2016-3520

4.9MEDIUM

Key Information:

Vendor

Oracle
Status
E-business Suite
Vendor
CVE Published:
21 July 2016

What is CVE-2016-3520?

An unspecified vulnerability in the Oracle Application Object Library component of the Oracle E-Business Suite allows remote administrators to potentially compromise confidentiality by exploiting related vectors during AOL Diagnostic tests. This flaw emphasizes the importance of securing administrative functionalities in enterprise software environments.

References

http://www.oracle.com/technetwork/security-advisory/cpuju...
x_refsource_CONFIRM
http://www.securityfocus.com/bid/91896
vdb-entryx_refsource_BID
http://www.securityfocus.com/bid/91787
vdb-entryx_refsource_BID

CVSS V3.1

Score:
4.9
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.