Unspecified Vulnerability in Oracle Agile PLM Affects Supply Chain Products
CVE-2016-3537

6.5MEDIUM

Key Information:

Vendor

Oracle
Status
Agile Product Lifecycle Management Framework
Vendor
CVE Published:
21 July 2016

What is CVE-2016-3537?

An unspecified vulnerability exists in the Oracle Agile PLM component within the Oracle Supply Chain Products Suite versions 9.3.4 and 9.3.5. This issue allows remote authenticated users to potentially compromise file confidentiality through various vectors linked to file folders and attachments. It is important to address this vulnerability to protect sensitive information and maintain secure operations within the supply chain management processes.

References

http://www.securityfocus.com/bid/91984
vdb-entryx_refsource_BID
http://www.oracle.com/technetwork/security-advisory/cpuju...
x_refsource_CONFIRM
http://www.securitytracker.com/id/1036402
vdb-entryx_refsource_SECTRACK

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.