Database Security Vulnerability in Oracle Database Server
CVE-2016-3562

2.4LOW

Key Information:

Vendor
Oracle
Vendor
CVE Published:
25 October 2016

Summary

An unspecified vulnerability exists within the RDBMS Security and SQL*Plus components of Oracle Database Server. This flaw may allow remote administrators to compromise the confidentiality of sensitive information by utilizing specific vectors related to database administration activities. Organizations using affected versions should review their security measures and apply necessary patches as outlined in Oracle's security advisory.

References

CVSS V3.1

Score:
2.4
Severity:
LOW
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.