Database Security Vulnerability in Oracle Database Server
CVE-2016-3562

2.4LOW

Key Information:

Vendor

Oracle
Status
Database Server
Vendor
CVE Published:
25 October 2016

What is CVE-2016-3562?

An unspecified vulnerability exists within the RDBMS Security and SQL*Plus components of Oracle Database Server. This flaw may allow remote administrators to compromise the confidentiality of sensitive information by utilizing specific vectors related to database administration activities. Organizations using affected versions should review their security measures and apply necessary patches as outlined in Oracle's security advisory.

References

http://www.oracle.com/technetwork/security-advisory/cpuoc...
x_refsource_CONFIRM
http://www.securitytracker.com/id/1037035
vdb-entryx_refsource_SECTRACK
http://www.securityfocus.com/bid/93640
vdb-entryx_refsource_BID

CVSS V3.1

Score:
2.4
Severity:
LOW
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2016-3562 : Database Security Vulnerability in Oracle Database Server