Local User Vulnerability in Oracle Database Server 11.2.0.4 and 12.1.0.2
CVE-2016-5498

3.3LOW

Key Information:

Vendor
Oracle
Status
Database Server
Vendor
CVE Published:
25 October 2016

Summary

An unspecified vulnerability exists within the RDBMS Security component of Oracle Database Server, affecting versions 11.2.0.4 and 12.1.0.2. This flaw enables local users to potentially compromise the confidentiality of data through unknown vectors, distinct from similar vulnerabilities. Users of affected versions are advised to implement security measures as outlined in Oracle’s security advisory.

References

http://www.oracle.com/technetwork/security-advisory/cpuoc...
x_refsource_CONFIRM
http://www.securitytracker.com/id/1037035
vdb-entryx_refsource_SECTRACK
http://www.securityfocus.com/bid/93620
vdb-entryx_refsource_BID

CVSS V3.1

Score:
3.3
Severity:
LOW
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.