Local Confidentiality Vulnerability in Oracle Database Server
CVE-2016-5499

3.3LOW

Key Information:

Vendor

Oracle
Status
Database Server
Vendor
CVE Published:
25 October 2016

What is CVE-2016-5499?

An unspecified vulnerability exists in the RDBMS Security component of Oracle Database Server versions 11.2.0.4 and 12.1.0.2. This flaw allows local users to potentially compromise the confidentiality of data through unknown vectors, impacting the overall security posture of the affected systems. Users are encouraged to review their security measures and apply necessary updates to mitigate potential risks.

References

http://www.oracle.com/technetwork/security-advisory/cpuoc...
x_refsource_CONFIRM
http://www.securityfocus.com/bid/93629
vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1037035
vdb-entryx_refsource_SECTRACK

CVSS V3.1

Score:
3.3
Severity:
LOW
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.