Security Flaw in Oracle Agile PLM Affects Oracle Supply Chain Products
CVE-2016-5515

8.8HIGH

Key Information:

Vendor: Oracle
Status: Agile Product Lifecycle Management Framework
Vendor: CVE Published:; 25 October 2016

Summary

An unspecified security flaw exists in the Oracle Agile PLM component of Oracle's Supply Chain Products Suite. This vulnerability allows remote authenticated users to compromise the confidentiality, integrity, and availability of the system through specific attack vectors associated with RMIServlet. Proper security measures and timely patching are recommended to mitigate potential risks.

References

http://www.securityfocus.com/bid/93645

vdb-entryx_refsource_BID

http://www.oracle.com/technetwork/security-advisory/cpuoc...

x_refsource_CONFIRM

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 25, 2016
Vulnerability Reserved
Jun 16, 2016