Unspecified Vulnerability in Oracle Agile PLM of Oracle Supply Chain Products
CVE-2016-5526

7.3HIGH

Key Information:

Vendor: Oracle
Status: Agile Product Lifecycle Management Framework
Vendor: CVE Published:; 25 October 2016

What is CVE-2016-5526?

An unspecified vulnerability exists within the Oracle Agile PLM component of the Oracle Supply Chain Products Suite, affecting versions 9.3.4 and 9.3.5. This flaw allows remote attackers to potentially manipulate the confidentiality, integrity, and availability of the affected systems through avenues linked to Apache Tomcat. It is crucial for users of these products to remain vigilant and apply any necessary patches or mitigations provided by Oracle.

References

http://www.oracle.com/technetwork/security-advisory/cpuoc...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/93652

vdb-entryx_refsource_BID

CVSS V3.1

Score:

7.3

Severity:

HIGH

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 25, 2016
Vulnerability Reserved
Jun 16, 2016