Unspecified Vulnerability in Oracle E-Business Suite Affects Confidentiality and Integrity
CVE-2016-5589

8.2HIGH

Key Information:

Vendor
Oracle
Status
Customer Relationship Management Technical Foundation
Vendor
CVE Published:
25 October 2016

Summary

An unspecified vulnerability exists within the Oracle CRM Technical Foundation component of Oracle E-Business Suite, impacting versions 12.1.1 to 12.2.6. This issue allows remote attackers to compromise the confidentiality and integrity of the system through unknown vectors. Organizations using the affected versions should review their security measures and consider applying any relevant updates as detailed in Oracle's security advisory.

References

http://www.oracle.com/technetwork/security-advisory/cpuoc...
x_refsource_CONFIRM
http://www.securitytracker.com/id/1037038
vdb-entryx_refsource_SECTRACK
http://www.securityfocus.com/bid/93694
vdb-entryx_refsource_BID

CVSS V3.1

Score:
8.2
Severity:
HIGH
Confidentiality:
Low
Integrity:
High
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.