Remote Authentication Flaw in Oracle E-Business Suite Affects Confidentiality
CVE-2016-5596

4.3MEDIUM

Key Information:

Vendor
Oracle
Status
Customer Relationship Management Technical Foundation
Vendor
CVE Published:
25 October 2016

Summary

An unspecified vulnerability exists in the Oracle CRM Technical Foundation component of Oracle E-Business Suite, versions 12.1.1 through 12.1.3 and 12.2.3 through 12.2.6. This vulnerability allows remote authenticated users to impact the confidentiality of the system through unknown vectors, potentially exposing sensitive information and compromising data integrity.

References

http://www.securityfocus.com/bid/93762
vdb-entryx_refsource_BID
http://www.oracle.com/technetwork/security-advisory/cpuoc...
x_refsource_CONFIRM
http://www.securitytracker.com/id/1037038
vdb-entryx_refsource_SECTRACK

CVSS V3.1

Score:
4.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.