Oracle Advanced Supply Chain Planning Vulnerability in Oracle Supply Chain Products Suite
CVE-2016-5599

9.1CRITICAL

Key Information:

Vendor: Oracle
Status: Advanced Supply Chain Planning
Vendor: CVE Published:; 25 October 2016

What is CVE-2016-5599?

A security vulnerability exists within the Oracle Advanced Supply Chain Planning component of Oracle Supply Chain Products Suite versions 12.2.3 to 12.2.5. This flaw could allow remote attackers to compromise the confidentiality and integrity of the affected systems through specific vectors associated with MscObieeSrvlt. Organizations using these versions should consider applying available patches and reviewing their security measures.

References

http://www.securityfocus.com/bid/93619

vdb-entryx_refsource_BID

http://www.oracle.com/technetwork/security-advisory/cpuoc...

x_refsource_CONFIRM

CVSS V3.1

Score:

9.1

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 25, 2016
Vulnerability Reserved
Jun 16, 2016