Vulnerability in Oracle Data Integrator Component of Oracle Fusion Middleware
CVE-2016-5602

5.7MEDIUM

Key Information:

Vendor
Oracle
Status
Data Integrator
Vendor
CVE Published:
25 October 2016

Summary

An unspecified vulnerability exists in the Oracle Data Integrator component within Oracle Fusion Middleware. This flaw allows remote authenticated users to potentially compromise confidentiality through exploitation of the Code Generation Engine. It affects multiple versions, highlighting the importance of securing data management processes in Oracle's middleware solutions.

References

http://www.securityfocus.com/bid/93741
vdb-entryx_refsource_BID
http://www.oracle.com/technetwork/security-advisory/cpuoc...
x_refsource_CONFIRM
http://www.securitytracker.com/id/1037051
vdb-entryx_refsource_SECTRACK

CVSS V3.1

Score:
5.7
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.