CVE-2016-5570
Low
Low
Medium
High
Critical
CVSS Score
Vulnerability Description
Unspecified vulnerability in the Oracle Applications DBA component in Oracle E-Business Suite 12.2.3 through 12.2.6 allows remote administrators to affect confidentiality and integrity via vectors related to AD Utilities.
Known Affected Software
4 configuration(s) from 1 vendor(s)
applications_dba
Version:
12.2.6
CPE:
cpe:2.3:a:oracle:applications_dba:12.2.6:*:*:*:*:*:*:*
applications_dba
Version:
12.2.4
CPE:
cpe:2.3:a:oracle:applications_dba:12.2.4:*:*:*:*:*:*:*
applications_dba
Version:
12.2.5
CPE:
cpe:2.3:a:oracle:applications_dba:12.2.5:*:*:*:*:*:*:*
applications_dba
Version:
12.2.3
CPE:
cpe:2.3:a:oracle:applications_dba:12.2.3:*:*:*:*:*:*:*
This vulnerability affects 4 software configuration(s). Ensure you patch all affected systems.
References & Resources
-
http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.htmlsecalert_us@oracle.com Patch Vendor Advisory
-
http://www.securityfocus.com/bid/93750secalert_us@oracle.com
-
http://www.securitytracker.com/id/1037038secalert_us@oracle.com
-
http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.htmlaf854a3a-2127-422b-91ae-364da2661108 Patch Vendor Advisory
-
http://www.securityfocus.com/bid/93750af854a3a-2127-422b-91ae-364da2661108
-
http://www.securitytracker.com/id/1037038af854a3a-2127-422b-91ae-364da2661108
Severity Details
out of 10.0
Low
Weakness Type (CWE)
CWE-284
Improper Access Control
- Description
- The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
- Typical Severity
- Medium
- Abstraction Level
- Pillar
Key Information
- Published Date
- October 25, 2016
