Lucene search

[email protected]CVE-2016-5589

HistoryOct 25, 2016 - 2:31 p.m.

CVE-2016-5589

2016-10-2514:31:00

CWE-284

[email protected]

web.nvd.nist.gov

cve-2016-5589

oracle

crm

technical foundation

e-business suite

vulnerability

nvd

confidentiality

integrity

remote attackers

8.2 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N

8.1 High

AI Score

Confidence

High

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.004 Low

EPSS

Percentile

72.1%

JSON

Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suite 12.1.1 through 12.1.3 and 12.2.3 through 12.2.6 allows remote attackers to affect confidentiality and integrity via unknown vectors.

CPENameOperatorVersion
oracle:customer_relationship_management_technical_foundationoracle customer relationship management technical foundationeq12.1.3
oracle:customer_relationship_management_technical_foundationoracle customer relationship management technical foundationeq12.1.2
oracle:customer_relationship_management_technical_foundationoracle customer relationship management technical foundationeq12.1.1
oracle:customer_relationship_management_technical_foundationoracle customer relationship management technical foundationeq12.2.3
oracle:customer_relationship_management_technical_foundationoracle customer relationship management technical foundationeq12.2.5
oracle:customer_relationship_management_technical_foundationoracle customer relationship management technical foundationeq12.2.6
oracle:customer_relationship_management_technical_foundationoracle customer relationship management technical foundationeq12.2.4

CPE	Name	Operator	Version
oracle:customer_relationship_management_technical_foundation	oracle customer relationship management technical foundation	eq	12.1.3
oracle:customer_relationship_management_technical_foundation	oracle customer relationship management technical foundation	eq	12.1.2
oracle:customer_relationship_management_technical_foundation	oracle customer relationship management technical foundation	eq	12.1.1
oracle:customer_relationship_management_technical_foundation	oracle customer relationship management technical foundation	eq	12.2.3
oracle:customer_relationship_management_technical_foundation	oracle customer relationship management technical foundation	eq	12.2.5
oracle:customer_relationship_management_technical_foundation	oracle customer relationship management technical foundation	eq	12.2.6
oracle:customer_relationship_management_technical_foundation	oracle customer relationship management technical foundation	eq	12.2.4

References

www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html

www.securityfocus.com/bid/93694

www.securitytracker.com/id/1037038

8.2 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N

8.1 High

AI Score

Confidence

High

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.004 Low

EPSS

Percentile

72.1%

JSON

Related for CVE-2016-5589

prion1 cvelist1 nessus1 oracle1