CVE-2016-3516

Опубликовано: 21 июл. 2016

Источник: nvd

CVSS3: 3.1

CVSS2: 4

EPSS Низкий

Описание

Unspecified vulnerability in the Oracle Enterprise Communications Broker component in Oracle Communications Applications before PCz 2.0.0m4p1 allows remote authenticated users to affect confidentiality via vectors related to GUI, a different vulnerability than CVE-2016-3514.

Ссылки

http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
Patch
Vendor Advisory
http://www.securityfocus.com/bid/91787
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/91858
http://www.securitytracker.com/id/1036401
http://www.synacktiv.com/ressources/oracle_sbc_verb_tampering.pdf
Third Party Advisory
http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
Patch
Vendor Advisory
http://www.securityfocus.com/bid/91787
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/91858
http://www.securitytracker.com/id/1036401
http://www.synacktiv.com/ressources/oracle_sbc_verb_tampering.pdf
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:oracle:enterprise_communications_broker:*:*:*:*:*:*:*:*

Версия до 2.0.041 (включая)

EPSS

Процентиль: 42%

0.00198

Низкий

3.1 Low

CVSS3

4 Medium

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-h6wp-7ghp-j99x