Vulnerability Name: CVE-2016-5578 (CCN-117984) Assigned: 2016-10-18 Published: 2016-10-18 Updated: 2017-07-29 Summary: Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.4.0 and 8.5.1 through 8.5.3 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Outside In Filters, a different vulnerability than CVE-2016-5558 , CVE-2016-5574 , CVE-2016-5577 , CVE-2016-5579 , and CVE-2016-5588 . CVSS v3 Severity: 8.6 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L 7.5 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L/E:U/RL:O/RC:C Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): HighIntegrity (I): LowAvailibility (A): Low
8.6 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L 7.5 High (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L/E:U/RL:O/RC:C Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): HighIntegrity (I): LowAvailibility (A): Low
CVSS v2 Severity: 7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAuthentication (Au): NoneImpact Metrics: Confidentiality (C): PartialIntegrity (I): PartialAvailibility (A): Partial
9.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:P/A:P Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAthentication (Au): NoneImpact Metrics: Confidentiality (C): CompleteIntegrity (I): PartialAvailibility (A): Partial
Vulnerability Type: CWE-284 Vulnerability Consequences: Gain Access References: Source: MITRECVE-2016-5578 Vulnerabilities in Oracle Outside In Technology affect IBM WebSphere Portal (October 2016 CPU) Multiple Vulnerabilities in Oracle Outside In Technology affect IBM Rational DOORS Next Generation (CVE-2016-5558, CVE-2016-5574, etc) Oracle Critical Patch Update Advisory - October 2016 http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html 93714 Oracle Fusion Middleware CVE-2016-5578 Remote Security Vulnerability 1037051 oracle-cpuoct2016-cve20165578(117984) Open Source Oracle Outside In Technology Vulnerabilities in IBM Content Collector for Email Vulnerable Configuration: Configuration 1 :cpe:/a:oracle:outside_in_technology:8.4.0:*:*:*:*:*:*:* OR cpe:/a:oracle:outside_in_technology:8.5.1:*:*:*:*:*:*:* OR cpe:/a:oracle:outside_in_technology:8.5.2:*:*:*:*:*:*:* OR cpe:/a:oracle:outside_in_technology:8.5.3:*:*:*:*:*:*:* Configuration CCN 1 :cpe:/a:oracle:outside_in_technology:8.4.0:*:*:*:*:*:*:* OR cpe:/a:oracle:outside_in_technology:8.5.1:*:*:*:*:*:*:* OR cpe:/a:oracle:outside_in_technology:8.5.2:*:*:*:*:*:*:* OR cpe:/a:oracle:outside_in_technology:8.5.3:*:*:*:*:*:*:* AND cpe:/a:ibm:websphere_portal:7.0:*:*:*:*:*:*:* OR cpe:/a:ibm:websphere_portal:8.0:*:*:*:*:*:*:* OR cpe:/a:ibm:content_collector:3.0.0.0:*:*:*:*:*:*:* OR cpe:/a:ibm:websphere_portal:8.5:*:*:*:*:*:*:* OR cpe:/a:ibm:websphere_portal:6.1:*:*:*:*:*:*:* OR cpe:/a:ibm:rational_doors_next_generation:6.0.2:*:*:*:*:*:*:* BACK
oracle outside in technology 8.4.0
oracle outside in technology 8.5.1
oracle outside in technology 8.5.2
oracle outside in technology 8.5.3
oracle outside in technology 8.4.0
oracle outside in technology 8.5.1
oracle outside in technology 8.5.2
oracle outside in technology 8.5.3
ibm websphere portal 7.0
ibm websphere portal 8.0
ibm content collector 3.0.0.0
ibm websphere portal 8.5
ibm websphere portal 6.1
ibm rational doors next generation 6.0.2
Denotes that component is vulnerable