| Vulnerability Name: | CVE-2016-5621 (CCN-118058) | ||||||||||||
| Assigned: | 2016-10-18 | ||||||||||||
| Published: | 2016-10-18 | ||||||||||||
| Updated: | 2017-07-29 | ||||||||||||
| Summary: | Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.3.0, 11.4.0, 12.0.1 and 12.0.3, 12.1.0, and 12.2.0 allows remote authenticated users to affect confidentiality via vectors related to INFRA, a different vulnerability than CVE-2016-5603. | ||||||||||||
| CVSS v3 Severity: | 4.3 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N) 3.8 Low (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C)
3.8 Low (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C)
| ||||||||||||
| CVSS v2 Severity: | 4.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N)
| ||||||||||||
| Vulnerability Type: | CWE-200 CWE-284 | ||||||||||||
| Vulnerability Consequences: | Obtain Information | ||||||||||||
| References: | Source: MITRE Type: CNA CVE-2016-5621 Source: CCN Type: Oracle CPUOct2016 Oracle Critical Patch Update Advisory - October 2016 Source: CONFIRM Type: Patch, Vendor Advisory http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html Source: BID Type: UNKNOWN 93633 Source: SECTRACK Type: UNKNOWN 1037049 Source: XF Type: UNKNOWN oracle-cpuoct2016-cve20165621(118058) | ||||||||||||
| Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||||||
| BACK | |||||||||||||