Vulnerability in Oracle E-business_suite

CVE-2016-3524

Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality and integrity via vectors related to Configurat…

EPSS: 0.002 (37.0th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.4 (Medium). Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N.

Affected products

References

  • secalert_us@oracle.com (x_refsource_CONFIRM, Patch, Vendor Advisory)
  • 91787 (Third Party Advisory, vdb-entry, x_refsource_BID, Vendor Advisory)
  • 91870 (vdb-entry, x_refsource_BID)
  • 1036403 (vdb-entry, x_refsource_SECTRACK)

Frequently asked questions

What is CVE-2016-3524?
CVE-2016-3524 is a medium-severity vulnerability in Oracle E-business_suite. CVSS score: 5.4/10. Published 2016-07-21.
How severe is CVE-2016-3524?
Medium severity. CVSS v3 base score is 5.4 out of 10.