What is CVE-2016-5482?

CVE-2016-5482 is a high-severity vulnerability in Oracle Commerce_guided_search, classified under Improper Access Control. CVSS score: 8.2/10. Published 2016-10-25.

How severe is CVE-2016-5482?

High severity. CVSS v3 base score is 8.2 out of 10.

Vulnerability in Oracle Commerce_guided_search

CVE-2016-5482

Unspecified vulnerability in the Oracle Commerce Guided Search component in Oracle Commerce 6.2.2, 6.3.0, 6.4.1.2, and 6.5.0 through 6.5.2 allows remote attackers to affect confidentiality and integrity via unknown vectors.

EPSS: 0.014 (69.4th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.2 (High). Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N.

Affected products

Oracle Commerce_guided_search — versions 6.2.2, 6.3.0, 6.4.1.2
N/a — versions n/a

Weakness classification (CWE)

CWE-284 — Improper Access Control

References

secalert_us@oracle.com (x_refsource_CONFIRM, Patch, Vendor Advisory)
secalert_us@oracle.com (vdb-entry, x_refsource_BID)

Frequently asked questions

What is CVE-2016-5482?: CVE-2016-5482 is a high-severity vulnerability in Oracle Commerce_guided_search, classified under Improper Access Control. CVSS score: 8.2/10. Published 2016-10-25.
How severe is CVE-2016-5482?: High severity. CVSS v3 base score is 8.2 out of 10.