What is CVE-2016-5504?

CVE-2016-5504 is a medium-severity vulnerability in Oracle Agile_product_lifecycle_management_for_process, classified under Information Disclosure. CVSS score: 4.1/10. Published 2016-10-25.

How severe is CVE-2016-5504?

Medium severity. CVSS v3 base score is 4.1 out of 10.

Information disclosure in Oracle Agile_product_lifecycle_management_for_process

CVE-2016-5504

Unspecified vulnerability in the Oracle Agile Product Lifecycle Management for Process component in Oracle Supply Chain Products Suite 6.1.0.4, 6.1.1.6, and 6.2.0.0 allows local users to affect confidentiality via vectors related to Suppli…

Vulnerability class: Information Disclosure

EPSS: 0.003 (22.9th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 4.1 (Medium). Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N.

Affected products

Oracle Agile_product_lifecycle_management_for_process — versions 6.1.0.4, 6.1.1.6, 6.2.0.0
N/a — versions n/a

Weakness classification (CWE)

CWE-200 — Information Disclosure

References

secalert_us@oracle.com (x_refsource_CONFIRM, Patch, Vendor Advisory)
secalert_us@oracle.com (VDB Entry, Third Party Advisory, vdb-entry, Broken Link, x_refsource_BID)

Frequently asked questions

What is CVE-2016-5504?: CVE-2016-5504 is a medium-severity vulnerability in Oracle Agile_product_lifecycle_management_for_process, classified under Information Disclosure. CVSS score: 4.1/10. Published 2016-10-25.
How severe is CVE-2016-5504?: Medium severity. CVSS v3 base score is 4.1 out of 10.