CVE-2016-0456Oracle E-business Suite vulnerability

3 documents3 sources
Severity
5.0MEDIUMNVD
EPSS
0.4%
top 38.90%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Oracle E-business Suite
Timeline
PublishedJan 21
Latest updateMay 14

Description

Unspecified vulnerability in the Application Mgmt Pack for E-Business Suite component in Oracle E-Business Suite 12.1 and 12.2 allows remote attackers to affect confidentiality via vectors related to REST Framework, a different vulnerability than CVE-2016-0457. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that this issue is an XML External Entity (XXE) vulnerability, which allows remote attackers to read arbitrary files, cause a deni

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDoracle/e-business_suite12.1, 12.2+1

🔴Vulnerability Details

2
GHSA
GHSA-q365-px98-c77c: Unspecified vulnerability in the Application Mgmt Pack for E-Business Suite component in Oracle E-Business Suite 122022-05-14
CVEList
CVE-2016-0456: Unspecified vulnerability in the Application Mgmt Pack for E-Business Suite component in Oracle E-Business Suite 122016-01-21
CVE-2016-0456 — Oracle E-business Suite vulnerability | cvebase