CVE-2016-0545
published 2016-01-21CVE-2016-0545: Unspecified vulnerability in the Oracle Customer Intelligence component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and…
PriorityP275medium6.4CVSS 2.0
AVNACLAuNCPIPAN
ITWVulnCheck KEV
Exploited in the wild
EPSS
2.27%
80.9th percentile
Unspecified vulnerability in the Oracle Customer Intelligence component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2016-0551, CVE-2016-0552, CVE-2016-0559, and CVE-2016-0560.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| oracle | customer_intelligence | — | — |
| oracle | customer_intelligence | — | — |
| oracle | customer_intelligence | — | — |
| oracle | customer_intelligence | — | — |
| oracle | customer_intelligence | — | — |
| oracle | customer_intelligence | — | — |
| oracle | customer_intelligence | — | — |
CVSS provenance
nvdv2.06.4MEDIUMAV:N/AC:L/Au:N/C:P/I:P/A:N
vulncheck6.4MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-4jv8-73hw-8vp8: Unspecified vulnerability in the Oracle Customer Intelligence component in Oracle E-Business Suite 11
ghsa_unreviewed·2022-05-17·CVSS 6.4
CVE-2016-0559 [MEDIUM] GHSA-4jv8-73hw-8vp8: Unspecified vulnerability in the Oracle Customer Intelligence component in Oracle E-Business Suite 11
Unspecified vulnerability in the Oracle Customer Intelligence component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2016-0545, CVE-2016-0551, CVE-2016-0552, and CVE-2016-0560.
GHSA
GHSA-q49m-pc22-jm75: Unspecified vulnerability in the Oracle Customer Intelligence component in Oracle E-Business Suite 11
ghsa_unreviewed·2022-05-17·CVSS 6.4
CVE-2016-0552 [MEDIUM] GHSA-q49m-pc22-jm75: Unspecified vulnerability in the Oracle Customer Intelligence component in Oracle E-Business Suite 11
Unspecified vulnerability in the Oracle Customer Intelligence component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2016-0545, CVE-2016-0551, CVE-2016-0559, and CVE-2016-0560.
GHSA
GHSA-jj82-8c45-47g9: Unspecified vulnerability in the Oracle Customer Intelligence component in Oracle E-Business Suite 11
ghsa_unreviewed·2022-05-17·CVSS 6.4
CVE-2016-0545 [MEDIUM] GHSA-jj82-8c45-47g9: Unspecified vulnerability in the Oracle Customer Intelligence component in Oracle E-Business Suite 11
Unspecified vulnerability in the Oracle Customer Intelligence component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2016-0551, CVE-2016-0552, CVE-2016-0559, and CVE-2016-0560.
GHSA
GHSA-h2qv-q3rw-qpj2: Unspecified vulnerability in the Oracle Customer Intelligence component in Oracle E-Business Suite 11
ghsa_unreviewed·2022-05-17·CVSS 6.4
CVE-2016-0551 [MEDIUM] GHSA-h2qv-q3rw-qpj2: Unspecified vulnerability in the Oracle Customer Intelligence component in Oracle E-Business Suite 11
Unspecified vulnerability in the Oracle Customer Intelligence component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2016-0545, CVE-2016-0552, CVE-2016-0559, and CVE-2016-0560.
GHSA
GHSA-2c5f-4533-6cw9: Unspecified vulnerability in the Oracle Customer Intelligence component in Oracle E-Business Suite 11
ghsa_unreviewed·2022-05-17·CVSS 6.4
CVE-2016-0560 [MEDIUM] GHSA-2c5f-4533-6cw9: Unspecified vulnerability in the Oracle Customer Intelligence component in Oracle E-Business Suite 11
Unspecified vulnerability in the Oracle Customer Intelligence component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2016-0545, CVE-2016-0551, CVE-2016-0552, and CVE-2016-0559.
VulnCheck
Oracle E-Business Suite Customer Intelligence Remote Security Bypass
vulncheck·2016·CVSS 6.4
CVE-2016-0545 [MEDIUM] Oracle E-Business Suite Customer Intelligence Remote Security Bypass
Oracle E-Business Suite Customer Intelligence Remote Security Bypass
Unspecified vulnerability in the Oracle Customer Intelligence component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2016-0551, CVE-2016-0552, CVE-2016-0559, and CVE-2016-0560.
Affected: Oracle customer_intelligence
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://www.crowdstrike.com/blog/prophet-spider-exploits-oracle-weblogic-to-facilitate-ransomware-activity/; https://www.secureworks.com/research/gold-melody-profile-
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2016-01-21
Published
Exploited in the wild