CVE-2016-3523

4 documents4 sources

Severity

4.7MEDIUM

EPSS

0.4%

top 39.36%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Oracle WEB Applications Desktop Integrator

Timeline

PublishedJul 21

Latest updateMay 17

Description

Unspecified vulnerability in the Oracle Web Applications Desktop Integrator component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect integrity via vectors related to Application Service.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages1 packages

▶NVDoracle/web_applications_desktop_integrator4 versions+3

Patches

Patch: www.oracle.com ↗Patch: www.oracle.com ↗

🔴Vulnerability Details

GHSA

GHSA-4rj4-pwww-6m28: Unspecified vulnerability in the Oracle Web Applications Desktop Integrator component in Oracle E-Business Suite 12↗2022-05-17

▶

CVEList

CVE-2016-3523: Unspecified vulnerability in the Oracle Web Applications Desktop Integrator component in Oracle E-Business Suite 12↗2016-07-21

▶

💬Community

Bugzilla

CVE-2016-8639 foreman: Stored XSS via organization/location with HTML in name↗2016-11-09

▶