CVE-2016-3562 — Sensitive Information Exposure in Oracle Database Server

CWE-200 — Sensitive Information Exposure3 documents3 sources

Severity

2.4LOWNVD

EPSS

0.2%

top 52.08%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Oracle Database Server

Timeline

PublishedOct 25

Latest updateMay 17

Description

Unspecified vulnerability in the RDBMS Security and SQL*Plus components in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows remote administrators to affect confidentiality via vectors related to DBA.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:NExploitability: 0.9 | Impact: 1.4

Affected Packages1 packages

▶NVDoracle/database_server11.2.0.4, 12.1.0.2+1

Patches

Patch: www.oracle.com ↗Patch: www.oracle.com ↗

🔴Vulnerability Details

GHSA

GHSA-fcq2-rfq6-qq7c: Unspecified vulnerability in the RDBMS Security and SQL*Plus components in Oracle Database Server 11↗2022-05-17

▶

CVEList

CVE-2016-3562: Unspecified vulnerability in the RDBMS Security and SQL*Plus components in Oracle Database Server 11↗2016-10-25

▶