CVE-2016-5456

5 documents5 sources

Severity

5.3MEDIUM

EPSS

0.3%

top 50.01%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Oracle Siebel Core-server Framework

Timeline

PublishedJul 21

Latest updateMay 17

Description

Unspecified vulnerability in the Siebel Core - Server Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows remote authenticated users to affect confidentiality via vectors related to Services.

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 1.6 | Impact: 3.6

Affected Packages1 packages

▶NVDoracle/siebel_core-server_framework5 versions+4

Patches

Patch: www.oracle.com ↗Patch: www.oracle.com ↗

🔴Vulnerability Details

GHSA

GHSA-x6q9-rj9h-c62x: Unspecified vulnerability in the Siebel Core - Server Framework component in Oracle Siebel CRM 8↗2022-05-17

▶

CVEList

CVE-2016-5456: Unspecified vulnerability in the Siebel Core - Server Framework component in Oracle Siebel CRM 8↗2016-07-21

▶

📋Vendor Advisories

Red Hat

JDK: insecure deserialization in CORBA, incorrect CVE-2013-5456 fix↗2016-04-14

▶