CVE-2016-5497Improper Access Control in Oracle Database

CWE-284Improper Access Control3 documents3 sources
Severity
6.4MEDIUMNVD
EPSS
0.1%
top 84.57%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Oracle Database
Timeline
PublishedOct 25
Latest updateMay 17

Description

Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 12.1.0.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors.

CVSS vector

CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 0.5 | Impact: 5.9

Affected Packages1 packages

NVDoracle/database12.1.0.2

Patches

Patch: www.oracle.comPatch: www.oracle.com

🔴Vulnerability Details

2
GHSA
GHSA-ccc2-gr5g-xr73: Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 122022-05-17
CVEList
CVE-2016-5497: Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 122016-10-25
CVE-2016-5497 — Improper Access Control in Oracle | cvebase