CVE-2016-5599

CWE-284 — Improper Access Control3 documents3 sources

Severity

9.1CRITICAL

EPSS

0.2%

top 53.94%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Oracle Advanced Supply Chain Planning

Timeline

PublishedOct 25

Latest updateMay 17

Description

Unspecified vulnerability in the Oracle Advanced Supply Chain Planning component in Oracle Supply Chain Products Suite 12.2.3 through 12.2.5 allows remote attackers to affect confidentiality and integrity via vectors related to MscObieeSrvlt.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:NExploitability: 3.9 | Impact: 5.2

Affected Packages1 packages

▶NVDoracle/advanced_supply_chain_planning12.2.3, 12.2.4, 12.2.5+2

Patches

Patch: www.oracle.com ↗Patch: www.oracle.com ↗

🔴Vulnerability Details

GHSA

GHSA-487v-49wh-p479: Unspecified vulnerability in the Oracle Advanced Supply Chain Planning component in Oracle Supply Chain Products Suite 12↗2022-05-17

▶

CVEList

CVE-2016-5599: Unspecified vulnerability in the Oracle Advanced Supply Chain Planning component in Oracle Supply Chain Products Suite 12↗2016-10-25

▶