Skip to main content

Knowledge CVE-2016-3475

MEDIUM
2016-07-21 secalert_us@oracle.com
4.3
CVSS 3.0 · NVD
Share

Severity by source

NVD PRIMARY
4.3 MEDIUM
AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
None

Lifecycle Timeline

1
CVE Published
Jul 21, 2016 - 10:12 cve.org
MEDIUM 4.3

DescriptionCVE.org

Unspecified vulnerability in the Oracle Knowledge component in Oracle Siebel CRM 8.5.x allows remote authenticated users to affect confidentiality via vectors related to Information Manager Console.

AnalysisAI

Unspecified vulnerability in the Oracle Knowledge component in Oracle Siebel CRM 8.5.x allows remote authenticated users to affect confidentiality via vectors related to Information Manager Console. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Technical ContextAI

Unspecified vulnerability in the Oracle Knowledge component in Oracle Siebel CRM 8.5.x allows remote authenticated users to affect confidentiality via vectors related to Information Manager Console. Affected products include: Oracle Knowledge.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2019-0227 HIGH POC
7.5 May 01

A Server Side Request Forgery (SSRF) vulnerability affected the Apache Axis 1.4 distribution that was last released in 2

CVE-2019-11358 MEDIUM POC
6.1 Apr 20

jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) becaus

CVE-2020-2931 CRITICAL
9.8 Apr 15

Vulnerability in the Oracle Knowledge product of Oracle Knowledge (component: Web Applications - InfoCenter). Rated crit

CVE-2020-2791 CRITICAL
9.8 Apr 15

Vulnerability in the Oracle Knowledge product of Oracle Knowledge (component: Information Manager Console). Rated critic

CVE-2017-2097 HIGH
8.8 Apr 28

Cross-site request forgery (CSRF) vulnerability in Knowledge versions prior to v1.7.0 allows remote attackers to hijack

CVE-2016-3476 MEDIUM
6.5 Jul 21

Unspecified vulnerability in the Oracle Knowledge component in Oracle Siebel CRM 8.5.x allows remote attackers to affect

CVE-2020-2795 MEDIUM
6.3 Apr 15

Vulnerability in the Oracle Knowledge product of Oracle Knowledge (component: Information Manager Console). Rated medium

CVE-2018-8032 MEDIUM
6.1 Aug 02

Apache Axis 1.x up to and including 1.4 is vulnerable to a cross-site scripting (XSS) attack in the default servlet/serv

CVE-2020-2932 MEDIUM
5.9 Apr 15

Vulnerability in the Oracle Knowledge product of Oracle Knowledge (component: Information Manager Console). Rated medium

CVE-2020-2524 MEDIUM
5.9 Apr 15

Vulnerability in the Oracle Knowledge product of Oracle Knowledge (component: InQuira Search). Rated medium severity (CV

CVE-2020-2553 MEDIUM
4.8 Apr 15

Vulnerability in the Oracle Knowledge product of Oracle Knowledge (component: Information Manager Console). Rated medium

CVE-2020-2522 MEDIUM
4.3 Apr 15

Vulnerability in the Oracle Knowledge product of Oracle Knowledge (component: Information Manager Console). Rated medium

Share

CVE-2016-3475 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy