Skip to main content

Customer Interaction History CVE-2016-5592

HIGH
Improper Access Control (CWE-284)
2016-10-25 secalert_us@oracle.com
8.2
CVSS 3.0 · NVD
Share

Severity by source

NVD PRIMARY
8.2 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
High
Availability
None

Lifecycle Timeline

1
CVE Published
Oct 25, 2016 - 14:31 cve.org
HIGH 8.2

DescriptionCVE.org

Unspecified vulnerability in the Oracle Customer Interaction History component in Oracle E-Business Suite 12.1.1 through 12.1.3, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2016-5595.

AnalysisAI

Unspecified vulnerability in the Oracle Customer Interaction History component in Oracle E-Business Suite 12.1.1 through 12.1.3, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Technical ContextAI

This vulnerability is classified under CWE-284. Unspecified vulnerability in the Oracle Customer Interaction History component in Oracle E-Business Suite 12.1.1 through 12.1.3, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2016-5595. Affected products include: Oracle Customer Interaction History. Version information: through 12.1.3.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2017-3442 HIGH
8.2 Jan 27

Vulnerability in the Oracle Customer Interaction History component of Oracle E-Business Suite (subcomponent: User Interf

CVE-2017-3441 HIGH
8.2 Jan 27

Vulnerability in the Oracle Customer Interaction History component of Oracle E-Business Suite (subcomponent: User Interf

CVE-2017-3440 HIGH
8.2 Jan 27

Vulnerability in the Oracle Customer Interaction History component of Oracle E-Business Suite (subcomponent: User Interf

CVE-2016-3512 HIGH
8.2 Jul 21

Unspecified vulnerability in the Oracle Customer Interaction History component in Oracle E-Business Suite 12.1.1, 12.1.2

CVE-2016-5595 HIGH
8.2 Oct 25

Unspecified vulnerability in the Oracle Customer Interaction History component in Oracle E-Business Suite 12.1.1 through

CVE-2016-5593 HIGH
8.2 Oct 25

Unspecified vulnerability in the Oracle Customer Interaction History component in Oracle E-Business Suite 12.1.1 through

CVE-2016-5591 HIGH
8.2 Oct 25

Unspecified vulnerability in the Oracle Customer Interaction History component in Oracle E-Business Suite 12.1.1 through

CVE-2016-5587 HIGH
8.2 Oct 25

Unspecified vulnerability in the Oracle Customer Interaction History component in Oracle E-Business Suite 12.1.1 through

CVE-2021-2107 HIGH
8.2 Jan 20

Vulnerability in the Oracle Customer Interaction History product of Oracle E-Business Suite (component: Outcome-Result).

CVE-2021-2106 HIGH
8.2 Jan 20

Vulnerability in the Oracle Customer Interaction History product of Oracle E-Business Suite (component: Outcome-Result).

CVE-2021-2105 HIGH
8.2 Jan 20

Vulnerability in the Oracle Customer Interaction History product of Oracle E-Business Suite (component: Outcome-Result).

CVE-2020-2873 HIGH
8.2 Apr 15

Vulnerability in the Oracle Customer Interaction History product of Oracle E-Business Suite (component: Outcome-Result).

Share

CVE-2016-5592 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy