8.2
CVE-2016-5482
- EPSS 0.23%
- Veröffentlicht 25.10.2016 14:29:19
- Zuletzt bearbeitet 12.04.2025 10:46:40
- Quelle secalert_us@oracle.com
- Teams Watchlist Login
- Unerledigt Login
Unspecified vulnerability in the Oracle Commerce Guided Search component in Oracle Commerce 6.2.2, 6.3.0, 6.4.1.2, and 6.5.0 through 6.5.2 allows remote attackers to affect confidentiality and integrity via unknown vectors.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Oracle ≫ Commerce Guided Search Version6.2.2
Oracle ≫ Commerce Guided Search Version6.3.0
Oracle ≫ Commerce Guided Search Version6.4.1.2
Oracle ≫ Commerce Guided Search Version6.5.0
Oracle ≫ Commerce Guided Search Version6.5.1
Oracle ≫ Commerce Guided Search Version6.5.2
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.23% | 0.429 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 8.2 | 2.8 | 4.7 |
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N
|
| nvd@nist.gov | 5.8 | 8.6 | 4.9 |
AV:N/AC:M/Au:N/C:P/I:P/A:N
|
CWE-284 Improper Access Control
The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.