3.5
CVE-2016-5618
- EPSS 0.18%
- Veröffentlicht 25.10.2016 14:31:32
- Zuletzt bearbeitet 12.04.2025 10:46:40
- Quelle secalert_us@oracle.com
- CVE-Watchlists
- Unerledigt
LoginUnspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, 12.1.2.0.0, 12.1.3.0.0, 12.2.1.0.0, and 12.2.1.1.0 allows remote authenticated users to affect confidentiality via vectors related to Code Generation Engine.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Oracle ≫ Data Integrator Version11.1.1.7.0
Oracle ≫ Data Integrator Version11.1.1.9.0
Oracle ≫ Data Integrator Version12.1.2.0.0
Oracle ≫ Data Integrator Version12.1.3.0.0
Oracle ≫ Data Integrator Version12.2.1.0.0
Oracle ≫ Data Integrator Version12.2.1.1.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.18% | 0.365 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 3.1 | 1.6 | 1.4 |
CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
|
| nvd@nist.gov | 3.5 | 6.8 | 2.9 |
AV:N/AC:M/Au:S/C:P/I:N/A:N
|
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.