CVE-2016-5601

Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 12.1.3.0, 12.2.1.0, and 12.2.1.1 allows local users to affect confidentiality and integrity via vectors related to CIE Related Components.

Published: Oct 25, 2016
Updated: Apr 13, 2023
CVE: CVE-2016-5601
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 6.3
AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:H/A:N

CVSS v2:

Severity: Low
Score: 3.3
AV:L/AC:M/Au:N/C:P/I:P/A:N

CWEs:

CWE-284

OWASP TOP 10:

A5 - Broken Access Control

Affected Software
References

Software	From	Fixed in
oracle / weblogic_server	12.2.1.0.0	12.2.1.0.0.x
oracle / weblogic_server	12.1.3.0.0	12.1.3.0.0.x
oracle / weblogic_server	12.2.1.1.0	12.2.1.1.0.x

http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
http://www.securityfocus.com/bid/93704
http://www.securitytracker.com/id/1037052

Vulnerability Database

CVE-2016-5601