Vulnerability Details : CVE-2016-0696
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6 allows remote attackers to affect confidentiality and integrity via vectors related to Console.
Exploit prediction scoring system (EPSS) score for CVE-2016-0696
Probability of exploitation activity in the next 30 days: 0.33%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 67 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2016-0696
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
6.4
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:P/A:N |
10.0
|
4.9
|
NIST |
5.4
|
MEDIUM | CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N |
2.8
|
2.5
|
NIST |
References for CVE-2016-0696
-
http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
cpuapr2016v3Vendor Advisory
-
http://www.securityfocus.com/bid/86443
Oracle Fusion Middleware CVE-2016-0696 Remote Security Vulnerability
-
http://www.securitytracker.com/id/1035615
Oracle WebLogic Server Bugs Let Remote Users Access Data, Modify Data, and Gain Elevated Privileges - SecurityTracker
Products affected by CVE-2016-0696
- cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:*