Vulnerability Details : CVE-2016-3561
Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to SDK.
Exploit prediction scoring system (EPSS) score for CVE-2016-3561
Probability of exploitation activity in the next 30 days: 0.18%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 54 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2016-3561
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
|
7.3
|
HIGH | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L |
3.9
|
3.4
|
NIST |
References for CVE-2016-3561
-
http://www.securityfocus.com/bid/91787
Oracle July 2016 Critical Patch Update Multiple VulnerabilitiesThird Party Advisory;VDB Entry
-
http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
Oracle Critical Patch Update - July 2016Patch;Vendor Advisory
-
http://www.securityfocus.com/bid/91965
Oracle Agile PLM CVE-2016-3561 Remote Security Vulnerability
-
http://www.securitytracker.com/id/1036402
Oracle Supply Chain Products Suite Bugs Let Remote Users Access Data, Modify Data, Deny Service, and Gain Elevated Privileges - SecurityTracker
Products affected by CVE-2016-3561
- cpe:2.3:a:oracle:agile_product_lifecycle_management_framework:9.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:agile_product_lifecycle_management_framework:9.3.5:*:*:*:*:*:*:*