Vulnerability Details : CVE-2016-3444
Unspecified vulnerability in the Oracle Retail Integration Bus component in Oracle Retail Applications 13.0, 13.1, 13.2, 14.0, 14.1, and 15.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Install.
Products affected by CVE-2016-3444
- cpe:2.3:a:oracle:retail_integration_bus:15.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:retail_integration_bus:14.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:retail_integration_bus:14.1:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:retail_integration_bus:13.1:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:retail_integration_bus:13.2:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:retail_integration_bus:13.0:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2016-3444
0.77%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 81 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2016-3444
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST | |
9.8
|
CRITICAL | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
References for CVE-2016-3444
-
http://www.securityfocus.com/bid/91883
Oracle Retail Integration Bus CVE-2016-3444 Remote Security Vulnerability
-
http://www.securityfocus.com/bid/91787
Oracle July 2016 Critical Patch Update Multiple VulnerabilitiesThird Party Advisory;VDB Entry
-
http://www.securitytracker.com/id/1036397
Oracle Retail Applications Bugs Let Remote Users Access Data, Modify Data, and Gain Elevated Privileges and Remote Authenticated Users Deny Service - SecurityTracker
-
http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
Oracle Critical Patch Update - July 2016Patch;Vendor Advisory
Jump to