CVE-2016-0464

Published on: 01/20/2016 12:00:00 AM UTC

Last Modified on: 03/23/2021 11:27:13 PM UTC

AV:N/AC:M/Au:N/C:N/I:P/A:N

Certain versions of Fusion Middleware from Oracle contain the following vulnerability:

Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6, 12.1.2, and 12.1.3 allows remote attackers to affect integrity via vectors related to WLS-Console.

CVSS2 Score: 4.3 - MEDIUM

Access
Vector
Access
Complexity
Authentication
NETWORK MEDIUM NONE
Confidentiality
Impact
Integrity
Impact
Availability
Impact
NONE PARTIAL NONE

CVE References

Description Tags Link
Oracle Fusion Middleware CVE-2016-0464 Remote Security Vulnerability cve.report (archive)
text/html
URL Logo BID 81185
Oracle WebLogic Multiple Bugs Let Remote Users Access and Modify Data and Deny Service - SecurityTracker www.securitytracker.com
text/html
URL Logo SECTRACK 1034716
Oracle Critical Patch Update - January 2016 Vendor Advisory
www.oracle.com
text/html
URL Logo CONFIRM www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
ApplicationOracleFusion Middleware10.3.6AllAllAll
ApplicationOracleFusion Middleware12.1.2.0AllAllAll
ApplicationOracleFusion Middleware12.1.3.0AllAllAll
ApplicationOracleFusion Middleware10.3.6AllAllAll
ApplicationOracleFusion Middleware12.1.2.0AllAllAll
ApplicationOracleFusion Middleware12.1.3.0AllAllAll
  • cpe:2.3:a:oracle:fusion_middleware:10.3.6:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:fusion_middleware:12.1.2.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:fusion_middleware:12.1.3.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:fusion_middleware:10.3.6:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:fusion_middleware:12.1.2.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:fusion_middleware:12.1.3.0:*:*:*:*:*:*:*: