CVE-2016-0558

Published on: 01/20/2016 12:00:00 AM UTC

Last Modified on: 03/23/2021 11:27:13 PM UTC

AV:N/AC:M/Au:N/C:N/I:P/A:N

Certain versions of Service Contracts from Oracle contain the following vulnerability:

Unspecified vulnerability in the Oracle Service Contracts component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect integrity via unknown vectors related to Renewals.

CVSS2 Score: 4.3 - MEDIUM

Access
Vector
Access
Complexity
Authentication
NETWORK MEDIUM NONE
Confidentiality
Impact
Integrity
Impact
Availability
Impact
NONE PARTIAL NONE

CVE References

Description Tags Link
Oracle E-Business Suite Multiple Bugs Let Remote Users Partially Access and Modify Data and Partially Deny Service - SecurityTracker www.securitytracker.com
text/html
URL Logo SECTRACK 1034726
Oracle Critical Patch Update - January 2016 Vendor Advisory
www.oracle.com
text/html
URL Logo CONFIRM www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
ApplicationOracleService Contracts11.5.10.2AllAllAll
ApplicationOracleService Contracts12.1.1AllAllAll
ApplicationOracleService Contracts12.1.2AllAllAll
ApplicationOracleService Contracts12.1.3AllAllAll
ApplicationOracleService Contracts11.5.10.2AllAllAll
ApplicationOracleService Contracts12.1.1AllAllAll
ApplicationOracleService Contracts12.1.2AllAllAll
ApplicationOracleService Contracts12.1.3AllAllAll
  • cpe:2.3:a:oracle:service_contracts:11.5.10.2:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:service_contracts:12.1.1:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:service_contracts:12.1.2:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:service_contracts:12.1.3:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:service_contracts:11.5.10.2:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:service_contracts:12.1.1:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:service_contracts:12.1.2:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:service_contracts:12.1.3:*:*:*:*:*:*:*: