CVE-2016-3489
MEDIUMOracle Database Server <12.1.0.2 - Info Disclosure
Title source: llmDescription
Unspecified vulnerability in the Data Pump Import component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors.
Scores
CVSS v3
6.7
EPSS
0.0009
EPSS Percentile
25.0%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Classification
Status
draft
Affected Products (3)
oracle/database
oracle/database
oracle/database
Timeline
Published
Jul 21, 2016
Tracked Since
Feb 18, 2026