CVE-2016-3540

MEDIUM

Oracle Enterprise Manager <13.1.0.0 - Info Disclosure

Title source: llm

Description

Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 12.1.0.5 and 13.1.0.0 allows remote attackers to affect confidentiality via vectors related to UI Framework.

References (4)

[Patch, Vendor Advisory] http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/91787

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/91892

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1036406

Scores

CVSS v3 4.3

EPSS 0.0045

EPSS Percentile 63.2%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

Classification

Status draft

Affected Products (2)

oracle/enterprise_manager_base_platform

Timeline

Published Jul 21, 2016

Tracked Since Feb 18, 2026