CVE-2016-5491

Published: Oct 25, 2016Modified: May 6, 2026

8.2

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N

Exploitability: 2.8 / Impact: 4.7

Source: NVD

Description

Unspecified vulnerability in the Oracle Commerce Service Center component in Oracle Commerce 10.0.3.5 and 10.2.0.5 allows remote attackers to affect confidentiality and integrity via unknown vectors.

Affected (2)

Products: Oracle: Commerce Service Center

Oracle

1 product

Commerce Service Center

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Oracle Commerce Service Center	Version 10.0.3.5
Oracle Commerce Service Center	Version 10.2.0.5

Related CWEs

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

References (4)

http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html

Source: secalert_us@oracle.com

PatchVendor Advisory

http://www.securityfocus.com/bid/93667

Source: secalert_us@oracle.com

http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.securityfocus.com/bid/93667

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.