CVE-2016-5526

Published: Oct 25, 2016Modified: May 6, 2026

7.3

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Exploitability: 3.9 / Impact: 3.4

Source: NVD

Description

Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Apache Tomcat.

Affected (2)

Products: Oracle: Agile Product Lifecycle Management

Oracle

1 product

Agile Product Lifecycle Management

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Oracle Agile Product Lifecycle Management	Version 9.3.4
Oracle Agile Product Lifecycle Management	Version 9.3.5

Related CWEs

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

References (4)

http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html

Source: secalert_us@oracle.com

PatchVendor Advisory

http://www.securityfocus.com/bid/93652

Source: secalert_us@oracle.com

http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.securityfocus.com/bid/93652

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.