CVE-2016-5601

Published: Oct 25, 2016Modified: May 6, 2026

6.3

Vector

CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:H/A:N

Exploitability: 1.1 / Impact: 4.7

Source: NVD

Description

Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 12.1.3.0, 12.2.1.0, and 12.2.1.1 allows local users to affect confidentiality and integrity via vectors related to CIE Related Components.

Affected (3)

Products: Oracle: Weblogic Server

Oracle

1 product

Weblogic Server

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Oracle Weblogic Server	Version 12.1.3.0.0
Oracle Weblogic Server	Version 12.2.1.0.0
Oracle Weblogic Server	Version 12.2.1.1.0

Related CWEs

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

References (6)

http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html

Source: secalert_us@oracle.com

PatchVendor Advisory

http://www.securityfocus.com/bid/93704

Source: secalert_us@oracle.com

http://www.securitytracker.com/id/1037052

Source: secalert_us@oracle.com

http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.securityfocus.com/bid/93704

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id/1037052

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.