Vulnerability Details CVE-2016-3505
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.3.0, and 12.2.1.0 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to JavaServer Faces.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.02
EPSS Ranking 82.6%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 9.0
References
- http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
- http://www.securityfocus.com/bid/93708
- http://www.securitytracker.com/id/1037052
- http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
- http://www.securityfocus.com/bid/93708
- http://www.securitytracker.com/id/1037052
Products affected by CVE-2016-3505
-
cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0
-
cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0
-
cpe:2.3:a:oracle:weblogic_server:12.2.1.0.0