CVE-2016-8314

LOW Year: 2016
CVSS v3 Score
3.1
Low
CVSS v2 Score
3.5
Low
Weakness Type
CWE-254
View all →

Vulnerability Description

Vulnerability in the Oracle FLEXCUBE Core Banking component of Oracle Financial Services Applications (subcomponent: Core). Supported versions that are affected are 5.1.0, 5.2.0 and 11.5.0. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Core Banking. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle FLEXCUBE Core Banking accessible data. CVSS v3.0 Base Score 3.1 (Confidentiality impacts).

Related Vulnerabilities

CVE-2016-0137

LOW
CVSS:3.3(Low)

The Click-to-Run (C2R) implementation in Microsoft Office 2013 SP1 and 2016 allows local users to bypass the ASLR protection mechanism via a crafted application, aka "Microsoft APP-V ASLR Bypass."

CWE-2542016

CVE-2016-10772

LOW
CVSS:3.3(Low)

cPanel before 60.0.25 does not enforce feature-list restrictions when calling the multilang adminbin (SEC-168).

CWE-2542016

CVE-2016-3354

LOW
CVSS:3.3(Low)

The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold...

CWE-2542016

CVE-2016-5525

LOW
CVSS:3.3(Low)

Unspecified vulnerability in the Solaris Cluster component in Oracle Sun Systems Products Suite 3.3 and 4.3 allows local users to affect integrity via vectors related to Cluster check files.

CWE-2542016

CVE-2017-18429

LOW
CVSS:3.3(Low)

In cPanel before 66.0.2, Apache HTTP Server SSL domain logs can persist on disk after an account termination (SEC-291).

CWE-2542017

CVE-2015-8801

LOW
CVSS:2.9(Low)

Race condition in the client in Symantec Endpoint Protection (SEP) 12.1 before RU6 MP5 allows local users to bypass intended restrictions on USB file transfer by conducting filesystem operations befor...

CWE-2542015