How severe is CVE-2016-5623?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.4 out of 10.

What type of vulnerability is CVE-2016-5623?

This is classified as CWE-254, which is a common weakness in software security.

CVE-2016-5623

MEDIUM Year: 2016

CVSS v3 Score

5.4

Medium

CVSS v2 Score

5.5

Medium

Weakness Type

CWE-254

View all →

Vulnerability Description

Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications (subcomponent: Product / Instrument Search). Supported versions that are affected are 2.0.1, 2.2.0 and 12.0.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Private Banking. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle FLEXCUBE Private Banking accessible data as well as unauthorized read access to a subset of Oracle FLEXCUBE Private Banking accessible data. CVSS v3.0 Base Score 5.4 (Confidentiality and Integrity impacts).

CVE-2016-0274

MEDIUM

CVSS:5.4(Medium)

IBM Financial Transaction Manager (FTM) for ACH Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, Financial Transaction Manager (FTM) for Check Services for Multi-Platform 2.1.1.2 and 3.0...

CWE-2542016

CVE-2016-6626

MEDIUM

CVSS:5.4(Medium)

An issue was discovered in phpMyAdmin. An attacker could redirect a user to a malicious web page. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to ...

CWE-2542016

CVE-2016-8306

MEDIUM

CVSS:5.4(Medium)

Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Core). Supported versions that are affected are 12.0.1, 12.0.2,12.0.4,12.1.0 ...

CWE-2542016

CVE-2016-8911

MEDIUM

CVSS:5.4(Medium)

IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could ...

CWE-2542016

CVE-2015-3170

MEDIUM

CVSS:5.5(Medium)

selinux-policy when sysctl fs.protected_hardlinks are set to 0 allows local users to cause a denial of service (SSH login prevention) by creating a hardlink to /etc/passwd from a directory named .conf...

CWE-2542015

CVE-2015-7837

MEDIUM

CVSS:5.5(Medium)

The Linux kernel, as used in Red Hat Enterprise Linux 7, kernel-rt, and Enterprise MRG 2 and when booted with UEFI Secure Boot enabled, allows local users to bypass intended securelevel/secureboot res...

CWE-2542015

CVE-2016-5623

Vulnerability Description

Related Vulnerabilities

CVE-2016-0274

CVE-2016-6626

CVE-2016-8306

CVE-2016-8911

CVE-2015-3170

CVE-2015-7837