How severe is CVE-2016-8299?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.3 out of 10.

What type of vulnerability is CVE-2016-8299?

This is classified as CWE-284, which is a common weakness in software security.

CVE-2016-8299

MEDIUM Year: 2016

CVSS v3 Score

6.3

Medium

CVSS v2 Score

6.5

Medium

Weakness Type

CWE-284

View all →

Vulnerability Description

Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Core). Supported versions that are affected are 11.3.0, 11.4.0, 12.0.1, 12.0.2, 12.0.3, 12.1.0 and 12.2.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Universal Banking. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle FLEXCUBE Universal Banking accessible data as well as unauthorized read access to a subset of Oracle FLEXCUBE Universal Banking accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle FLEXCUBE Universal Banking. CVSS v3.0 Base Score 6.3 (Confidentiality, Integrity and Availability impacts).

CVE-2015-6933

MEDIUM

CVSS:6.3(Medium)

The VMware Tools HGFS (aka Shared Folders) implementation in VMware Workstation 11.x before 11.1.2, VMware Player 7.x before 7.1.2, VMware Fusion 7.x before 7.1.2, and VMware ESXi 5.0 through 6.0 allo...

CWE-2842015

CVE-2016-0914

MEDIUM

CVSS:6.3(Medium)

EMC Documentum WebTop 6.8 before Patch 13 and 6.8.1 before Patch 02, Documentum Administrator 7.x before 7.2 Patch 13, Documentum Capital Projects 1.9 before Patch 23 and 1.10 before Patch 10, and Doc...

CWE-2842016

CVE-2016-1200

MEDIUM

CVSS:6.3(Medium)

The management screen in LOCKON EC-CUBE 3.0.7 through 3.0.9 allows remote authenticated users to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2016-11...

CWE-2842016

CVE-2016-1638

MEDIUM

CVSS:6.3(Medium)

extensions/renderer/resources/platform_app.js in the Extensions subsystem in Google Chrome before 49.0.2623.75 does not properly restrict use of Web APIs, which allows remote attackers to bypass inten...

CWE-2842016

CVE-2016-2277

MEDIUM

CVSS:6.3(Medium)

IAB.exe in Rockwell Automation Integrated Architecture Builder (IAB) before 9.6.0.8 and 9.7.x before 9.7.0.2 allows remote attackers to execute arbitrary code via a crafted project file.

CWE-2842016

CVE-2016-5601

MEDIUM

CVSS:6.3(Medium)

Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 12.1.3.0, 12.2.1.0, and 12.2.1.1 allows local users to affect confidentiality and integrity via vectors re...

CWE-2842016

CVE-2016-8299

Vulnerability Description

Related Vulnerabilities

CVE-2015-6933

CVE-2016-0914

CVE-2016-1200

CVE-2016-1638

CVE-2016-2277

CVE-2016-5601