How severe is CVE-2016-8312?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.2 out of 10.

What type of vulnerability is CVE-2016-8312?

This is classified as CWE-284, which is a common weakness in software security.

CVE-2016-8312

HIGH Year: 2016

CVSS v3 Score

8.2

High

CVSS v2 Score

5.8

Medium

Weakness Type

CWE-284

View all →

Vulnerability Description

Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications (subcomponent: Product / Instrument Search). Supported versions that are affected are 2.0.1, 2.2.0 and 12.0.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle FLEXCUBE Private Banking. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle FLEXCUBE Private Banking, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle FLEXCUBE Private Banking accessible data as well as unauthorized update, insert or delete access to some of Oracle FLEXCUBE Private Banking accessible data. CVSS v3.0 Base Score 8.2 (Confidentiality and Integrity impacts).

CVE-2015-8550

HIGH

CVSS:8.2(High)

Xen, when used on a system providing PV backends, allows local guest OS administrators to cause a denial of service (host OS crash) or gain privileges by writing to memory shared between the frontend ...

CWE-2842015

CVE-2016-5482

HIGH

CVSS:8.2(High)

Unspecified vulnerability in the Oracle Commerce Guided Search component in Oracle Commerce 6.2.2, 6.3.0, 6.4.1.2, and 6.5.0 through 6.5.2 allows remote attackers to affect confidentiality and integri...

CWE-2842016

CVE-2016-5491

HIGH

CVSS:8.2(High)

Unspecified vulnerability in the Oracle Commerce Service Center component in Oracle Commerce 10.0.3.5 and 10.2.0.5 allows remote attackers to affect confidentiality and integrity via unknown vectors.

CWE-2842016

CVE-2016-5557

HIGH

CVSS:8.2(High)

Unspecified vulnerability in the Oracle Advanced Pricing component in Oracle E-Business Suite 12.1.1 through 12.1.3 and 12.2.3 through 12.2.6 allows remote attackers to affect confidentiality and inte...

CWE-2842016

CVE-2016-5586

HIGH

CVSS:8.2(High)

Unspecified vulnerability in the Oracle Email Center component in Oracle E-Business Suite 12.1.1 through 12.1.3 and 12.2.3 through 12.2.6 allows remote attackers to affect confidentiality and integrit...

CWE-2842016

CVE-2016-5587

HIGH

CVSS:8.2(High)

Unspecified vulnerability in the Oracle Customer Interaction History component in Oracle E-Business Suite 12.1.1 through 12.1.3, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality an...

CWE-2842016

CVE-2016-8312

Vulnerability Description

Related Vulnerabilities

CVE-2015-8550

CVE-2016-5482

CVE-2016-5491

CVE-2016-5557

CVE-2016-5586

CVE-2016-5587