How severe is CVE-2016-8313?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.1 out of 10.

What type of vulnerability is CVE-2016-8313?

This is classified as CWE-200, which is a common weakness in software security.

CVE-2016-8313 - MEDIUM Severity | CVSS 4.1

Vulnerability Description

Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications (subcomponent: Product / Instrument Search). Supported versions that are affected are 2.0.1, 2.2.0 and 12.0.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Private Banking. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle FLEXCUBE Private Banking, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle FLEXCUBE Private Banking accessible data. CVSS v3.0 Base Score 4.1 (Confidentiality impacts).

Related Vulnerabilities

CVE-2014-0872

MEDIUM

CVSS:4.1(Medium)

The installation process in IBM Security Key Lifecycle Manager 2.5 stores unencrypted credentials, which might allow local users to obtain sensitive information by leveraging root access. IBM X-Force ...

CWE-2002014

CVE-2015-7487

MEDIUM

CVSS:4.1(Medium)

IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.9 IFIX002, and 7.6.0 before 7.6.0.3 IFIX001; Maximo Asset Management 7.5.0 before 7.5.0.9 IFIX002, 7.5.1, and 7.6.0 before 7.6.0.3 ...

CWE-2002015

CVE-2016-1490

MEDIUM

CVSS:4.1(Medium)

The Wifi hotspot in Lenovo SHAREit before 3.2.0 for Windows allows remote attackers to obtain sensitive file names via a crafted file request to /list.

CWE-2002016

CVE-2016-5504

MEDIUM

CVSS:4.1(Medium)

Unspecified vulnerability in the Oracle Agile Product Lifecycle Management for Process component in Oracle Supply Chain Products Suite 6.1.0.4, 6.1.1.6, and 6.2.0.0 allows local users to affect confid...

CWE-2002016

CVE-2018-1843

MEDIUM

CVSS:4.1(Medium)

The Identity and Access Management (IAM) services (IBM Cloud Private 3.1.0) do not use a secure channel, such as SSL, to exchange information only when accessed internally from within the cluster. It ...

CWE-2002018

CVE-2019-3811

MEDIUM

CVSS:4.1(Medium)

A vulnerability was found in sssd. If a user was configured with no home directory set, sssd would return '/' (the root directory) instead of '' (the empty string / no home directory). This could impa...

CWE-2002019