How severe is CVE-2017-3277?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.9 out of 10.

What type of vulnerability is CVE-2017-3277?

This is classified as CWE-200, which is a common weakness in software security.

CVE-2017-3277 - MEDIUM Severity | CVSS 4.9

Vulnerability Description

Vulnerability in the Oracle Applications Manager component of Oracle E-Business Suite (subcomponent: OAM Client). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Applications Manager. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Applications Manager accessible data. CVSS v3.0 Base Score 4.9 (Confidentiality impacts).

Related Vulnerabilities

CVE-2012-4382

MEDIUM

CVSS:4.9(Medium)

MediaWiki before 1.18.5, and 1.19.x before 1.19.2 does not properly protect user block metadata, which allows remote administrators to read a user block reason via a reblock attempt.

CWE-2002012

CVE-2013-0192

MEDIUM

CVSS:4.9(Medium)

File Disclosure in SMF (SimpleMachines Forum) <= 2.0.3: Forum admin can read files such as the database config.

CWE-2002013

CVE-2015-3251

MEDIUM

CVSS:4.9(Medium)

Apache CloudStack before 4.5.2 might allow remote authenticated administrators to obtain sensitive password information for root accounts of virtual machines via unspecified vectors related to API cal...

CWE-2002015

CVE-2016-0225

MEDIUM

CVSS:4.9(Medium)

IBM WebSphere Commerce 6.x through 6.0.0.11 and 7.x through 7.0.0.9 allows remote authenticated Commerce Accelerator administrators to obtain sensitive information via unspecified vectors.

CWE-2002016

CVE-2016-10740

MEDIUM

CVSS:4.9(Medium)

Various resources in Atlassian Crowd before version 2.10.1 allow remote attackers with administration rights to learn the passwords of configured LDAP directories by examining the responses to request...

CWE-2002016

CVE-2016-1497

MEDIUM

CVSS:4.9(Medium)

The Configuration utility in F5 BIG-IP systems 11.0.x, 11.1.x, 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4 HF2, 1.6.x before 11.6.1, and 12.0.0 before HF1 allows...

CWE-2002016