Vulnerabilities > CVE-2016-3586 - Unspecified vulnerability in Oracle Weblogic Server 10.3.6.0.0/12.1.3.0.0/12.2.1.0.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to WLS Core Components, a different vulnerability than CVE-2016-3510.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 3 |
Nessus
NASL family | Misc. |
NASL id | ORACLE_WEBLOGIC_SERVER_CPU_JUL_2016.NASL |
description | The version of Oracle WebLogic Server installed on the remote host is affected by multiple vulnerabilities : - An unspecified flaw exists in the Web Container subcomponent that allows an unauthenticated, remote attacker to cause a denial of service condition. (CVE-2016-3445) - An unspecified flaw exists in the Web Container subcomponent that allows an unauthenticated, remote attacker to execute arbitrary code. (CVE-2016-3499) - A remote code execution vulnerability exists in the WLS Core component due to unsafe deserialize calls to the weblogic.corba.utils.MarshallObject object. An unauthenticated, remote attacker can exploit this, via a specially crafted request, to execute arbitrary code. (CVE-2016-3510) - An unspecified flaw exists in the WLS Core component that allows an unauthenticated, remote attacker to execute arbitrary code. (CVE-2016-3586) |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 92460 |
published | 2016-07-20 |
reporter | This script is Copyright (C) 2016-2019 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/92460 |
title | Oracle WebLogic Server Multiple Vulnerabilities (July 2016 CPU) |
code |
|
References
- http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
- http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
- http://www.securityfocus.com/bid/91787
- http://www.securityfocus.com/bid/91787
- http://www.securityfocus.com/bid/92016
- http://www.securityfocus.com/bid/92016
- http://www.securitytracker.com/id/1036373
- http://www.securitytracker.com/id/1036373