Vulnerabilities > Improper Access Control

DATE CVE VULNERABILITY TITLE RISK
2016-10-25 CVE-2016-5601 Improper Access Control vulnerability in Oracle Weblogic Server 12.1.3.0.0/12.2.1.0.0/12.2.1.1.0
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 12.1.3.0, 12.2.1.0, and 12.2.1.1 allows local users to affect confidentiality and integrity via vectors related to CIE Related Components.
local
low complexity
oracle CWE-284
6.3
2016-10-25 CVE-2016-5600 Improper Access Control vulnerability in Oracle Peoplesoft Enterprise Supply Chain Management Services Procurement 9.1/9.2
Unspecified vulnerability in the PeopleSoft Enterprise SCM Services Procurement component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
network
low complexity
oracle CWE-284
5.4
2016-10-25 CVE-2016-5599 Improper Access Control vulnerability in Oracle Advanced Supply Chain Planning 12.2.3/12.2.4/12.2.5
Unspecified vulnerability in the Oracle Advanced Supply Chain Planning component in Oracle Supply Chain Products Suite 12.2.3 through 12.2.5 allows remote attackers to affect confidentiality and integrity via vectors related to MscObieeSrvlt.
network
low complexity
oracle CWE-284
critical
9.1
2016-10-25 CVE-2016-5598 Improper Access Control vulnerability in Oracle Mysql Connector/Python
Unspecified vulnerability in the MySQL Connector component 2.1.3 and earlier and 2.0.4 and earlier in Oracle MySQL allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Connector/Python.
network
high complexity
oracle CWE-284
5.6
2016-10-25 CVE-2016-5595 Improper Access Control vulnerability in Oracle Customer Interaction History
Unspecified vulnerability in the Oracle Customer Interaction History component in Oracle E-Business Suite 12.1.1 through 12.1.3, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2016-5592.
network
low complexity
oracle CWE-284
8.2
2016-10-25 CVE-2016-5594 Improper Access Control vulnerability in Oracle Flexcube Universal Banking
Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.3.0, 11.4.0, and 12.0.1 through 12.0.3 allows remote authenticated users to affect confidentiality via vectors related to INFRA.
network
low complexity
oracle CWE-284
5.0
2016-10-25 CVE-2016-5593 Improper Access Control vulnerability in Oracle Customer Interaction History
Unspecified vulnerability in the Oracle Customer Interaction History component in Oracle E-Business Suite 12.1.1 through 12.1.3, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2016-5587 and CVE-2016-5591.
network
low complexity
oracle CWE-284
8.2
2016-10-25 CVE-2016-5592 Improper Access Control vulnerability in Oracle Customer Interaction History
Unspecified vulnerability in the Oracle Customer Interaction History component in Oracle E-Business Suite 12.1.1 through 12.1.3, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2016-5595.
network
low complexity
oracle CWE-284
8.2
2016-10-25 CVE-2016-5591 Improper Access Control vulnerability in Oracle Customer Interaction History
Unspecified vulnerability in the Oracle Customer Interaction History component in Oracle E-Business Suite 12.1.1 through 12.1.3, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2016-5587 and CVE-2016-5593.
network
low complexity
oracle CWE-284
8.2
2016-10-25 CVE-2016-5589 Improper Access Control vulnerability in Oracle Customer Relationship Management Technical Foundation
Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suite 12.1.1 through 12.1.3 and 12.2.3 through 12.2.6 allows remote attackers to affect confidentiality and integrity via unknown vectors.
network
low complexity
oracle CWE-284
8.2