PT-2016-5519 · Oracle · Oracle Weblogic Server

Published

2016-07-21

Updated

2018-10-30

CVE-2016-3499

CVSS v2.0

Critical

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Oracle WebLogic Server versions 12.1.3.0 through 12.2.1.0

Description The issue affects the confidentiality, integrity, and availability of the system. It is related to the Web Container in Oracle WebLogic Server.

Recommendations For versions 12.1.3.0 and 12.2.1.0, update to a version that contains a fix for this issue, as the current versions allow remote attackers to affect system security via vectors related to the Web Container. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2016-3499

ZDI-16-444

Affected Products

Oracle Weblogic Server

PT-2016-5519 · Oracle · Oracle Weblogic Server

CVE-2016-3499

Related Identifiers

Affected Products

References · 7