What is the severity of CVE-2016-0488?

CVE-2016-0488 has a severity rating that can potentially affect confidentiality and integrity of the system.

How do I fix CVE-2016-0488?

Fixing CVE-2016-0488 involves applying the latest security patches provided by Oracle for the affected versions.

What versions of Oracle Application Testing Suite are affected by CVE-2016-0488?

CVE-2016-0488 affects Oracle Application Testing Suite versions 12.4.0.2 and 12.5.0.2.

Can CVE-2016-0488 be exploited remotely?

Yes, CVE-2016-0488 allows remote attackers to exploit the vulnerability.

What components are involved in CVE-2016-0488?

CVE-2016-0488 involves the Oracle Application Testing Suite component of Oracle Enterprise Manager Grid Control.

Vulnerability/
CVE-2016-0488

medium

6.4

21/1/2016

5/8/2024

CVE-2016-0488

First published: Thu Jan 21 2016(Updated: )

Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Load Testing for Web Apps, a different vulnerability than CVE-2016-0492. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that this is a directory traversal vulnerability in the isAllowedUrl function in the admin pages, which allows remote attackers to bypass authentication and gain administrator access via directory traversal sequences following a URI entry that does not require authentication.

Credit: secalert_us@oracle.com

Affected Software	Affected Version	How to fix
Oracle Application Testing Suite	=12.4.0.2
Oracle Application Testing Suite	=12.5.0.2

Remedy

http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2016-0488?
CVE-2016-0488 has a severity rating that can potentially affect confidentiality and integrity of the system.
How do I fix CVE-2016-0488?
Fixing CVE-2016-0488 involves applying the latest security patches provided by Oracle for the affected versions.
What versions of Oracle Application Testing Suite are affected by CVE-2016-0488?
CVE-2016-0488 affects Oracle Application Testing Suite versions 12.4.0.2 and 12.5.0.2.
Can CVE-2016-0488 be exploited remotely?
Yes, CVE-2016-0488 allows remote attackers to exploit the vulnerability.
What components are involved in CVE-2016-0488?
CVE-2016-0488 involves the Oracle Application Testing Suite component of Oracle Enterprise Manager Grid Control.

collector/nvd-index
agent/references
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/remedy
agent/severity
agent/author
agent/last-modified-date
agent/description
agent/first-publish-date
agent/event
agent/tags
agent/source
vendor/oracle
canonical/oracle application testing suite
version/oracle application testing suite/12.4.0.2
version/oracle application testing suite/12.5.0.2

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.