CVE-2016-3513
CVE-2016-3513 is a medium-severity vulnerability in Oracle Communications Operations Monitor with a CVSS 3.x base score of 6.5. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low.
Key facts
- Severity: Medium (CVSS 3.x base score 6.5)
- CVSS v2: 6.8
- EPSS exploit prediction: 3% (84th percentile)
- Actively exploited: Not listed in CISA KEV
- Affected product: Oracle Communications Operations Monitor
- Published:
- Last modified:
Description
Unspecified vulnerability in the Oracle Communications Operations Monitor component in Oracle Communications Applications before 3.3.92.0.0 allows remote authenticated users to affect confidentiality via vectors related to Infrastructure.
Frequently asked questions
- What is CVE-2016-3513?
- Unspecified vulnerability in the Oracle Communications Operations Monitor component in Oracle Communications Applications before 3.3.92.0.0 allows remote authenticated users to affect confidentiality via vectors related to Infrastructure.
- How severe is CVE-2016-3513?
- CVE-2016-3513 has a CVSS 3.x base score of 6.5, rated medium severity. It is exploitable over network with low attack complexity, requires low privileges and no user interaction. Impact on confidentiality is high, integrity none, and availability none.
- Is CVE-2016-3513 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 3% (84th percentile), an estimate of the probability of exploitation in the next 30 days.
- What products are affected by CVE-2016-3513?
- CVE-2016-3513 affects Oracle Communications Operations Monitor. See the affected-products list for the exact vulnerable versions.
- How do I fix CVE-2016-3513?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
- When was CVE-2016-3513 published?
- CVE-2016-3513 was published on 2016-07-21 and last updated on 2026-06-17.
References
- http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
- http://www.securityfocus.com/bid/91787
- http://www.securitytracker.com/id/1036401
- http://www.synacktiv.com/ressources/oracle_sbc_configuration_issues.pdf
Affected products (1)
- cpe:2.3:a:oracle:communications_operations_monitor:*:*:*:*:*:*:*:*
More vulnerabilities in Oracle Communications Operations Monitor
- CVE-2021-44790 — Critical (CVSS 9.8): A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from…
- CVE-2019-5482 — Critical (CVSS 9.8): Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.
- CVE-2019-5481 — Critical (CVSS 9.8): Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3.
- CVE-2019-7164 — Critical (CVSS 9.8): SQLAlchemy through 1.2.17 and 1.3.x through 1.3.0b2 allows SQL Injection via the order_by parameter.
- CVE-2019-3822 — Critical (CVSS 9.8): libcurl versions from 7.36.0 to before 7.64.0 are vulnerable to a stack-based buffer overflow. The function creating an…
- CVE-2018-11219 — Critical (CVSS 9.8): An Integer Overflow issue was discovered in the struct library in the Lua subsystem in Redis before 3.2.12, 4.x before…
All CVEs affecting Oracle Communications Operations Monitor →