Oracle Secure Global Desktop Unspecified Vulnerability (October 2016 CPU)

This script is Copyright (C) 2016 Tenable Network Security, Inc.


Synopsis :

An application installed on the remote host is affected by an
unspecified vulnerability.

Description :

The version of Oracle Secure Global Desktop installed on the remote
host is 4.71 or 5.2 and is missing a security patch from the October
2016 Critical Patch Update (CPU). It is, therefore, affected by an
unspecified vulnerability in the web services component. An
authenticated, remote attacker can exploit this vulnerability to
affect the confidentiality and availability of the host. No further
details have been provided by the vendor.

See also :

http://www.nessus.org/u?748d9372

Solution :

Apply the appropriate patch according to the October 2016 Oracle
Critical Patch Update advisory.

Risk factor :

Medium / CVSS Base Score : 5.5
(CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:P)
CVSS Temporal Score : 4.1
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Misc.

Nessus Plugin ID: 94436 ()

Bugtraq ID: 93632

CVE ID: CVE-2016-5580

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now