Unspecified vulnerability in the Enterprise Manager Ops Center component in Oracle Enterprise Manager Grid Control 12.1.4, 12.2.2, and 12.3.2; the Oracle Health Sciences Information Manager component in Oracle Health Sciences Applications 1.2.8.3, 2.0.2.3, and 3.0.1.0; the Oracle Healthcare Master Person Index component in Oracle Health Sciences Applications 2.0.12, 3.0.0, and 4.0.1; the Oracle Documaker component in Oracle Insurance Applications before 12.5; the Oracle Insurance Calculation Engine component in Oracle Insurance Applications 9.7.1, 10.1.2, and 10.2.2; the Oracle Insurance Policy Administration J2EE and Oracle Insurance Rules Palette components in Oracle Insurance Applications 9.6.1, 9.7.1, 10.0.1, 10.1.2, 10.2.0, and 10.2.2; the Oracle Retail Integration Bus component in Oracle Retail Applications 15.0; the Oracle Retail Order Broker component in Oracle Retail Applications 5.1, 5.2, and 15.0; the Primavera Contract Management component in Oracle Primavera Products Suite 14.2; the Primavera P6 Enterprise Project Portfolio Management component in Oracle Primavera Products Suite 8.2, 8.3, 8.4, 15.1, 15.2, and 16.1; the Oracle Financial Services Analytical Applications Infrastructure component in Oracle Financial Services Applications 8.0.0, 8.0.1, 8.0.2, and 8.0.3; the Oracle Commerce Guided Search / Oracle Commerce Experience Manager component in Oracle Commerce 3.1.1, 3.1.2, 11.0, 11.1, and 11.2; the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5; the Oracle Communications BRM - Elastic Charging Engine 11.2.0.0.0 and 11.3.0.0.0; the Oracle Enterprise Repository Enterprise Repository 12.1.3.0.0; the Oracle Financial Services Behavior Detection Platform 8.0.1 and 8.0.2; the Oracle Hyperion Essbase 12.2.1.1; the Oracle Tuxedo System and Applications Monitor (TSAM) 11.1.1.2.0, 11.1.1.2.1, 11.1.1.2.1, 12.1.1.1.0, 12.1.3.0.0, and 12.2.2.0.0; the Oracle Communications WebRTC Session Controller component of Oracle Communications Applications (subcomponent: Security (Spring)) 7.0, 7.1 and 7.2; the Oracle Endeca Information Discovery Integrator 3.2; the Converged Commerce component of Oracle Retail Applications 16.0.1; the Oracle Identity Manager 11.1.2.3.0; Oracle Enterprise Manager for MySQL Database 12.1.0.4; Oracle Retail Invoice Matching 12.0, 13.0, 13.1, 13.2, 14.0, and 14.1; Oracle Communications Performance Intelligence Center (PIC) Software Prior to 10.2.1 and the Oracle Knowledge component of Oracle Siebel CRM (subcomponent: AnswerFlow (Spring Framework)) version 8.5.1.0 - 8.5.1.7 and 8.6.0 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.
総合評価: CVE-2016-0635 は高リスク(67.2/100)。CVSS 深刻度は高。悪用される可能性が高い(EPSS 5.08%、91 パーセンタイル) 根拠: EPSS 上、短期間での悪用可能性は高い水準です。 推奨対応: 悪用可能性が高いため、影響範囲の確認と修補の優先付けを推奨します。
リスクは変動します。再評価に基づき、本ページの表示内容を更新しています。
EPSS は日次で悪用されやすさの相対度合いを推定します。パーセンタイルは採点済み CVE の中での相対位置(高いほど相対的に深刻)を示します。
| # | 日付 | 旧 EPSS スコア | 新 EPSS スコア | Δ(新 − 旧) |
|---|---|---|---|---|
| 1 | 2026-06-15 | 4.96% | 5.08% | +0.11% |
| 2 | 2026-01-19 | 6.64% | 4.96% | -1.67% |
| 3 | 2025-12-08 | — | 6.64% | — |
EPSS の全履歴 (全 9 件)
この CVE の CVSS 指標。
| ベーススコア | バージョン | 深刻度 | ベクトル | 悪用しやすさ | 影響 | スコアの出典 |
|---|---|---|---|---|---|---|
| 8.8 | 3.0 | HIGH |
|
2.8 | 5.9 | [email protected] |
| 9.0 | 2.0 | HIGH |
|
8.0 | 10.0 | [email protected] |
| ベンダー | 製品 | バージョン | 生の CPE |
|---|---|---|---|
| oracle | documaker | <= 12.5 | cpe:2.3:a:oracle:documaker:*:*:*:*:*:*:*:* |
| oracle | enterprise_manager_ops_center | 12.1.4 | cpe:2.3:a:oracle:enterprise_manager_ops_center:12.1.4:*:*:*:*:*:*:* |
| oracle | enterprise_manager_ops_center | 12.2.2 | cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.2:*:*:*:*:*:*:* |
| oracle | enterprise_manager_ops_center | 12.3.2 | cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.2:*:*:*:*:*:*:* |
| oracle | health_sciences_information_manager | 1.2.8.3 | cpe:2.3:a:oracle:health_sciences_information_manager:1.2.8.3:*:*:*:*:*:*:* |
| oracle | health_sciences_information_manager | 2.0.2.3 | cpe:2.3:a:oracle:health_sciences_information_manager:2.0.2.3:*:*:*:*:*:*:* |
| oracle | health_sciences_information_manager | 3.0.1.0 | cpe:2.3:a:oracle:health_sciences_information_manager:3.0.1.0:*:*:*:*:*:*:* |
| oracle | healthcare_master_person_index | 2.0.12 | cpe:2.3:a:oracle:healthcare_master_person_index:2.0.12:*:*:*:*:*:*:* |
| oracle | healthcare_master_person_index | 3.0.0 | cpe:2.3:a:oracle:healthcare_master_person_index:3.0.0:*:*:*:*:*:*:* |
| oracle | healthcare_master_person_index | 4.0.1 | cpe:2.3:a:oracle:healthcare_master_person_index:4.0.1:*:*:*:*:*:*:* |
| oracle | insurance_calculation_engine | 9.7.1 | cpe:2.3:a:oracle:insurance_calculation_engine:9.7.1:*:*:*:*:*:*:* |
| oracle | insurance_calculation_engine | 10.1.2 | cpe:2.3:a:oracle:insurance_calculation_engine:10.1.2:*:*:*:*:*:*:* |
| oracle | insurance_calculation_engine | 10.2.2 | cpe:2.3:a:oracle:insurance_calculation_engine:10.2.2:*:*:*:*:*:*:* |
| oracle | insurance_policy_administration_j2ee | 9.6.1 | cpe:2.3:a:oracle:insurance_policy_administration_j2ee:9.6.1:*:*:*:*:*:*:* |
| oracle | insurance_policy_administration_j2ee | 9.7.1 | cpe:2.3:a:oracle:insurance_policy_administration_j2ee:9.7.1:*:*:*:*:*:*:* |
| oracle | insurance_policy_administration_j2ee | 10.0.1 | cpe:2.3:a:oracle:insurance_policy_administration_j2ee:10.0.1:*:*:*:*:*:*:* |
| oracle | insurance_policy_administration_j2ee | 10.1.2 | cpe:2.3:a:oracle:insurance_policy_administration_j2ee:10.1.2:*:*:*:*:*:*:* |
| oracle | insurance_policy_administration_j2ee | 10.2.0 | cpe:2.3:a:oracle:insurance_policy_administration_j2ee:10.2.0:*:*:*:*:*:*:* |
| oracle | insurance_policy_administration_j2ee | 10.2.2 | cpe:2.3:a:oracle:insurance_policy_administration_j2ee:10.2.2:*:*:*:*:*:*:* |
| oracle | insurance_rules_palette | 9.6.1 | cpe:2.3:a:oracle:insurance_rules_palette:9.6.1:*:*:*:*:*:*:* |
| oracle | insurance_rules_palette | 9.7.1 | cpe:2.3:a:oracle:insurance_rules_palette:9.7.1:*:*:*:*:*:*:* |
| oracle | insurance_rules_palette | 10.0.1 | cpe:2.3:a:oracle:insurance_rules_palette:10.0.1:*:*:*:*:*:*:* |
| oracle | insurance_rules_palette | 10.1.2 | cpe:2.3:a:oracle:insurance_rules_palette:10.1.2:*:*:*:*:*:*:* |
| oracle | insurance_rules_palette | 10.2.0 | cpe:2.3:a:oracle:insurance_rules_palette:10.2.0:*:*:*:*:*:*:* |
| oracle | insurance_rules_palette | 10.2.2 | cpe:2.3:a:oracle:insurance_rules_palette:10.2.2:*:*:*:*:*:*:* |
| oracle | primavera_contract_management | 14.2 | cpe:2.3:a:oracle:primavera_contract_management:14.2:*:*:*:*:*:*:* |
| oracle | primavera_p6_enterprise_project_portfolio_management | 8.2 | cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:8.2:*:*:*:*:*:*:* |
| oracle | primavera_p6_enterprise_project_portfolio_management | 8.3 | cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:8.3:*:*:*:*:*:*:* |
| oracle | primavera_p6_enterprise_project_portfolio_management | 8.4 | cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:8.4:*:*:*:*:*:*:* |
| oracle | primavera_p6_enterprise_project_portfolio_management | 15.1 | cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:15.1:*:*:*:*:*:*:* |
| oracle | primavera_p6_enterprise_project_portfolio_management | 15.2 | cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:15.2:*:*:*:*:*:*:* |
| oracle | primavera_p6_enterprise_project_portfolio_management | 16.1 | cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:16.1:*:*:*:*:*:*:* |
| oracle | retail_integration_bus | 15.0 | cpe:2.3:a:oracle:retail_integration_bus:15.0:*:*:*:*:*:*:* |
| oracle | retail_order_broker_cloud_service | 5.1 | cpe:2.3:a:oracle:retail_order_broker_cloud_service:5.1:*:*:*:*:*:*:* |
| oracle | retail_order_broker_cloud_service | 5.2 | cpe:2.3:a:oracle:retail_order_broker_cloud_service:5.2:*:*:*:*:*:*:* |
| oracle | retail_order_broker_cloud_service | 15.0 | cpe:2.3:a:oracle:retail_order_broker_cloud_service:15.0:*:*:*:*:*:*:* |