CVE-2016-5763

moderate-risk
Published 2016-11-15

Vulnerability in Novell Open Enterprise Server (OES2015 SP1 before Scheduled Maintenance Update 10992, OES2015 before Scheduled Maintenance Update 10990, OES11 SP3 before Scheduled Maintenance Update 10991, OES11 SP2 before Scheduled Maintenance Update 10989) might allow authenticated remote attackers to perform unauthorized file access and modification.

Do I need to act?

~
1.0% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
9
CVSS 9.1/10 Critical
NETWORK / LOW complexity

Affected Products (4)

Open Enterprise Server 11
Open Enterprise Server 2015
Open Enterprise Server 11
Open Enterprise Server 2015

Affected Vendors

Novell

References (10)

http://download.novell.com/Download?buildid=3Ho1yp5JOXA~
http://download.novell.com/Download?buildid=Fj0Hdns7mxA~
http://download.novell.com/Download?buildid=dfqmrymc0Rg~
http://download.novell.com/Download?buildid=s9_RxhgC8KU~
http://www.securityfocus.com/bid/94348
http://download.novell.com/Download?buildid=3Ho1yp5JOXA~
http://download.novell.com/Download?buildid=Fj0Hdns7mxA~
http://download.novell.com/Download?buildid=dfqmrymc0Rg~
http://download.novell.com/Download?buildid=s9_RxhgC8KU~
http://www.securityfocus.com/bid/94348
44
/ 100
moderate-risk
Severity 31/34 · Critical
Exploitability 3/34 · Minimal
Exposure 10/34 · Low