Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-xgm4-vcwp-m6qp

Опубликовано: 24 мая 2022
Источник: github
Github: Не прошло ревью
CVSS3: 6.5

Описание

Vulnerability in the Oracle FLEXCUBE Investor Servicing product of Oracle Financial Services Applications (component: Infrastructure). Supported versions that are affected are 12.1.0-12.4.0 and 14.0.0-14.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Investor Servicing. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle FLEXCUBE Investor Servicing accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).

Vulnerability in the Oracle FLEXCUBE Investor Servicing product of Oracle Financial Services Applications (component: Infrastructure). Supported versions that are affected are 12.1.0-12.4.0 and 14.0.0-14.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Investor Servicing. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle FLEXCUBE Investor Servicing accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).

Ссылки

EPSS

Процентиль: 69%
0.00601
Низкий

6.5 Medium

CVSS3

CVE ID

CVE-2020-2721

Связанные уязвимости

nvd логотип

CVE-2020-2721

CVSS3: 6.5
nvd
около 6 лет назад

Vulnerability in the Oracle FLEXCUBE Investor Servicing product of Oracle Financial Services Applications (component: Infrastructure). Supported versions that are affected are 12.1.0-12.4.0 and 14.0.0-14.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Investor Servicing. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle FLEXCUBE Investor Servicing accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).

fstec логотип

BDU:2020-00257

CVSS3: 6.5
fstec
около 6 лет назад

Уязвимость компонента Infrastructure программного средства управления финансами Oracle FLEXCUBE Investor Servicing, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации

EPSS

Процентиль: 69%
0.00601
Низкий

6.5 Medium

CVSS3

CVE ID

CVE-2020-2721