漏洞标题
N/A
漏洞描述信息
Oracle金融服务分析应用程序基础设施产品(组件:规则框架)中的漏洞。受影响的支持版本是8.0.6-8.1.0。容易利用的漏洞允许通过HTTP网络访问未经授权的黑客攻击Oracle金融服务分析应用程序基础设施。成功的攻击需要非攻击者的人进行手动交互,虽然漏洞存在于Oracle金融服务分析应用程序基础设施,但攻击可能严重影响其他产品。利用此漏洞的成功攻击可能导致未经授权更新、插入或删除访问Oracle金融服务分析应用程序基础设施可访问数据的部分数据,以及未经授权的读取访问Oracle金融服务分析应用程序基础设施可访问数据的部分部分。CVSS 3.1基础得分6.1(保密性和完整性影响)。CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Rules Framework). Supported versions that are affected are 8.0.6-8.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Financial Services Analytical Applications Infrastructure. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Financial Services Analytical Applications Infrastructure, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Financial Services Analytical Applications Infrastructure accessible data as well as unauthorized read access to a subset of Oracle Financial Services Analytical Applications Infrastructure accessible data. CVSS 3.1 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
漏洞类别
N/A
漏洞标题
Oracle Financial Services Analytical Applications 安全漏洞
漏洞描述信息
Oracle Financial Services Analytical Applications是美国甲骨文(Oracle)公司的一款金融服务分析软件。 Oracle Financial Services Analytical Applications Infrastructure Rules Framework 8.0.6-8.1.0 存在安全漏洞,该漏洞允许未经身份验证的攻击者通过HTTP进行网络访问,从而破坏Oracle Financial Services analysis Applicatio
CVSS信息
N/A
漏洞类别
其他