漏洞标题
N/A
漏洞描述信息
Oracle金融服务应用程序中的Oracle金融服务犯罪与合规调查中心产品(组件:报告)的漏洞。受影响的支持版本是20.1.2。这个漏洞难以利用,使得高特权攻击者登录Oracle金融服务犯罪与合规调查中心执行的基础设施,从而 compromise Oracle金融服务犯罪与合规调查中心。攻击的成功需要非攻击者的人之间的互动,虽然漏洞在Oracle金融服务犯罪与合规调查中心中,但攻击可能对其他产品产生重大影响。利用此漏洞的攻击可能会导致未经授权的更新、插入或删除访问Oracle金融服务犯罪与合规调查中心可访问数据的部分,以及未经授权的阅读理解Oracle金融服务犯罪与合规调查中心可访问数据的部分。CVSS 3.1基础得分为3.7( confidentiality和 integrity impacts)。CVSS向量:(CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:N)。
CVSS信息
CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:N
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
Vulnerability in the Oracle Financial Services Crime and Compliance Investigation Hub product of Oracle Financial Services Applications (component: Reports). The supported version that is affected is 20.1.2. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle Financial Services Crime and Compliance Investigation Hub executes to compromise Oracle Financial Services Crime and Compliance Investigation Hub. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Financial Services Crime and Compliance Investigation Hub, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Financial Services Crime and Compliance Investigation Hub accessible data as well as unauthorized read access to a subset of Oracle Financial Services Crime and Compliance Investigation Hub accessible data. CVSS 3.1 Base Score 3.7 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:N).
CVSS信息
CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:N
漏洞类别
N/A
漏洞标题
Oracle Financial Services Applications 安全漏洞
漏洞描述信息
Oracle Financial Services Applications是美国甲骨文(Oracle)公司的一套金融服务软件。该产品包括核心银行、网上银行和财产管理等。 Oracle Financial Services apps存在安全漏洞,该漏洞允许高特权攻击者可利用该漏洞登录到Oracle金融服务犯罪和合规调查中心执行的基础设施,以危害Oracle金融服务犯罪和合规调查中心。
CVSS信息
N/A
漏洞类别
其他