漏洞标题
没有
漏洞描述信息
Oracle FLEXCUBE Universal Banking产品(组件:Infrastructure)存在漏洞,受影响的支持版本包括12.3、12.4、14.0-14.3和14.5-14.7。该漏洞容易被利用,具有网络访问权限(通过HTTP)的低权限攻击者可以利用此漏洞攻击Oracle FLEXCUBE Universal Banking。成功的攻击需要来自攻击者之外的人员进行人为交互,虽然漏洞存在于Oracle FLEXCUBE Universal Banking中,但攻击可能对其他产品产生显著影响(范围变更)。利用此漏洞可能导致未经授权的更新、插入或删除部分Oracle FLEXCUBE Universal Banking可访问数据的权限,以及未经授权的读取部分Oracle FLEXCUBE Universal Banking可访问数据的权限。CVSS 3.1基础评分5.4(影响涉及机密性和完整性)。CVSS向量:(CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N)。
CVSS信息
N/A
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Infrastructure). Supported versions that are affected are 12.3, 12.4, 14.0-14.3 and 14.5-14.7. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Universal Banking. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle FLEXCUBE Universal Banking, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle FLEXCUBE Universal Banking accessible data as well as unauthorized read access to a subset of Oracle FLEXCUBE Universal Banking accessible data. CVSS 3.1 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N).
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
漏洞类别
N/A
漏洞标题
Oracle Financial Services Applications 安全漏洞
漏洞描述信息
Oracle Financial Services Applications和Oracle FLEXCUBE Universal Banking都是美国甲骨文(Oracle)公司的产品。Oracle Financial Services Applications是一套金融服务软件。该产品包括核心银行、网上银行和财产管理等。Oracle FLEXCUBE Universal Banking是一个通用的数字银行业务系统。 Oracle Financial Services Applications 的 Ora
CVSS信息
N/A
漏洞类别
其他