CVE-2020-2721 – Vulnerability in the Oracle FLEXCUBE Investor Servicing product of Oracle

Vulnerability in the Oracle FLEXCUBE Investor Servicing product of Oracle Financial Services Applications (component: Infrastructure). Supported versions that are affected are 12.1.0-12.4.0 and 14.0.0-14.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Investor Servicing. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle FLEXCUBE Investor Servicing accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).

 

Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2721

Reference (s):

  • https://www.oracle.com/security-alerts/cpujan2020.html
Previous Post

CVE-2020-27180 – konzept-ix publiXone before 2020.015 allows attackers to download files b

Next Post

CVE-2020-27212 – STMicroelectronics STM32L4 devices through 2020-10-19 have incorrect acce

Related Posts