CVE-ID |
CVE-2018-3037
|
• CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
|
Description |
Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral
Management component of Oracle Financial Services Applications
(subcomponent: Infrastructure). Supported versions that are affected
are 12.3.0, 14.0.0 and 14.1.0. Easily exploitable vulnerability allows
low privileged attacker with network access via HTTP to compromise
Oracle FLEXCUBE Enterprise Limits and Collateral Management.
Successful attacks of this vulnerability can result in unauthorized
update, insert or delete access to some of Oracle FLEXCUBE Enterprise
Limits and Collateral Management accessible data as well as
unauthorized read access to a subset of Oracle FLEXCUBE Enterprise
Limits and Collateral Management accessible data and unauthorized
ability to cause a partial denial of service (partial DOS) of Oracle
FLEXCUBE Enterprise Limits and Collateral Management. CVSS 3.0 Base
Score 6.3 (Confidentiality, Integrity and Availability impacts). CVSS
Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L).
|
References |
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
|
|
Assigning CNA |
Oracle |
Date Entry Created |
20171215 |
Disclaimer: The entry creation date may reflect when
the CVE ID was allocated or reserved, and does not
necessarily indicate when this vulnerability was
discovered, shared with the affected vendor, publicly
disclosed, or updated in CVE.
|
Phase (Legacy) |
Assigned (20171215) |
Votes (Legacy) |
|
Comments (Legacy) |
|
Proposed (Legacy) |
N/A |
This is an entry on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities. |
|
For More Information: cve@mitre.org
|