Oracle FLEXCUBE Private Banking Vulnerability in Financial Services Applications
CVE-2016-8313
Summary
The vulnerability affects the Oracle FLEXCUBE Private Banking component within Oracle Financial Services Applications, specifically in the Product / Instrument Search subcomponent. An attacker with low privileges can exploit this flaw to gain unauthorized access to specific data within the system. This exploitation requires human interaction from an individual other than the attacker, which makes it more complex. While the issue predominantly affects Oracle FLEXCUBE, successful attacks could potentially have wider implications on additional connected applications. The vulnerability puts sensitive information at risk, emphasizing the need for robust security measures.
Affected Version(s)
FLEXCUBE Private Banking 2.0.1
FLEXCUBE Private Banking 2.2.0
FLEXCUBE Private Banking 12.0.1
References
CVSS V3.1
Timeline
Vulnerability published
Vulnerability Reserved