Vulnerability in Oracle FLEXCUBE Core Banking Affects Oracle Financial Services Applications
CVE-2016-8314

3.1LOW

Key Information:

Vendor

Oracle
Status
Flexcube Core Banking
Vendor
CVE Published:
27 January 2017

What is CVE-2016-8314?

A vulnerability exists within Oracle FLEXCUBE Core Banking which could allow a low-privileged attacker with network access via HTTP to gain unauthorized read access to certain data. This security flaw affects multiple versions of the software, making it critical for users to implement necessary security measures to safeguard sensitive banking information.

Affected Version(s)

FLEXCUBE Core Banking 5.1.0

FLEXCUBE Core Banking 5.2.0

FLEXCUBE Core Banking 11.5.0

References

http://www.securityfocus.com/bid/95609
vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1037636
vdb-entryx_refsource_SECTRACK
http://www.oracle.com/technetwork/security-advisory/cpuja...
x_refsource_CONFIRM

CVSS V3.1

Score:
3.1
Severity:
LOW
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.