Vulnerability in Oracle FLEXCUBE Core Banking Component
CVE-2016-8322

4.3MEDIUM

Key Information:

Vendor
Oracle
Status
Flexcube Core Banking
Vendor
CVE Published:
27 January 2017

Summary

This vulnerability affects the Oracle FLEXCUBE Core Banking component, allowing an attacker with low privileges to exploit network access via HTTP. As a result, unauthorized users may gain read access to sensitive data within the affected versions. Proper security measures and updates are recommended to mitigate potential risks associated with this vulnerability.

Affected Version(s)

FLEXCUBE Core Banking 5.1.0

FLEXCUBE Core Banking 5.2.0

FLEXCUBE Core Banking 11.5.0

References

http://www.securityfocus.com/bid/95608
vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1037636
vdb-entryx_refsource_SECTRACK
http://www.oracle.com/technetwork/security-advisory/cpuja...
x_refsource_CONFIRM

CVSS V3.1

Score:
4.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.