Vulnerability in Oracle FLEXCUBE Private Banking by Oracle
CVE-2017-3477
4.2MEDIUM
Summary
This vulnerability resides in the Oracle FLEXCUBE Private Banking component, allowing a low privileged attacker with network access via HTTP to potentially compromise the application. Exploiting this could lead to unauthorized updates, inserts, or deletions of accessible data, as well as unauthorized reading of a subset of the application's data. It is critical for users to review their configurations and ensure robust security measures are in place to mitigate the risk associated with this vulnerability.
Affected Version(s)
FLEXCUBE Private Banking 12.0.0
FLEXCUBE Private Banking 12.1.0
References
CVSS V3.1
Score:
4.2
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved