User Interface Vulnerability in Oracle Financial Services Applications
CVE-2018-2679

8.1HIGH

Key Information:

Vendor: Oracle
Status: Financial Services Profitability Management
Vendor: CVE Published:; 18 January 2018

What is CVE-2018-2679?

An exploitable vulnerability exists in the User Interface of Oracle Financial Services Profitability Management, allowing low-privileged attackers with network access via HTTP to gain unauthorized control. This can lead to unauthorized creation, deletion, or modification of sensitive data, posing significant risks to data integrity and confidentiality. The affected versions, 6.1.x and 8.0.x, are susceptible to attacks that can access all data managed by Oracle Financial Services Profitability Management, making it critical for organizations to apply necessary patches and safeguard their information.