Vulnerability in Oracle Financial Services Market Risk Measurement and Management User Interface
CVE-2018-2716

6.1MEDIUM

Key Information:

Vendor
Oracle
Status
Financial Services Market Risk Measurement And Management
Vendor
CVE Published:
18 January 2018

Summary

A vulnerability has been identified in the Oracle Financial Services Market Risk Measurement and Management component, specifically affecting the user interface. This issue allows an unauthenticated attacker with network access via HTTP to compromise the system. Exploitation of this vulnerability requires user interaction from a person other than the attacker. While the vulnerability resides within the Market Risk Measurement and Management application, successful exploits could have substantial implications for other interconnected Oracle products. The vulnerability permits unauthorized access to update, insert, or delete data within the Market Risk Measurement and Management system, as well as unauthorized reading of certain accessible data.

Affected Version(s)

Financial Services Market Risk Measurement and Management 8.0.5

References

http://www.oracle.com/technetwork/security-advisory/cpuja...
x_refsource_CONFIRM
http://www.securitytracker.com/id/1040214
vdb-entryx_refsource_SECTRACK
http://www.securityfocus.com/bid/102672
vdb-entryx_refsource_BID

CVSS V3.1

Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.