User Interface Vulnerability in Oracle Financial Services Applications
CVE-2018-2719

6.1MEDIUM

Key Information:

Vendor
Oracle
Status
Financial Services Hedge Management And Ifrs Valuations
Vendor
CVE Published:
18 January 2018

Summary

A vulnerability exists within the User Interface component of Oracle Financial Services Hedge Management and IFRS Valuations. This flaw allows an unauthenticated attacker with network access via HTTP to compromise the application, requiring human interaction from another user. The issue could lead to unauthorized modifications, deletions, or access of data within both Hedge Management and IFRS Valuations. While the immediate impact affects specific components, the ramifications may extend to other connected Oracle Financial Services applications.

Affected Version(s)

Financial Services Hedge Management and IFRS Valuations 8.0.x

References

http://www.oracle.com/technetwork/security-advisory/cpuja...
x_refsource_CONFIRM
http://www.securitytracker.com/id/1040214
vdb-entryx_refsource_SECTRACK
http://www.securityfocus.com/bid/102653
vdb-entryx_refsource_BID

CVSS V3.1

Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.