Vulnerability in Oracle Financial Services Market Risk User Interface
CVE-2018-2726

8.1HIGH

Key Information:

Vendor

Oracle
Status
Financial Services Market Risk
Vendor
CVE Published:
18 January 2018

What is CVE-2018-2726?

A vulnerability in the User Interface component of Oracle Financial Services Market Risk allows low privileged attackers with network access via HTTP to exploit weaknesses, potentially compromising the integrity and confidentiality of the application. This may lead to unauthorized creation, deletion, or modification of critical data, granting attackers significant access to Oracle Financial Services Market Risk information. Effective mitigation is crucial to protect sensitive financial data.

Affected Version(s)

Financial Services Market Risk 8.0.x

References

http://www.oracle.com/technetwork/security-advisory/cpuja...
x_refsource_CONFIRM
http://www.securitytracker.com/id/1040214
vdb-entryx_refsource_SECTRACK
http://www.securityfocus.com/bid/102664
vdb-entryx_refsource_BID

CVSS V3.1

Score:
8.1
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.