Vulnerability in Oracle Financial Services Applications - Basel Regulatory Capital Component
CVE-2018-2856
8.1HIGH
Key Information:
- Vendor
- Oracle
- Vendor
- CVE Published:
- 19 April 2018
Summary
This vulnerability affects the Oracle Financial Services Basel Regulatory Capital Internal Ratings Based Approach, allowing low-privileged attackers with HTTP network access to exploit the flaw. Successful exploitation can result in unauthorized creation, deletion, or modification of critical data, potentially granting attackers complete access to sensitive information. Users of version 8.0.x are at risk and should take immediate action to secure their applications against these vulnerabilities.
References
CVSS V3.1
Score:
8.1
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved