Security Flaw in Oracle FLEXCUBE Financial Services Applications
CVE-2018-3037
Key Information:
- Vendor
- Oracle
- Vendor
- CVE Published:
- 18 July 2018
Summary
A security vulnerability exists in the FLEXCUBE Enterprise Limits and Collateral Management component of Oracle Financial Services Applications. This flaw allows low-privileged attackers with network access via HTTP to gain unauthorized access to sensitive functionalities. Attackers can potentially modify, insert, or delete accessible data, and access certain data without authorization. Furthermore, the vulnerability may enable attackers to initiate a partial denial of service, affecting the availability of the impacted system.
Affected Version(s)
FLEXCUBE Enterprise Limits and Collateral Management 12.3.0
FLEXCUBE Enterprise Limits and Collateral Management 14.0.0
FLEXCUBE Enterprise Limits and Collateral Management 14.1.0
References
CVSS V3.1
Timeline
Vulnerability published
Vulnerability Reserved