Security Flaw in Oracle FLEXCUBE Financial Services Applications
CVE-2018-3045

5.4MEDIUM

Key Information:

Vendor: Oracle
Status: Flexcube Enterprise Limits And Collateral Management
Vendor: CVE Published:; 18 July 2018

🔔 Create Oracle Vulnerability Alert

What is CVE-2018-3045?

This vulnerability affects the Oracle FLEXCUBE Enterprise Limits and Collateral Management component, allowing low-privileged attackers with network access through HTTP to manipulate data. Exploitation can lead to unauthorized modifications, such as updating, inserting, or deleting accessible data, as well as unauthorized read access to specific data sets within the system.

Affected Version(s)

FLEXCUBE Enterprise Limits and Collateral Management 12.3.0

FLEXCUBE Enterprise Limits and Collateral Management 14.0.0

FLEXCUBE Enterprise Limits and Collateral Management 14.1.0

References

http://www.oracle.com/technetwork/security-advisory/cpuju...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/104801

vdb-entryx_refsource_BID

http://www.securitytracker.com/id/1041307

vdb-entryx_refsource_SECTRACK

CVSS V3.1

Score:

5.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 18, 2018
Vulnerability Reserved
Dec 15, 2017

.