Unauthorized Data Manipulation Vulnerability in Oracle Financial Services Applications
CVE-2020-14605

6.5MEDIUM

Key Information:

Vendor: Oracle
Status: Financial Services Analytical Applications Infrastructure
Vendor: CVE Published:; 15 July 2020

What is CVE-2020-14605?

A security flaw in the Oracle Financial Services Analytical Applications Infrastructure allows an attacker with low privileges and network access via HTTP to manipulate sensitive data. Exploiting this vulnerability could lead to the unauthorized creation, deletion, or modification of critical data stored within the system. Organizations using affected versions must prioritize mitigation measures to protect their data integrity.

Affected Version(s)

Financial Services Analytical Applications Infrastructure 8.0.6-8.1.0

References

https://www.oracle.com/security-alerts/cpujul2020.html

x_refsource_MISC

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 15, 2020
Vulnerability Reserved
Jun 19, 2020