Oracle Financial Services FLEXCUBE Direct Banking Vulnerability in Pre Login Component
CVE-2021-2141

2LOW

Key Information:

Vendor: Oracle
Status: Flexcube Direct Banking
Vendor: CVE Published:; 22 April 2021

What is CVE-2021-2141?

A vulnerability in Oracle FLEXCUBE Direct Banking's Pre Login component allows a high-privileged attacker with network access to exploit the system. Although difficult to exploit, it requires human interaction from an unsuspecting user, which poses a risk of unauthorized updates, insertions, or deletions of sensitive data. Maintainers of the product should take proactive measures to mitigate this vulnerability and ensure the integrity of their banking systems.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

FLEXCUBE Direct Banking 12.0.2

FLEXCUBE Direct Banking 12.0.3

References

https://www.oracle.com/security-alerts/cpuapr2021.html

x_refsource_MISC

CVSS V3.1

Score:

Severity:

LOW

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

High

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Apr 22, 2021
Vulnerability Reserved
Dec 9, 2020

JSON

Oracle