Vulnerability in Oracle Banking Trade Finance by Oracle
CVE-2022-21582

6.7MEDIUM

Key Information:

Vendor: Oracle
Status: Banking Trade Finance
Vendor: CVE Published:; 19 July 2022

Summary

A vulnerability has been identified in Oracle Banking Trade Finance, permitting a low privileged attacker with network access via HTTP to exploit the system. This vulnerability necessitates human interaction from another individual, making it challenging to exploit. If successfully executed, it could lead to unauthorized creation, deletion, or modification of vital data, impacting confidentiality and integrity. Additionally, this flaw could allow attackers to gain unauthorized access to critical banking data or even cause partial denial of service, potentially disrupting operations.

Affected Version(s)

Banking Trade Finance 14.5

References

https://www.oracle.com/security-alerts/cpujul2022.html

x_refsource_MISC

CVSS V3.1

Score:

6.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jul 19, 2022
Vulnerability Reserved
Nov 15, 2021