Oracle Banking Trade Finance Vulnerability in Oracle Financial Services Applications
CVE-2023-22125
5.4MEDIUM
Summary
A security flaw exists in the Oracle Banking Trade Finance product of Oracle Financial Services Applications. This vulnerability allows low-privileged attackers with network access via HTTP to compromise the system. Successful exploitation requires interaction from a third party, potentially broadening the attack surface. While primarily affecting Oracle Banking Trade Finance, the ramifications may extend to associated products. An attacker may gain unauthorized capabilities to update, insert, or delete sensitive data, as well as read access to certain accessible information, posing a significant risk to data integrity and confidentiality.
Affected Version(s)
Banking Trade Finance 14.5 <= 14.7
References
CVSS V3.1
Score:
5.4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved