Unauthorized Access Vulnerability in Oracle Financial Services Analytical Applications Infrastructure
CVE-2026-34313

6.5MEDIUM

Key Information:

Vendor: Oracle
Status: Oracle Financial Services Analytical Applications Infrastructure
Vendor: CVE Published:; 21 April 2026

What is CVE-2026-34313?

A vulnerability exists in Oracle Financial Services Analytical Applications Infrastructure that can be exploited by a low privileged attacker with network access via HTTP. This weakness allows unauthorized access to critical data, potentially compromising the confidentiality of sensitive information stored within the application. Users of affected versions (8.0.7.9, 8.0.8.7, and 8.1.2.5) are urged to assess their security measures and prioritize the application of security patches to mitigate the risk of exploitation. Successful attacks can lead to complete access to all accessible data within the infrastructure.

Affected Version(s)

Oracle Financial Services Analytical Applications Infrastructure 8.0.7.9

Oracle Financial Services Analytical Applications Infrastructure 8.0.8.7

Oracle Financial Services Analytical Applications Infrastructure 8.1.2.5

References

https://www.oracle.com/security-alerts/cpuapr2026.html

vendor-advisory

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 21, 2026
Vulnerability Reserved
Mar 26, 2026

CVE-2026-34313 Data

JSON