Access Control Vulnerability in Oracle Financial Services Analytical Applications
CVE-2026-34314

6.8MEDIUM

Key Information:

Vendor: Oracle
Status: Oracle Financial Services Analytical Applications Infrastructure
Vendor: CVE Published:; 21 April 2026

What is CVE-2026-34314?

A vulnerability exists in the Oracle Financial Services Analytical Applications Infrastructure, allowing a low-privileged attacker with network access via HTTP to manipulate critical data. Attackers can exploit this issue to create, delete, or modify sensitive data, leading to unauthorized access to all accessible data within Oracle Financial Services Analytical Applications Infrastructure. This vulnerability poses a significant risk to data confidentiality and integrity, making it essential for organizations to apply the necessary patches.

Affected Version(s)

Oracle Financial Services Analytical Applications Infrastructure 8.0.7.9

Oracle Financial Services Analytical Applications Infrastructure 8.0.8.7

Oracle Financial Services Analytical Applications Infrastructure 8.1.2.5

References

https://www.oracle.com/security-alerts/cpuapr2026.html

vendor-advisory

CVSS V3.1

Score:

6.8

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 21, 2026
Vulnerability Reserved
Mar 26, 2026

CVE-2026-34314 Data

JSON