CVE-2019-2846
CVE-2019-2846
Vexday Risk Score
3Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS —EPSS 1.3%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
23 jul 2019Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Infrastructure). Supported versions that are affected are 12.0.1, 12.0.3, 12.0.4, 12.1.0, 12.3.0, 12.4.0, 14.0.0 and 14.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle FLEXCUBE Investor Servicing. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle FLEXCUBE Investor Servicing accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).
Produtos afetados
Oracle Corporation · FLEXCUBE Investor Servicing