6.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
6.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
5.6 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
36.9%
Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent: Core module). Supported versions that are affected are 12.3.0, 12.4.0, 12.5.0, 14.0.0 and 14.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Corporate Lending. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Banking Corporate Lending accessible data as well as unauthorized read access to a subset of Oracle Banking Corporate Lending accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Banking Corporate Lending. CVSS 3.0 Base Score 6.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L).
Vendor | Product | Version | CPE |
---|---|---|---|
oracle | banking_corporate_lending | * | cpe:2.3:a:oracle:banking_corporate_lending:*:*:*:*:*:*:*:* |
oracle | banking_corporate_lending | * | cpe:2.3:a:oracle:banking_corporate_lending:*:*:*:*:*:*:*:* |
oracle | banking_corporate_lending | * | cpe:2.3:a:oracle:banking_corporate_lending:*:*:*:*:*:*:*:* |
oracle | banking_corporate_lending | * | cpe:2.3:a:oracle:banking_corporate_lending:*:*:*:*:*:*:*:* |
oracle | banking_corporate_lending | * | cpe:2.3:a:oracle:banking_corporate_lending:*:*:*:*:*:*:*:* |
[
{
"product": "Banking Corporate Lending",
"vendor": "Oracle Corporation",
"versions": [
{
"status": "affected",
"version": "12.3.0"
},
{
"status": "affected",
"version": "12.4.0"
},
{
"status": "affected",
"version": "12.5.0"
},
{
"status": "affected",
"version": "14.0.0"
},
{
"status": "affected",
"version": "14.1.0"
}
]
}
]
6.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
6.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
5.6 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
36.9%