Lucene search
K

4 matches found

Packet Storm
Packet Storm
added 2018/01/24 12:0 a.m.121 views

Oracle Financial Services Analytical Applications 7.3.5.x / 8.0.x XXE Injection / XSS

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: XXE & Reflected XSS product: Oracle Financial Services Analytical Applications vulnerable version: 7.3.5.x, 8.0.x fixed version: Oracle CPU January 2018 CVE number:...

7.1AI score0.01308EPSS
Exploits3
NVD
NVD
added 2018/01/18 2:29 a.m.39 views

CVE-2018-2660

Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure component of Oracle Financial Services Applications subcomponent: Core. Supported versions that are affected are 7.3.5.x and 8.0.x. Easily exploitable vulnerability allows low privileged attacker with network...

7.4CVSS6.6AI score0.01055EPSS
Exploits3References3
Vulnrichment
Vulnrichment
added 2018/01/18 2:0 a.m.3 views

CVE-2018-2660

Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure component of Oracle Financial Services Applications subcomponent: Core. Supported versions that are affected are 7.3.5.x and 8.0.x. Easily exploitable vulnerability allows low privileged attacker with network...

5.5AI score0.01055EPSS
Exploits3References3
CVE
CVE
added 2018/01/18 2:0 a.m.54 views

CVE-2018-2660

CVE-2018-2660 affects Oracle Financial Services Analytical Applications Infrastructure (OFSAA) Core in 7.3.5.x and 8.0.x. The issue is an XML External Entity (XXE) injection via XML import, enabling a low-privilege, network-access attacker to read data and potentially cause partial DOS; exploit e...

7.4CVSS6.8AI score0.01055EPSS
Exploits3References3Affected Software1
Rows per page
Query Builder