CVE-2021-2141

Vulnerability in the Oracle FLEXCUBE Direct Banking product of Oracle Financial Services Applications component: Pre Login. Supported versions that are affected are 12.0.2 and 12.0.3. Difficult to exploit vulnerability allows high privileged attacker with network access via Oracle Net to compromi...

CVE-2021-2323

Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications component: Flex-Branch. Supported versions that are affected are 12.3, 12.4, 14.0-14.4 and . Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to...

CVE-2020-14887

Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications component: Infrastructure. Supported versions that are affected are 12.3.0 and 14.0.0-14.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...

CVE-2020-2700

Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications component: Infrastructure. Supported versions that are affected are 12.0.1-12.4.0 and 14.0.0-14.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTT...

CVE-2020-2685

Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications component: Infrastructure. Supported versions that are affected are 12.0.1-12.4.0 and 14.0.0-14.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HT...

CVE-2020-14890

Vulnerability in the Oracle FLEXCUBE Direct Banking product of Oracle Financial Services Applications component: Pre Login. Supported versions that are affected are 12.0.1, 12.0.2 and 12.0.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromi...

CVE-2020-2722

Vulnerability in the Oracle FLEXCUBE Investor Servicing product of Oracle Financial Services Applications component: Infrastructure. Supported versions that are affected are 12.1.0-12.4.0 and 14.0.0-14.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via...

CVE-2020-2683

Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications component: Infrastructure. Supported versions that are affected are 12.0.1-12.4.0 and 14.0.0-14.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTT...

CVE-2020-14897

Vulnerability in the Oracle FLEXCUBE Direct Banking product of Oracle Financial Services Applications component: Pre Login. Supported versions that are affected are 12.0.1, 12.0.2 and 12.0.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromi...

CVE-2019-2979

Vulnerability in the Oracle FLEXCUBE Direct Banking product of Oracle Financial Services Applications component: Payments. Supported versions that are affected are 12.0.2 and 12.0.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

CVE-2019-2846

Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications subcomponent: Infrastructure. Supported versions that are affected are 12.0.1, 12.0.3, 12.0.4, 12.1.0, 12.3.0, 12.4.0, 14.0.0 and 14.1.0. Easily exploitable vulnerability allows...

CVE-2019-2845

Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications subcomponent: Infrastructure. Supported versions that are affected are 12.0.1, 12.0.3, 12.0.4, 12.1.0, 12.3.0, 12.4.0, 14.0.0 and 14.1.0. Easily exploitable vulnerability allows low...

CVE-2019-2841

Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications subcomponent: Infrastructure. Supported versions that are affected are 12.0.1, 12.0.3, 12.0.4, 12.1.0, 12.3.0, 12.4.0, 14.0.0 and 14.1.0. Easily exploitable vulnerability allows low...

CVE-2019-2980

Vulnerability in the Oracle FLEXCUBE Direct Banking product of Oracle Financial Services Applications component: eMail. Supported versions that are affected are 12.0.2 and 12.0.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

CVE-2022-21544

Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications component: Infrastructure. Supported versions that are affected are 12.1-12.4, 14.0-14.3 and 14.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HTT...

CVE-2020-14569

Vulnerability in the Oracle FLEXCUBE Investor Servicing product of Oracle Financial Services Applications component: Infrastructure. Supported versions that are affected are 12.1.0, 12.3.0, 12.4.0, 14.0.0 and 14.1.0. Easily exploitable vulnerability allows low privileged attacker with network...

CVE-2020-2699

Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications component: Infrastructure. Supported versions that are affected are 12.0.1-12.4.0 and 14.0.0-14.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTT...

CVE-2020-2723

Vulnerability in the Oracle FLEXCUBE Investor Servicing product of Oracle Financial Services Applications component: Infrastructure. Supported versions that are affected are 12.1.0-12.4.0 and 14.0.0-14.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via HT...

Vulnerabilities fixed in Oracle Financial Services Applications

Oracle has fixed vulnerabilities in several Financial Services applications. A malicious party could exploit the vulnerabilities to execute attacks that could result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Manipulation of data Remote code execution...

The vulnerability of the Infrastructure component of the Oracle FLEXCUBE Universal Banking system allows a perpetrator to gain access to read, modify, add, or delete data, or to cause service interruptions.

The vulnerability of the Infrastructure component of the Oracle FLEXCUBE Universal Banking system is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to read, modify, add, or delete data, or to cause service...