CVE-2020-2720

CVE-2020-2720 affects Oracle FLEXCUBE Investor Servicing (Oracle Financial Services Applications), specifically the Infrastructure component, with affected versions 12.1.0-12.4.0 and 14.0.0-14.1.0. The vulnerability enables a low-privilege, unauthenticated or minimally authenticated attacker with...

CVE-2020-2724

CVE-2020-2724 affects Oracle FLEXCUBE Investor Servicing (Oracle Financial Services Applications), specifically the Infrastructure component. AFFECTED VERSIONS: 12.1.0–12.4.0 and 14.0.0–14.1.0. ROOT CAUSE: a low-privilege, network-accessible (HTTP) vulnerability that can lead to unauthorized read...

CVE-2020-2684

Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications component: Infrastructure. Supported versions that are affected are 12.0.1-12.4.0 and 14.0.0-14.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTT...

CVE-2020-2699

Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications component: Infrastructure. Supported versions that are affected are 12.0.1-12.4.0 and 14.0.0-14.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTT...

CVE-2020-2684

CVE-2020-2684 affects Oracle FLEXCUBE Universal Banking (Infrastructure). Affected versions are 12.0.1–12.4.0 and 14.0.0–14.3.0. The vulnerability is exploitable by a low-privileged attacker with network access via HTTP and can lead to unauthorized access to critical data or the entire Oracle FLE...

CVE-2020-2685

The CVE-2020-2685 entry concerns Oracle FLEXCUBE Universal Banking (Infrastructure) with affected versions 12.0.1–12.4.0 and 14.0.0–14.3.0. The vulnerability supports network access via HTTP and is exploitable by an unauthenticated attacker, though user interaction is required (UI: Required). The...

CVE-2020-2699

CVE-2020-2699 affects Oracle FLEXCUBE Universal Banking (component: Infrastructure). Vulnerable versions: 12.0.1–12.4.0 and 14.0.0–14.3.0. Low-privileged attacker with network access via HTTP can compromise Oracle FLEXCUBE Universal Banking, potentially leading to unauthorized access to critical ...

CVE-2020-2700

CVE-2020-2700 affects Oracle FLEXCUBE Universal Banking (Infrastructure) with affected versions 12.0.1–12.4.0 and 14.0.0–14.3.0. The vulnerability allows a low-privileged attacker with network access via HTTP to read a subset of data from the system. The root cause and exact vulnerable component ...

CVE-2020-2683

The CVE-2020-2683 entry concerns Oracle FLEXCUBE Universal Banking (Oracle Financial Services Applications), specifically the Infrastructure component. Affected versions are 12.0.1–12.4.0 and 14.0.0–14.3.0. The vulnerability allows a low-privileged, network-attached attacker (HTTPS) to read and m...

Oracle January 2020 Critical Patch Update Multiple Vulnerabilities

Description Oracle has released advance notification regarding the January 2020 Critical Patch Update CPU to be released on January 14, 2020. The update addresses 333 vulnerabilities affecting the following software: Oracle Database Server, versions 12.2.0.1, 18c, 19c Oracle Communications Design...

CVE-2019-2979

Vulnerability in the Oracle FLEXCUBE Direct Banking product of Oracle Financial Services Applications component: Payments. Supported versions that are affected are 12.0.2 and 12.0.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

CVE-2019-2979

CVE-2019-2979 is a vulnerability in Oracle FLEXCUBE Direct Banking (Payments) affecting 12.0.2 and 12.0.3. The issue allows a low-privileged, network-accessible attacker (via HTTP) to compromise the product, with successful exploits requiring user interaction from someone other than the attacker....

CVE-2019-2840

Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications subcomponent: Infrastructure. Supported versions that are affected are 12.0.1-12.0.3, 12.1.0-12.4.0 and 14.0.0-14.2.0. Easily exploitable vulnerability allows low privileged attacker with...

CVE-2019-2846

Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications subcomponent: Infrastructure. Supported versions that are affected are 12.0.1, 12.0.3, 12.0.4, 12.1.0, 12.3.0, 12.4.0, 14.0.0 and 14.1.0. Easily exploitable vulnerability allows...

CVE-2019-2847

Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications subcomponent: Infrastructure. Supported versions that are affected are 12.0.1, 12.0.3, 12.0.4, 12.1.0, 12.3.0, 12.4.0, 14.0.0 and 14.1.0. Easily exploitable vulnerability allows low...

CVE-2019-2845

Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications subcomponent: Infrastructure. Supported versions that are affected are 12.0.1, 12.0.3, 12.0.4, 12.1.0, 12.3.0, 12.4.0, 14.0.0 and 14.1.0. Easily exploitable vulnerability allows low...

CVE-2019-2794

Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications subcomponent: Infrastructure. Supported versions that are affected are 12.0.1-12.0.3, 12.1.0-12.4.0 and 14.0.0-14.2.0. Easily exploitable vulnerability allows unauthenticated attacker with...

Design/Logic Flaw

Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications subcomponent: Infrastructure. Supported versions that are affected are 12.0.1-12.0.3, 12.1.0-12.4.0 and 14.0.0-14.2.0. Easily exploitable vulnerability allows unauthenticated attacker with...

Design/Logic Flaw

Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications subcomponent: Infrastructure. Supported versions that are affected are 12.0.1-12.0.3, 12.1.0-12.4.0 and 14.0.0-14.2.0. Easily exploitable vulnerability allows low privileged attacker with...

CVE-2019-2843

Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications subcomponent: Infrastructure. Supported versions that are affected are 12.0.1, 12.0.3, 12.0.4, 12.1.0, 12.3.0, 12.4.0, 14.0.0 and 14.1.0. Easily exploitable vulnerability allows low...