CVE Vulnerabilities

CVE-2019-2793

Published: Jul 23, 2019 | Modified: Aug 24, 2020
CVSS 3.x
3.5
LOW
Source:
NVD
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L
CVSS 2.x
3.5 LOW
AV:N/AC:M/Au:S/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu

Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Infrastructure). Supported versions that are affected are 12.0.1-12.0.3, 12.1.0-12.4.0 and 14.0.0-14.2.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Universal Banking. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle FLEXCUBE Universal Banking. CVSS 3.0 Base Score 3.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L).

Affected Software

Name Vendor Start Version End Version
Flexcube_universal_banking Oracle 12.0.1 (including) 12.0.3 (including)
Flexcube_universal_banking Oracle 12.1.0 (including) 12.4.0 (including)
Flexcube_universal_banking Oracle 14.0.0 (including) 14.2.0 (including)

References