CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2017-10103
https://notcve.org/view.php?id=CVE-2017-10103
Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications (subcomponent: Miscellaneous). Supported versions that are affected are 2.0.0, 2.0.1, 2.2.0 and 12.0.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Private Banking. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle FLEXCUBE Private Banking accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). • http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html http://www.securityfocus.com/bid/99750 http://www.securitytracker.com/id/1038934 • CWE-269: Improper Privilege Management •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2017-10006
https://notcve.org/view.php?id=CVE-2017-10006
Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications (subcomponent: Miscellaneous). Supported versions that are affected are 2.0.0, 2.0.1, 2.2.0 and 12.0.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Private Banking. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle FLEXCUBE Private Banking accessible data. CVSS 3.0 Base Score 6.5 (Integrity impacts). • http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html http://www.securityfocus.com/bid/99716 http://www.securitytracker.com/id/1038934 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2017-10012
https://notcve.org/view.php?id=CVE-2017-10012
Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications (subcomponent: Operations). Supported versions that are affected are 2.0.0, 2.0.1, 2.2.0 and 12.0.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Private Banking. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle FLEXCUBE Private Banking accessible data as well as unauthorized read access to a subset of Oracle FLEXCUBE Private Banking accessible data. CVSS 3.0 Base Score 5.4 (Confidentiality and Integrity impacts). • http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html http://www.securityfocus.com/bid/99862 http://www.securitytracker.com/id/1038934 •
CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0CVE-2017-10008
https://notcve.org/view.php?id=CVE-2017-10008
Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications (subcomponent: Miscellaneous). Supported versions that are affected are 2.0.0, 2.0.1, 2.2.0 and 12.0.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Private Banking. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle FLEXCUBE Private Banking accessible data. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). • http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html http://www.securityfocus.com/bid/100266 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2017-10011
https://notcve.org/view.php?id=CVE-2017-10011
Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications (subcomponent: Miscellaneous). Supported versions that are affected are 2.0.0, 2.0.1, 2.2.0 and 12.0.1. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle FLEXCUBE Private Banking executes to compromise Oracle FLEXCUBE Private Banking. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle FLEXCUBE Private Banking accessible data. CVSS 3.0 Base Score 5.5 (Confidentiality impacts). • http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html http://www.securityfocus.com/bid/99675 http://www.securitytracker.com/id/1038934 •