CVSS: 5.4EPSS: 0%CPEs: 7EXPL: 0CVE-2016-8304
https://notcve.org/view.php?id=CVE-2016-8304
Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Core). Supported versions that are affected are 11.3.0, 11.4.0, 12.0.1, 12.0.2, 12.0.3, 12.1.0 and 12.2.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Universal Banking. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle FLEXCUBE Universal Banking, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle FLEXCUBE Universal Banking accessible data as well as unauthorized read access to a subset of Oracle FLEXCUBE Universal Banking accessible data. • http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html http://www.securityfocus.com/bid/95550 http://www.securitytracker.com/id/1037636 • CWE-284: Improper Access Control •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0CVE-2016-8310
https://notcve.org/view.php?id=CVE-2016-8310
Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Core). Supported versions that are affected are 11.3.0, 11.4.0, 12.0.1, 12.0.2, 12.0.3, 12.1.0 and 12.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle FLEXCUBE Universal Banking. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle FLEXCUBE Universal Banking accessible data as well as unauthorized read access to a subset of Oracle FLEXCUBE Universal Banking accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle FLEXCUBE Universal Banking. CVSS v3.0 Base Score 7.3 (Confidentiality, Integrity and Availability impacts). • http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html http://www.securityfocus.com/bid/95545 http://www.securitytracker.com/id/1037636 • CWE-254: 7PK - Security Features •
CVSS: 5.0EPSS: 0%CPEs: 5EXPL: 0CVE-2016-5594
https://notcve.org/view.php?id=CVE-2016-5594
Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.3.0, 11.4.0, and 12.0.1 through 12.0.3 allows remote authenticated users to affect confidentiality via vectors related to INFRA. Vulnerabilidad no especificada en el componente Oracle FLEXCUBE Universal Banking en Oracle Financial Services Applications 11.3.0, 11.4.0 y 12.0.1 hasta la versión 12.0.3 permite a usuarios remotos autenticados afectar la confidencialidad a través de vectores relacionados con INFRA. • http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html http://www.securityfocus.com/bid/93616 http://www.securitytracker.com/id/1037049 • CWE-284: Improper Access Control •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2016-5502
https://notcve.org/view.php?id=CVE-2016-5502
Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.3.0, 11.4.0, 12.0.1 through 12.0.3 allows remote authenticated users to affect confidentiality and integrity via vectors related to INFRA. Vulnerabilidad no especificada en el componente Oracle FLEXCUBE Universal Banking en Oracle Financial Services Applications 11.3.0, 11.4.0, 12.0.1 hasta la versión 12.0.3 permite a usuarios remotos autenticados afectar la confidencialidad y la integridad a través de vectores relacionados con INFRA. • http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html http://www.securityfocus.com/bid/93656 http://www.securitytracker.com/id/1037049 • CWE-284: Improper Access Control •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2016-5622
https://notcve.org/view.php?id=CVE-2016-5622
Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.3.0, 11.4.0, 12.0.1 through 12.0.3, 12.1.0, and 12.2.0 allows remote attackers to affect confidentiality and integrity via vectors related to INFRA. Vulnerabilidad no especificada en el componente Oracle FLEXCUBE Universal Banking en Oracle Financial Services Applications 11.3.0, 11.4.0, 12.0.1 hasta la versión 12.0.3, 12.1.0 y 12.2.0 permite a atacantes remotos afectar la confidencialidad y la integridad a través de vectores relacionados con INFRA. • http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html http://www.securityfocus.com/bid/93666 http://www.securitytracker.com/id/1037049 • CWE-284: Improper Access Control •