- Description
- Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 12.0.2 and 12.0.3 allows remote attackers to affect confidentiality and integrity via vectors related to the Login sub-component.
- Source
- secalert_us@oracle.com
- NVD status
- Modified
CVSS 3.0
- Type
- Primary
- Base score
- 9.1
- Impact score
- 5.2
- Exploitability score
- 3.9
- Vector string
- CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
- Severity
- CRITICAL
CVSS 2.0
- Type
- Primary
- Base score
- 9.4
- Impact score
- 9.2
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:C/I:C/A:N
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:flexcube_direct_banking:12.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DC13CF11-2880-41FA-9534-7874904FDD82"
},
{
"criteria": "cpe:2.3:a:oracle:flexcube_direct_banking:12.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FA84D97F-A400-4D39-B60A-63F3407E2B68"
}
],
"operator": "OR"
}
]
}
]