CVE-2021-2448 in Financial Services Crime and Compliance Investigation Hub情報

要約

〜によって MITRE • 2021年07月21日

Vulnerability in the Oracle Financial Services Crime and Compliance Investigation Hub product of Oracle Financial Services Applications (component: Reports). The supported version that is affected is 20.1.2. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle Financial Services Crime and Compliance Investigation Hub executes to compromise Oracle Financial Services Crime and Compliance Investigation Hub. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Financial Services Crime and Compliance Investigation Hub, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Financial Services Crime and Compliance Investigation Hub accessible data as well as unauthorized read access to a subset of Oracle Financial Services Crime and Compliance Investigation Hub accessible data. CVSS 3.1 Base Score 3.7 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:N).

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

責任者

Oracle

予約する

2020年12月09日

モデレーション

承諾済み

エントリ

VDB-179075

EPSS

0.00287

アクティビティ

非常低い

ソース

Interested in the pricing of exploits?

See the underground prices here!