CVE-2018-2706

Name of the Vulnerable Software and Affected Versions Oracle Banking Corporate Lending versions 12.3.0 through 12.4.0

Description The issue allows a low-privileged attacker with network access via HTTP to compromise Oracle Banking Corporate Lending, potentially resulting in a takeover. This can be achieved due to an easily exploitable vulnerability in the Core module of the Oracle Banking Corporate Lending component.

Recommendations For versions 12.3.0 and 12.4.0, update to a version that includes a fix for this issue to prevent potential exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.