PT-2026-3720 · Oracle · Oracle Flexcube Investor Servicing

Kritnarong Samertung

Publicado

2026-01-20

Atualizado

2026-02-02

CVE-2026-21973

CVSS v3.1

8.1

Alta

Vetor

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Name of the Vulnerable Software and Affected Versions Oracle FLEXCUBE Investor Servicing versions 14.5.0.15.0 through 14.8.0.1.0

Description A security issue exists within the Security Management System component of the Oracle FLEXCUBE Investor Servicing product. A low-privileged attacker with network access via HTTP can compromise the system. Successful exploitation may lead to unauthorized data modification, deletion, or creation, potentially granting access to critical or all accessible data.

Recommendations Update Oracle FLEXCUBE Investor Servicing version 14.5.0.15.0 to a later version. Update Oracle FLEXCUBE Investor Servicing version 14.7.0.8.0 to a later version. Update Oracle FLEXCUBE Investor Servicing version 14.8.0.1.0 to a later version.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2026-21973

Produtos afetados

Oracle Flexcube Investor Servicing

PT-2026-3720 · Oracle · Oracle Flexcube Investor Servicing

CVE-2026-21973

Identificadores relacionados

Produtos afetados

Referências · 5