PT-2019-16497 · Oracle · Oracle Flexcube Universal Banking

Published

2019-07-23

Updated

2020-08-24

CVE-2019-2793

CVSS v2.0

3.5

Low

Vector

AV:N/AC:M/Au:S/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions Oracle FLEXCUBE Universal Banking versions 12.0.1 through 12.4.0 Oracle FLEXCUBE Universal Banking versions 14.0.0 through 14.2.0

Description The issue allows a low-privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Universal Banking. This requires human interaction from a person other than the attacker and can result in unauthorized ability to cause a partial denial of service of Oracle FLEXCUBE Universal Banking.

Recommendations For versions 12.0.1 through 12.4.0, update to a version outside of the affected range to resolve the issue. For versions 14.0.0 through 14.2.0, update to a version outside of the affected range to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2019-2793

Affected Products

Oracle Flexcube Universal Banking

PT-2019-16497 · Oracle · Oracle Flexcube Universal Banking

CVE-2019-2793

Related Identifiers

Affected Products

References · 3