CVE-2022-21474

Name of the Vulnerable Software and Affected Versions Oracle Banking Trade Finance version 14.5

Description The issue allows a low-privileged attacker with network access via HTTP to compromise Oracle Banking Trade Finance. Successful attacks require human interaction from a person other than the attacker and can result in unauthorized creation, deletion, or modification access to critical data, as well as unauthorized read access to a subset of Oracle Banking Trade Finance accessible data. Additionally, it can cause a partial denial of service (partial DOS) of Oracle Banking Trade Finance.

Recommendations For version 14.5, update to a version that includes the fix for this issue, as no specific workaround is provided for this version. At the moment, there is no information about a newer version that contains a fix for this vulnerability.