Skip to main content

Banking Corporate Lending CVE-2020-2719

MEDIUM
2020-01-15 secalert_us@oracle.com
4.3
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
4.3 MEDIUM
AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
None

Lifecycle Timeline

1
CVE Published
Jan 15, 2020 - 17:15 nvd
MEDIUM 4.3

DescriptionNVD

Vulnerability in the Oracle Banking Corporate Lending product of Oracle Financial Services Applications (component: Core). Supported versions that are affected are 12.3.0-12.4.0 and 14.0.0-14.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Corporate Lending. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Banking Corporate Lending accessible data. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).

AnalysisAI

Vulnerability in the Oracle Banking Corporate Lending product of Oracle Financial Services Applications (component: Core). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Technical ContextAI

Vulnerability in the Oracle Banking Corporate Lending product of Oracle Financial Services Applications (component: Core). Supported versions that are affected are 12.3.0-12.4.0 and 14.0.0-14.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Corporate Lending. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Banking Corporate Lending accessible data. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N). Affected products include: Oracle Banking Corporate Lending.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2019-3778 MEDIUM POC
6.5 Mar 07

Spring Security OAuth, versions 2.3 prior to 2.3.5, and 2.2 prior to 2.2.4, and 2.1 prior to 2.1.4, and 2.0 prior to 2.0

CVE-2018-2706 HIGH
8.8 Jan 18

Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent:

CVE-2018-3050 HIGH
8.1 Jul 18

Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent:

CVE-2018-2707 HIGH
8.1 Jan 18

Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent:

CVE-2020-2718 HIGH
7.1 Jan 15

Vulnerability in the Oracle Banking Corporate Lending product of Oracle Financial Services Applications (component: Core

CVE-2018-2746 HIGH
7.1 Apr 19

Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent:

CVE-2020-14894 MEDIUM
6.5 Oct 21

Vulnerability in the Oracle Banking Corporate Lending product of Oracle Financial Services Applications (component: Core

CVE-2020-2716 MEDIUM
6.5 Jan 15

Vulnerability in the Oracle Banking Corporate Lending product of Oracle Financial Services Applications (component: Core

CVE-2018-3040 MEDIUM
6.5 Jul 18

Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent:

CVE-2018-2747 MEDIUM
6.5 Apr 19

Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent:

CVE-2018-3036 MEDIUM
6.3 Jul 18

Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent:

CVE-2018-2895 MEDIUM
6.1 Jul 18

Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent:

Share

CVE-2020-2719 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy