← Back

CVE-2016-8311

nvd nist
Published: Jan 27, 2017Modified: May 13, 2026

JSON object

Loading...
6.5
Vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Exploitability: 2.8 / Impact: 3.6
Source: NVD

Description

Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Core). Supported versions that are affected are 11.3.0, 11.4.0, 12.0.1, 12.0.2, 12.0.3, 12.1.0 and 12.2.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Universal Banking. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle FLEXCUBE Universal Banking accessible data. CVSS v3.0 Base Score 6.5 (Confidentiality impacts).

Affected (7)

Oracle
1 product
Flexcube Universal Banking
Configuration A
7 vulnerable
Vulnerable SoftwareAffected Versions
Oracle
Flexcube Universal Banking
Version 11.3.0
Flexcube Universal Banking
Version 11.4.0
Flexcube Universal Banking
Version 12.0.1
Flexcube Universal Banking
Version 12.0.2
Flexcube Universal Banking
Version 12.0.3
Flexcube Universal Banking
Version 12.1.0
Flexcube Universal Banking
Version 12.2.0

Related CWEs

CWE-284
Improper Access Control
The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

References (6)

Source: secalert_us@oracle.com
PatchVendor Advisory
Source: secalert_us@oracle.com
Third Party AdvisoryVDB Entry
Source: secalert_us@oracle.com
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.