CVE-2016-8323

Published: Jan 27, 2017Modified: May 13, 2026

5.4

Vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

Exploitability: 2.8 / Impact: 2.5

Source: NVD

Description

Vulnerability in the Oracle FLEXCUBE Core Banking component of Oracle Financial Services Applications (subcomponent: Core). Supported versions that are affected are 5.1.0, 5.2.0 and 11.5.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Core Banking. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle FLEXCUBE Core Banking accessible data as well as unauthorized read access to a subset of Oracle FLEXCUBE Core Banking accessible data. CVSS v3.0 Base Score 5.4 (Confidentiality and Integrity impacts).

Affected (3)

Products: Oracle: Flexcube Core Banking

1 product

Flexcube Core Banking

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Oracle Flexcube Core Banking	Version 11.5.0
Oracle Flexcube Core Banking	Version 5.1.0
Oracle Flexcube Core Banking	Version 5.2.0

Related CWEs

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

References (6)

http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html

Source: secalert_us@oracle.com

PatchVendor Advisory

http://www.securityfocus.com/bid/95556

Source: secalert_us@oracle.com

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1037636

Source: secalert_us@oracle.com

http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.securityfocus.com/bid/95556

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1037636

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.