← Back

CVE-2018-2728

nvd nist
Published: Jan 18, 2018Modified: Nov 21, 2024

JSON object

Loading...
6.1
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Exploitability: 2.8 / Impact: 2.7
Source: NVD

Description

Vulnerability in the Oracle Financial Services Funds Transfer Pricing component of Oracle Financial Services Applications (subcomponent: User Interface). Supported versions that are affected are 6.1.x and 8.0.x. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Financial Services Funds Transfer Pricing. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Financial Services Funds Transfer Pricing, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Financial Services Funds Transfer Pricing accessible data as well as unauthorized read access to a subset of Oracle Financial Services Funds Transfer Pricing accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).

Affected (13)

Oracle
1 product
Financial Services Funds Transfer Pricing
Configuration A
13 vulnerable
Vulnerable SoftwareAffected Versions
Oracle
Financial Services Funds Transfer Pricing
Version 6.1.0.0.0
Financial Services Funds Transfer Pricing
Version 6.1.0.2.2
Financial Services Funds Transfer Pricing
Version 6.1.1.0.0
Financial Services Funds Transfer Pricing
Version 8.0.0.0.0
Financial Services Funds Transfer Pricing
Version 8.0.0.1.0
Financial Services Funds Transfer Pricing
Version 8.0.1.0.0
Financial Services Funds Transfer Pricing
Version 8.0.2.0.0
Financial Services Funds Transfer Pricing
Version 8.0.3.0.0
Financial Services Funds Transfer Pricing
Version 8.0.3.0.1
Financial Services Funds Transfer Pricing
Version 8.0.3.0.2
Financial Services Funds Transfer Pricing
Version 8.0.3.0.3
Financial Services Funds Transfer Pricing
Version 8.0.4.0.0
Financial Services Funds Transfer Pricing
Version 8.0.5.0.0

References (6)

Source: secalert_us@oracle.com
PatchVendor Advisory
Source: secalert_us@oracle.com
Third Party AdvisoryVDB Entry
Source: secalert_us@oracle.com
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry

Timeline

No history available yet.