CVE

CVE-2017-3483

Date: (C)2017-04-26   (M)2023-12-22

Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral Management component of Oracle Financial Services Applications (subcomponent: Limits and Collateral). Supported versions that are affected are 12.0.0 and 12.1.0. Easily "exploitable" vulnerability allows high privileged attacker with logon to the infrastructure where Oracle FLEXCUBE Enterprise Limits and Collateral Management executes to compromise Oracle FLEXCUBE Enterprise Limits and Collateral Management. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle FLEXCUBE Enterprise Limits and Collateral Management accessible data. CVSS 3.0 Base Score 4.4 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N).

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:		CVSS V2 Severity:
CVSS Score : 4.4		CVSS Score : 4.9
Exploit Score: 0.8		Exploit Score: 3.9
Impact Score: 3.6		Impact Score: 6.9
CVSS V3 Metrics:		CVSS V2 Metrics:
Attack Vector: LOCAL		Access Vector: LOCAL
Attack Complexity: LOW		Access Complexity: LOW
Privileges Required: HIGH		Authentication: NONE
User Interaction: NONE		Confidentiality: COMPLETE
Scope: UNCHANGED		Integrity: NONE
Confidentiality: HIGH		Availability: NONE
Integrity: NONE
Availability: NONE

Reference:

SECTRACK-1038304

BID-97846

http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html