oracle financial-services-data-foundation CVE-2020-2964 is a vulnerability in Oracle Financial Services Data Foundation
Published on April 15, 2020

Vulnerability in the Oracle Financial Services Data Foundation product of Oracle Financial Services Applications (component: User Interface). Supported versions that are affected are 8.0.6 - 8.0.9. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Financial Services Data Foundation. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Financial Services Data Foundation accessible data as well as unauthorized read access to a subset of Oracle Financial Services Data Foundation accessible data. CVSS 3.0 Base Score 7.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N).

NVD


Products Associated with CVE-2020-2964

Want to know whenever a new CVE is published for Oracle Financial Services Data Foundation? stack.watch will email you.

Oracle Financial Services Data Foundation
 

Affected Versions

Oracle Corporation Financial Services Data Foundation Version 8.0.6 - 8.0.9 is affected by CVE-2020-2964

Exploit Probability

EPSS
0.38%
Percentile
59.09%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.