Oracle FSA Application Infra UI Remote Exploit 8.0.7.98.1.2.5 (CVE202634321)
CVE-2026-34321 Published on April 21, 2026
Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: User Interface). Supported versions that are affected are 8.0.7.9, 8.0.8.7 and 8.1.2.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Financial Services Analytical Applications Infrastructure. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Financial Services Analytical Applications Infrastructure accessible data. CVSS 3.1 Base Score 4.8 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N).
Vulnerability Analysis
CVE-2026-34321 can be exploited with network access, requires user interaction and a small amount of user privileges. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.
Weakness Type
What is an AuthZ Vulnerability?
The software does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.
CVE-2026-34321 has been classified to as an AuthZ vulnerability or weakness.
Products Associated with CVE-2026-34321
stack.watch emails you whenever new vulnerabilities are published in Oracle or Oracle Financial Services Analytical Applications Infrastructure. Just hit a watch button to start following.
Affected Versions
Oracle Corporation Oracle Financial Services Analytical Applications Infrastructure:- Version 8.0.7.9 is affected.
- Version 8.0.8.7 is affected.
- Version 8.1.2.5 is affected.