Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: System Configuration). Supported versions that are affected are 8.0.7.9, 8.0.8.7 and 8.1.2.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Financial Services Analytical Applications Infrastructure.
Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Financial Services Analytical Applications Infrastructure. CVSS 3.1 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).
Attack Parameters
Attack Vector
Network
Can be exploited remotely
Attack Complexity
Low
Easy to exploit
Privileges Required
None
No privileges needed
User Interaction
None
No user interaction needed
Impact Assessment
Confidentiality
None
No data leak
Integrity
None
No data modification
Availability
High
Complete denial of service
CVSS Vector v3.1
Weakness Type (CWE)
Vulnerable Products 3
| Configuration | From (including) | Up to (excluding) |
|---|---|---|
|
Oracle Financial_Services_Analytical_Applications_Infrastructure
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.9.0:*:*:*:*:*:*:*
|
— | — |
|
Oracle Financial_Services_Analytical_Applications_Infrastructure
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8.7.0:*:*:*:*:*:*:*
|
— | — |
|
Oracle Financial_Services_Analytical_Applications_Infrastructure
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.5.0:*:*:*:*:*:*:*
|
— | — |