CVE-2022-21544
4 documents4 sources
Severity
7.1HIGH
EPSS
1.4%
top 19.86%
CISA KEV
Not in KEV
Exploit
No known exploits
Timeline
PublishedJul 19
Latest updateJul 20
Description
Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Infrastructure). Supported versions that are affected are 12.1-12.4, 14.0-14.3 and 14.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Universal Banking. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of…
CVSS vector
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:HExploitability: 1.2 | Impact: 5.9
Affected Packages2 packages
🔴Vulnerability Details
2GHSA▶
GHSA-925h-263v-w34r: Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Infrastructure)↗2022-07-20
CVEList▶
CVE-2022-21544: Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Infrastructure)↗2022-07-19
📋Vendor Advisories
1Oracle▶
Oracle Oracle Financial Services Applications Risk Matrix: Infrastructure — CVE-2022-21544↗2022-07-15