CVE-2023-22124

4 documents4 sources
Severity
5.4MEDIUM
EPSS
0.2%
top 60.93%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Oracle Corporation Banking Trade FinanceOracle Banking Trade Finance
Timeline
PublishedOct 17
Latest updateOct 18

Description

Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications (component: Infrastructure). Supported versions that are affected are 14.5-14.7. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Trade Finance. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Banking Trade Finance, attacks may significantly impact ad

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:NExploitability: 2.3 | Impact: 2.7

Affected Packages2 packages

NVDoracle/banking_trade_finance14.514.7

Patches

Patch: www.oracle.comPatch: www.oracle.com

🔴Vulnerability Details

2
GHSA
GHSA-jhcx-vwjq-7w4c: Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications (component: Infrastructure)2023-10-18
CVEList
CVE-2023-22124: Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications (component: Infrastructure)2023-10-17

📋Vendor Advisories

1
Oracle
Oracle Oracle Financial Services Applications Risk Matrix: Infrastructure — CVE-2023-221242023-10-15
CVE-2023-22124 (MEDIUM CVSS 5.4) | Vulnerability in the Oracle Banking | cvebase.io