Oracle Banking Corporate Lending vulnerabilities

24 known vulnerabilities affecting oracle/banking_corporate_lending.

Total CVEs

CISA KEV

Public exploits

Exploited in wild

Severity breakdown

HIGH5MEDIUM19

Vulnerabilities

Page 1 of 2

CVE-2020-14894MEDIUMCVSS 6.5≥ 14.0.0, ≤ 14.4.0v12.3.02020-10-21

CVE-2020-14894 [MEDIUM] CVE-2020-14894: Vulnerability in the Oracle Banking Corporate Lending product of Oracle Financial Services Applicati Vulnerability in the Oracle Banking Corporate Lending product of Oracle Financial Services Applications (component: Core). Supported versions that are affected are 12.3.0 and 14.0.0-14.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Corporate Lending. Successful attacks of this v

nvd

CVE-2020-2718HIGHCVSS 7.1≥ 12.3.0, ≤ 12.4.0≥ 14.0.0, ≤ 14.3.02020-01-15

CVE-2020-2718 [HIGH] CVE-2020-2718: Vulnerability in the Oracle Banking Corporate Lending product of Oracle Financial Services Applicati Vulnerability in the Oracle Banking Corporate Lending product of Oracle Financial Services Applications (component: Core). Supported versions that are affected are 12.3.0-12.4.0 and 14.0.0-14.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Corporate Lending. Successful attacks of thi

nvd

CVE-2020-2719MEDIUMCVSS 4.3≥ 12.3.0, ≤ 12.4.0≥ 14.0.0, ≤ 14.3.02020-01-15

CVE-2020-2719 [MEDIUM] CVE-2020-2719: Vulnerability in the Oracle Banking Corporate Lending product of Oracle Financial Services Applicati Vulnerability in the Oracle Banking Corporate Lending product of Oracle Financial Services Applications (component: Core). Supported versions that are affected are 12.3.0-12.4.0 and 14.0.0-14.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Corporate Lending. Successful attacks of t

nvd

CVE-2020-2715MEDIUMCVSS 5.4≥ 12.3.0, ≤ 12.4.0≥ 14.0.0, ≤ 14.3.02020-01-15

CVE-2020-2715 [MEDIUM] CVE-2020-2715: Vulnerability in the Oracle Banking Corporate Lending product of Oracle Financial Services Applicati Vulnerability in the Oracle Banking Corporate Lending product of Oracle Financial Services Applications (component: Core). Supported versions that are affected are 12.3.0-12.4.0 and 14.0.0-14.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Corporate Lending. Successful attacks of t

nvd

CVE-2020-2717MEDIUMCVSS 5.4≥ 14.0.0, ≤ 14.3.0v12.3.0+1 more2020-01-15

CVE-2020-2717 [MEDIUM] CVE-2020-2717: Vulnerability in the Oracle Banking Corporate Lending product of Oracle Financial Services Applicati Vulnerability in the Oracle Banking Corporate Lending product of Oracle Financial Services Applications (component: Core). Supported versions that are affected are 12.3.0-12.4.0 and 14.0.0-14.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Banking Corporate Lending. Successful attacks req

nvd

CVE-2020-2716MEDIUMCVSS 6.5≥ 14.0.0, ≤ 14.3.0v12.3.0+1 more2020-01-15

CVE-2020-2716 [MEDIUM] CVE-2020-2716: Vulnerability in the Oracle Banking Corporate Lending product of Oracle Financial Services Applicati Vulnerability in the Oracle Banking Corporate Lending product of Oracle Financial Services Applications (component: Core). Supported versions that are affected are 12.3.0-12.4.0 and 14.0.0-14.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Corporate Lending. Successful attacks of t

nvd

CVE-2019-11269MEDIUMCVSS 5.4PoCv14.1.0v14.3.0+1 more2019-06-12

CVE-2019-11269 [MEDIUM] CWE-601 CVE-2019-11269: Spring Security OAuth versions 2.3 prior to 2.3.6, 2.2 prior to 2.2.5, 2.1 prior to 2.1.5, and 2.0 p Spring Security OAuth versions 2.3 prior to 2.3.6, 2.2 prior to 2.2.5, 2.1 prior to 2.1.5, and 2.0 prior to 2.0.18, as well as older unsupported versions could be susceptible to an open redirector attack that can leak an authorization code. A malicious user or attacker can craft a request to the authorization endpoint using the authorization code gr

nvd

CVE-2019-3778MEDIUMCVSS 6.5PoCv14.1.0v14.3.0+1 more2019-03-07

CVE-2019-3778 [MEDIUM] CWE-601 CVE-2019-3778: Spring Security OAuth, versions 2.3 prior to 2.3.5, and 2.2 prior to 2.2.4, and 2.1 prior to 2.1.4, Spring Security OAuth, versions 2.3 prior to 2.3.5, and 2.2 prior to 2.2.4, and 2.1 prior to 2.1.4, and 2.0 prior to 2.0.17, and older unsupported versions could be susceptible to an open redirector attack that can leak an authorization code. A malicious user or attacker can craft a request to the authorization endpoint using the authorization code gra

nvd

CVE-2018-3050HIGHCVSS 8.1v12.3.0v12.4.0+3 more2018-07-18

CVE-2018-3050 [HIGH] CVE-2018-3050: Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applica Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent: Core module). Supported versions that are affected are 12.3.0, 12.4.0, 12.5.0, 14.0.0 and 14.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Corporate Lending. Suc

nvd

CVE-2018-3036MEDIUMCVSS 6.3v12.3.0v12.4.0+3 more2018-07-18

CVE-2018-3036 [MEDIUM] CVE-2018-3036: Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applica Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent: Core module). Supported versions that are affected are 12.3.0, 12.4.0, 12.5.0, 14.0.0 and 14.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Corporate Lending. S

nvd

CVE-2018-3038MEDIUMCVSS 5.3v12.3.0v12.4.0+3 more2018-07-18

CVE-2018-3038 [MEDIUM] CVE-2018-3038: Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applica Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent: Core module). Supported versions that are affected are 12.3.0, 12.4.0, 12.5.0, 14.0.0 and 14.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Banking Corporate Lending.

nvd

CVE-2018-2895MEDIUMCVSS 6.1v12.3.0v12.4.0+3 more2018-07-18

CVE-2018-2895 [MEDIUM] CVE-2018-2895: Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applica Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent: Core module). Supported versions that are affected are 12.3.0, 12.4.0, 12.5.0, 14.0.0 and 14.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Banking Corporate Lending.

nvd

CVE-2018-3046MEDIUMCVSS 5.3v12.3.0v12.4.0+3 more2018-07-18

CVE-2018-3046 [MEDIUM] CVE-2018-3046: Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applica Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent: Core module). Supported versions that are affected are 12.3.0, 12.4.0, 12.5.0, 14.0.0 and 14.1.0. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Corporate Lending.

nvd

CVE-2018-3044MEDIUMCVSS 5.4v12.3.0v12.4.0+3 more2018-07-18

CVE-2018-3044 [MEDIUM] CVE-2018-3044: Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applica Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent: Core module). Supported versions that are affected are 12.3.0, 12.4.0, 12.5.0, 14.0.0 and 14.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Corporate Lending. S

nvd

CVE-2018-3040MEDIUMCVSS 6.5v12.3.0v12.4.0+3 more2018-07-18

CVE-2018-3040 [MEDIUM] CVE-2018-3040: Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applica Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent: Core module). Supported versions that are affected are 12.3.0, 12.4.0, 12.5.0, 14.0.0 and 14.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Corporate Lending. S

nvd

CVE-2018-3042MEDIUMCVSS 5.4v12.3.0v12.4.0+3 more2018-07-18

CVE-2018-3042 [MEDIUM] CVE-2018-3042: Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applica Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent: Core module). Supported versions that are affected are 12.3.0, 12.4.0, 12.5.0, 14.0.0 and 14.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Corporate Lending. S

nvd

CVE-2018-3048MEDIUMCVSS 5.4v12.3.0v12.4.0+3 more2018-07-18

CVE-2018-3048 [MEDIUM] CVE-2018-3048: Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applica Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent: Core module). Supported versions that are affected are 12.3.0, 12.4.0, 12.5.0, 14.0.0 and 14.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Corporate Lending. S

nvd

CVE-2018-2746HIGHCVSS 7.1v12.3.0v12.4.0+2 more2018-04-19

CVE-2018-2746 [HIGH] CVE-2018-2746: Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applica Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent: Core module). Supported versions that are affected are 12.3.0, 12.4.0, 12.5.0 and 14.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Corporate Lending. Successful

nvd

CVE-2018-2747MEDIUMCVSS 6.5v12.3.0v12.4.0+2 more2018-04-19

CVE-2018-2747 [MEDIUM] CVE-2018-2747: Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applica Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent: Core module). Supported versions that are affected are 12.3.0, 12.4.0, 12.5.0 and 14.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Corporate Lending. Successfu

nvd

CVE-2018-2748MEDIUMCVSS 6.1v12.3.0v12.4.0+2 more2018-04-19

CVE-2018-2748 [MEDIUM] CVE-2018-2748: Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applica Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent: Core module). Supported versions that are affected are 12.3.0, 12.4.0, 12.5.0 and 14.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Banking Corporate Lending. Successf

nvd

1 / 2Next →