Oracle Flexcube Direct Banking vulnerabilities

CVE-2021-2141 [LOW] CVE-2021-2141: Vulnerability in the Oracle FLEXCUBE Direct Banking product of Oracle Financial Services Application Vulnerability in the Oracle FLEXCUBE Direct Banking product of Oracle Financial Services Applications (component: Pre Login). Supported versions that are affected are 12.0.2 and 12.0.3. Difficult to exploit vulnerability allows high privileged attacker with network access via Oracle Net to compromise Oracle FLEXCUBE Direct Banking. Successful attacks require hum

CVE-2020-14897 [MEDIUM] CVE-2020-14897: Vulnerability in the Oracle FLEXCUBE Direct Banking product of Oracle Financial Services Application Vulnerability in the Oracle FLEXCUBE Direct Banking product of Oracle Financial Services Applications (component: Pre Login). Supported versions that are affected are 12.0.1, 12.0.2 and 12.0.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle FLEXCUBE Direct Banking. Successful attacks requir

CVE-2020-14890 [MEDIUM] CVE-2020-14890: Vulnerability in the Oracle FLEXCUBE Direct Banking product of Oracle Financial Services Application Vulnerability in the Oracle FLEXCUBE Direct Banking product of Oracle Financial Services Applications (component: Pre Login). Supported versions that are affected are 12.0.1, 12.0.2 and 12.0.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle FLEXCUBE Direct Banking. Successful attacks requir

CVE-2019-2979 [MEDIUM] CVE-2019-2979: Vulnerability in the Oracle FLEXCUBE Direct Banking product of Oracle Financial Services Application Vulnerability in the Oracle FLEXCUBE Direct Banking product of Oracle Financial Services Applications (component: Payments). Supported versions that are affected are 12.0.2 and 12.0.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Direct Banking. Successful attacks require human inte

CVE-2019-2980 [MEDIUM] CVE-2019-2980: Vulnerability in the Oracle FLEXCUBE Direct Banking product of Oracle Financial Services Application Vulnerability in the Oracle FLEXCUBE Direct Banking product of Oracle Financial Services Applications (component: eMail). Supported versions that are affected are 12.0.2 and 12.0.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Direct Banking. Successful attacks of this vulnerability

CVE-2019-2550 [MEDIUM] CVE-2019-2550: Vulnerability in the Oracle FLEXCUBE Direct Banking component of Oracle Financial Services Applicati Vulnerability in the Oracle FLEXCUBE Direct Banking component of Oracle Financial Services Applications (subcomponent: Logoff Page). The supported version that is affected is 12.0.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle FLEXCUBE Direct Banking. Successful attacks require human inter

CVE-2019-2549 [MEDIUM] CVE-2019-2549: Vulnerability in the Oracle FLEXCUBE Direct Banking component of Oracle Financial Services Applicati Vulnerability in the Oracle FLEXCUBE Direct Banking component of Oracle Financial Services Applications (subcomponent: Logoff Page). The supported version that is affected is 12.0.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle FLEXCUBE Direct Banking. Successful attacks require human inter

CVE-2018-2674 [MEDIUM] CVE-2018-2674: Vulnerability in the Oracle FLEXCUBE Direct Banking component of Oracle Financial Services Applicati Vulnerability in the Oracle FLEXCUBE Direct Banking component of Oracle Financial Services Applications (subcomponent: Logoff). Supported versions that are affected are 12.0.2 and 12.0.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle FLEXCUBE Direct Banking. Successful attacks require human

CVE-2017-10181 [MEDIUM] CVE-2017-10181: Vulnerability in the Oracle FLEXCUBE Direct Banking component of Oracle Financial Services Applicati Vulnerability in the Oracle FLEXCUBE Direct Banking component of Oracle Financial Services Applications (subcomponent: Forgot Password). Supported versions that are affected are 12.0.2 and 12.0.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Direct Banking. Successful attacks requ

CVE-2017-3495 [MEDIUM] CVE-2017-3495: Vulnerability in the Oracle FLEXCUBE Direct Banking component of Oracle Financial Services Applicati Vulnerability in the Oracle FLEXCUBE Direct Banking component of Oracle Financial Services Applications (subcomponent: Pre-Login). Supported versions that are affected are 12.0.2 and 12.0.3. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle FLEXCUBE Direct Banking. Successful attacks require h

CVE-2017-3297 [MEDIUM] CVE-2017-3297: Vulnerability in the Oracle FLEXCUBE Direct Banking component of Oracle Financial Services Applicati Vulnerability in the Oracle FLEXCUBE Direct Banking component of Oracle Financial Services Applications (subcomponent: Framework). Supported versions that are affected are 12.0.2 and 12.0.3. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Direct Banking. Successful attacks of this vu

CVE-2017-3245 [MEDIUM] CWE-200 CVE-2017-3245: Vulnerability in the Oracle FLEXCUBE Direct Banking component of Oracle Financial Services Applicati Vulnerability in the Oracle FLEXCUBE Direct Banking component of Oracle Financial Services Applications (subcomponent: Pre-Login). Supported versions that are affected are 12.0.2 and 12.0.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle FLEXCUBE Direct Banking. Successful attacks req

CVE-2016-3589 [MEDIUM] CVE-2016-3589: Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Servic Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Applications 12.0.1, 12.0.2, and 12.0.3 allows remote attackers to affect confidentiality and integrity via unknown vectors.

CVE-2016-0699 [CRITICAL] CVE-2016-0699: Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Servic Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 12.0.2 and 12.0.3 allows remote attackers to affect confidentiality and integrity via vectors related to the Login sub-component.

CVE-2016-3464 [MEDIUM] CVE-2016-3464: Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Servic Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 12.0.3 allows remote authenticated users to affect confidentiality via vectors related to Accounts.

CVE-2016-0672 [MEDIUM] CVE-2016-0672: Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Servic Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 12.0.2 and 12.0.3 allows remote attackers to affect confidentiality and integrity via vectors related to Pre-Login.

CVE-2016-3463 [MEDIUM] CVE-2016-3463: Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Servic Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 12.0.3 allows remote attackers to affect confidentiality and integrity via vectors related to Pre-Login.