Main Vulnerability Database Vulnerabilities #VU1049

Privilege escalation in Oracle Financial Services Software and Oracle FLEXCUBE Universal Banking - CVE-2016-5607

Published: October 19, 2016 / Updated: January 4, 2017

Vulnerability identifier: #VU1049

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2016-5607

CWE-ID: CWE-399

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Oracle

Affected software:
Oracle Financial Services Software
Oracle FLEXCUBE Universal Banking

Detailed vulnerability description

The vulnerability allows a remote authenticated user to gain elevated privileges on the target system.
The weakness is caused by a flaw in the Oracle FLEXCUBE Universal Banking INFRA component and lets attacker increase his privileges.
Successful exploitation of the vulnerability results in privilege escalation on the vulnerable system.

Privilege escalation in Oracle Financial Services Software and Oracle FLEXCUBE Universal Banking - CVE-2016-5607

Detailed vulnerability description

How to mitigate CVE-2016-5607

Sources

Privilege escalation in Oracle Financial Services Software and Oracle FLEXCUBE Universal Banking - CVE-2016-5607

Detailed vulnerability description

How to mitigate CVE-2016-5607

Sources

Please verify you're human