Main Vulnerability Database Vulnerabilities #VU1060

Information disclosure in Oracle Financial Services Software and Oracle FLEXCUBE Universal Banking - CVE-2016-5621

Published: October 24, 2016 / Updated: January 5, 2017

Vulnerability identifier: #VU1060

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2016-5621

CWE-ID: CWE-399

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Oracle

Affected software:
Oracle Financial Services Software
Oracle FLEXCUBE Universal Banking

Detailed vulnerability description

The vulnerability allows a remote authenticated user to access data on the target system.
The weakness is caused by a flaw in the Oracle FLEXCUBE Universal Banking INFRA component and lets attacker obtain arbitrary files.
Successful exploitation of the vulnerability results in disclosure of information on the vulnerable system.

Information disclosure in Oracle Financial Services Software and Oracle FLEXCUBE Universal Banking - CVE-2016-5621

Detailed vulnerability description

How to mitigate CVE-2016-5621

Sources

Information disclosure in Oracle Financial Services Software and Oracle FLEXCUBE Universal Banking - CVE-2016-5621

Detailed vulnerability description

How to mitigate CVE-2016-5621

Sources

Please verify you're human