Main Vulnerability Database Vulnerabilities #VU27200

Improper input validation in Oracle Financial Services Deposit Insurance Calculations for Liquidity Risk Management - CVE-2020-2945

Published: April 23, 2020

Vulnerability identifier: #VU27200

CSH Severity: Medium

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2020-2945

CWE-ID: CWE-20

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Oracle

Affected software:
Oracle Financial Services Deposit Insurance Calculations for Liquidity Risk Management

Detailed vulnerability description

The vulnerability allows a remote authenticated user to read and manipulate data.

The vulnerability exists due to improper input validation within the User Interfaces component in Oracle Financial Services Deposit Insurance Calculations for Liquidity Risk Management. A remote authenticated user can exploit this vulnerability to read and manipulate data.

How to mitigate CVE-2020-2945

Install updates from vendor's website.

Sources

https://www.oracle.com/security-alerts/cpuapr2020.html

Improper input validation in Oracle Financial Services Deposit Insurance Calculations for Liquidity Risk Management - CVE-2020-2945

Detailed vulnerability description

How to mitigate CVE-2020-2945

Sources

Please verify you're human