CVE-2017-3475
MEDIUMOracle Flexcube Private Banking - Denial of Service
Title source: ruleDescription
Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications (subcomponent: Miscellaneous). Supported versions that are affected are 2.0.0, 2.0.1, 2.2.0.1 and 12.0.1. Easily "exploitable" vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Private Banking. While the vulnerability is in Oracle FLEXCUBE Private Banking, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle FLEXCUBE Private Banking. CVSS 3.0 Base Score 5.0 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L).
Scores
CVSS v3
5.0
EPSS
0.0039
EPSS Percentile
60.0%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L
Classification
Status
published
Affected Products (8)
oracle/flexcube_private_banking
oracle/flexcube_private_banking
oracle/flexcube_private_banking
oracle/flexcube_private_banking
Oracle Corporation/FLEXCUBE Private Banking
< 2.0.0
Oracle Corporation/FLEXCUBE Private Banking
< 2.0.1
Oracle Corporation/FLEXCUBE Private Banking
< 2.2.0.1
Oracle Corporation/FLEXCUBE Private Banking
< 12.0.1
Timeline
Published
Apr 24, 2017
Tracked Since
Feb 18, 2026