CVE-2017-3483

MEDIUM

Oracle FLEXCUBE <12.1.0 - Privilege Escalation

Title source: llm

Description

Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral Management component of Oracle Financial Services Applications (subcomponent: Limits and Collateral). Supported versions that are affected are 12.0.0 and 12.1.0. Easily "exploitable" vulnerability allows high privileged attacker with logon to the infrastructure where Oracle FLEXCUBE Enterprise Limits and Collateral Management executes to compromise Oracle FLEXCUBE Enterprise Limits and Collateral Management. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle FLEXCUBE Enterprise Limits and Collateral Management accessible data. CVSS 3.0 Base Score 4.4 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N).

References (3)

Scores

CVSS v3 4.4
EPSS 0.0015
EPSS Percentile 35.1%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Classification

Status published

Affected Products (4)

oracle/flexcube_enterprise_limits_and_collateral_management
oracle/flexcube_enterprise_limits_and_collateral_management
Oracle Corporation/FLEXCUBE Enterprise Limits and Collateral Management < 12.0.0
Oracle Corporation/FLEXCUBE Enterprise Limits and Collateral Management < 12.1.0

Timeline

Published Apr 24, 2017
Tracked Since Feb 18, 2026