Vulnerability in the Oracle Banking Liquidity Management product of Oracle Financial Services Applications (component: Reports). The supported version that is affected is 14.5.0.12.0. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Liquidity Management. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of Oracle Banking Liquidity Management. CVSS 3.1 Base Score 7.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H).
History

Fri, 18 Oct 2024 17:15:00 +0000

Type Values Removed Values Added
Weaknesses NVD-CWE-noinfo

Wed, 16 Oct 2024 13:15:00 +0000

Type Values Removed Values Added
Title Reports: From CVEorg collector
References
Metrics threat_severity

None

threat_severity

Important


Tue, 15 Oct 2024 22:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-863
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Tue, 15 Oct 2024 20:00:00 +0000

Type Values Removed Values Added
Description Vulnerability in the Oracle Banking Liquidity Management product of Oracle Financial Services Applications (component: Reports). The supported version that is affected is 14.5.0.12.0. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Liquidity Management. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of Oracle Banking Liquidity Management. CVSS 3.1 Base Score 7.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H).
First Time appeared Oracle
Oracle banking Liquidity Management
CPEs cpe:2.3:a:oracle:banking_liquidity_management:14.5.0.12.0:*:*:*:*:*:*:*
Vendors & Products Oracle
Oracle banking Liquidity Management
References
Metrics cvssV3_1

{'score': 7.1, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H'}


cve-icon MITRE

Status: PUBLISHED

Assigner: oracle

Published: 2024-10-15T19:53:03.465Z

Updated: 2024-10-15T21:46:08.660Z

Reserved: 2023-12-07T22:28:10.707Z

Link: CVE-2024-21285

cve-icon Vulnrichment

Updated: 2024-10-15T21:21:49.574Z

cve-icon NVD

Status : Analyzed

Published: 2024-10-15T20:15:21.447

Modified: 2024-10-18T16:46:27.283

Link: CVE-2024-21285

cve-icon Redhat

Severity : Important

Publid Date: 2024-10-15T19:53:03Z

Links: CVE-2024-21285 - Bugzilla