Vulnerabilities > CVE-2021-2448 - Unspecified vulnerability in Oracle Financial Services Crime and Compliance Investigation HUB 20.1.2

047910
CVSS 3.7 - LOW
Attack vector
LOCAL
Attack complexity
HIGH
Privileges required
HIGH
Confidentiality impact
LOW
Integrity impact
LOW
Availability impact
NONE
local
high complexity
oracle

Summary

Vulnerability in the Oracle Financial Services Crime and Compliance Investigation Hub product of Oracle Financial Services Applications (component: Reports). The supported version that is affected is 20.1.2. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle Financial Services Crime and Compliance Investigation Hub executes to compromise Oracle Financial Services Crime and Compliance Investigation Hub. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Financial Services Crime and Compliance Investigation Hub, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Financial Services Crime and Compliance Investigation Hub accessible data as well as unauthorized read access to a subset of Oracle Financial Services Crime and Compliance Investigation Hub accessible data. CVSS 3.1 Base Score 3.7 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:N).

Vulnerable Configurations

Part Description Count
Application
Oracle
1