Vulnerabilities > Oracle > Financial Services Analytical Applications Infrastructure

DATE CVE VULNERABILITY TITLE RISK
2020-11-12 CVE-2019-17566 Server-Side Request Forgery (SSRF) vulnerability in multiple products
Apache Batik is vulnerable to server-side request forgery, caused by improper input validation by the "xlink:href" attributes.
network
low complexity
apache oracle CWE-918
7.5
7.5
2020-10-01 CVE-2020-11979 As mitigation for CVE-2020-1945 Apache Ant 1.10.8 changed the permissions of temporary files it created so that only the current user was allowed to access them.
network
low complexity
apache gradle fedoraproject oracle
7.5
7.5
2020-09-19 CVE-2020-5421 In Spring Framework versions 5.2.0 - 5.2.8, 5.1.0 - 5.1.17, 5.0.0 - 5.0.18, 4.3.0 - 4.3.28, and older unsupported versions, the protections against RFD attacks from CVE-2015-5211 may be bypassed depending on the browser used through the use of a jsessionid path parameter.
network
high complexity
vmware oracle netapp
6.5
6.5
2020-07-15 CVE-2020-14685 Unspecified vulnerability in Oracle Financial Services Analytical Applications Infrastructure
Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Infrastructure).
network
low complexity
oracle
6.5
6.5
2020-07-15 CVE-2020-14684 Unspecified vulnerability in Oracle Financial Services Analytical Applications Infrastructure
Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Infrastructure).
network
low complexity
oracle
4.3
4.3
2020-07-15 CVE-2020-14662 Unspecified vulnerability in Oracle Financial Services Analytical Applications Infrastructure
Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Infrastructure).
network
low complexity
oracle
6.3
6.3
2020-07-15 CVE-2020-14615 Cross-site Scripting vulnerability in Oracle Financial Services Analytical Applications Infrastructure
Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Infrastructure).
network
low complexity
oracle CWE-79
6.1
6.1
2020-07-15 CVE-2020-14605 Unspecified vulnerability in Oracle Financial Services Analytical Applications Infrastructure
Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Infrastructure).
network
low complexity
oracle
6.5
6.5
2020-07-15 CVE-2020-14604 Unspecified vulnerability in Oracle Financial Services Analytical Applications Infrastructure
Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Infrastructure).
network
low complexity
oracle
5.3
5.3
2020-07-15 CVE-2020-14603 Unspecified vulnerability in Oracle Financial Services Analytical Applications Infrastructure
Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Infrastructure).
network
low complexity
oracle
5.3
5.3