Vulnerabilities > Oracle > Flexcube Private Banking > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-27 | CVE-2020-9488 | Improper Certificate Validation vulnerability in multiple products Improper validation of certificate with host mismatch in Apache Log4j SMTP appender. | 3.7 |
| 2020-01-17 | CVE-2020-5397 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products Spring Framework, versions 5.2.x prior to 5.2.3 are vulnerable to CSRF attacks through CORS preflight requests that target Spring MVC (spring-webmvc module) or Spring WebFlux (spring-webflux module) endpoints. | 2.6 |
| 2017-01-27 | CVE-2016-8300 | Improper Access Control vulnerability in Oracle Flexcube Private Banking 12.0.1/2.0.1/2.2.0 Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications (subcomponent: Product / Instrument Search). | 3.5 |
| 2017-01-27 | CVE-2016-8313 | Information Exposure vulnerability in Oracle Flexcube Private Banking 12.0.1/2.0.1/2.2.0 Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications (subcomponent: Product / Instrument Search). | 3.5 |