Rewterz Threat Advisory – Oracle Enterprise Manager for Virtualization Multiple Vulnerabilities
January 17, 2019Rewterz Threat Advisory – CVE-2018-15439 – Cisco Small Business Switches Privileged Access Vulnerability
January 21, 2019Rewterz Threat Advisory – Oracle Enterprise Manager for Virtualization Multiple Vulnerabilities
January 17, 2019Rewterz Threat Advisory – CVE-2018-15439 – Cisco Small Business Switches Privileged Access Vulnerability
January 21, 2019SEVERITY: High
ANALYSIS SUMMARY
Multiple vulnerabilities have been reported in Oracle FLEXCUBE Direct Banking, which can be exploited by malicious people to disclose sensitive information and manipulate certain data.
1) An error within the “Logoff Page” sub-component can be exploited to disclose, update, insert, or delete certain data.
2) Another different error within the “Logoff Page” sub-component can be exploited to update, insert, or delete certain data.
AFFECTED PRODUCTS
Oracle FLEXCUBE Direct Banking 12.x
IMPACT
- Exposure of sensitive information
- Manipulation of data
REMEDIATION
Apply update.
If you think you’re a victim of a cyber-attack, immediately send an email to soc@rewterz.com.