CVE-2023-22125

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Oct 17, 2023
Updated: Oct 23, 2023

Summary

CVE-2023-22125 is a vulnerability affecting Oracle Banking Trade Finance, a component of Oracle Financial Services Applications. Affected versions include 14.5 to 14.7. This issue is classified as easily exploitable, allowing a low-privileged attacker with network access via HTTP to compromise Oracle Banking Trade Finance. Successful attacks necessitate human interaction and may lead to unauthorized data access, including update, insert, and delete capabilities for some information, as well as unauthorized read access for a subset of the data. The scope of impact may extend beyond Oracle Banking Trade Finance. The CVSS Base Score is 5.4, with impacts on confidentiality and integrity.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share