Request a Demo
Rewterz
Rewterz Threat Advisory – Oracle Enterprise Manager for Virtualization Multiple Vulnerabilities
January 17, 2019
Rewterz
Rewterz Threat Advisory – CVE-2018-15439 – Cisco Small Business Switches Privileged Access Vulnerability
January 21, 2019

Rewterz Threat Advisory – CVE-2019-2550 & CVE-2019-2549 – Oracle FLEXCUBE Direct Banking “Logoff Page” Vulnerabilities

SEVERITY: High

 

 

ANALYSIS SUMMARY

 

 

Multiple vulnerabilities have been reported in Oracle FLEXCUBE Direct Banking, which can be exploited by malicious people to disclose sensitive information and manipulate certain data.

1) An error within the “Logoff Page” sub-component can be exploited to disclose, update, insert, or delete certain data.

2) Another different error within the “Logoff Page” sub-component can be exploited to update, insert, or delete certain data.

 

 

AFFECTED PRODUCTS

 

 

Oracle FLEXCUBE Direct Banking 12.x

 

 

IMPACT

 

 

  • Exposure of sensitive information
  • Manipulation of data

 

 

REMEDIATION 

 

 

Apply update.

https://support.oracle.com

 

If you think you’re a victim of a cyber-attack, immediately send an email to soc@rewterz.com.