Rewterz

Rewterz Threat Advisory – Oracle Enterprise Manager for Virtualization Multiple Vulnerabilities

January 17, 2019
Rewterz

Rewterz Threat Advisory – CVE-2018-15439 – Cisco Small Business Switches Privileged Access Vulnerability

January 21, 2019

Rewterz Threat Advisory – CVE-2019-2550 & CVE-2019-2549 – Oracle FLEXCUBE Direct Banking “Logoff Page” Vulnerabilities

SEVERITY: High

 

 

ANALYSIS SUMMARY

 

 

Multiple vulnerabilities have been reported in Oracle FLEXCUBE Direct Banking, which can be exploited by malicious people to disclose sensitive information and manipulate certain data.

1) An error within the “Logoff Page” sub-component can be exploited to disclose, update, insert, or delete certain data.

2) Another different error within the “Logoff Page” sub-component can be exploited to update, insert, or delete certain data.

 

 

AFFECTED PRODUCTS

 

 

Oracle FLEXCUBE Direct Banking 12.x

 

 

IMPACT

 

 

  • Exposure of sensitive information
  • Manipulation of data

 

 

REMEDIATION 

 

 

Apply update.

https://support.oracle.com

 

If you think you’re a victim of a cyber-attack, immediately send an email to soc@rewterz.com.

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.