April 27, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Advisory –Multiple Oracle PeopleSoft Enterprise PeopleTools Vulnerabilities
July 21, 2022Rewterz Threat Advisory – CVE-2022-21532 – Oracle JD Edwards EnterpriseOne Orchestrator Vulnerability
July 21, 2022Rewterz Threat Advisory –Multiple Oracle PeopleSoft Enterprise PeopleTools Vulnerabilities
July 21, 2022Rewterz Threat Advisory – CVE-2022-21532 – Oracle JD Edwards EnterpriseOne Orchestrator Vulnerability
July 21, 2022
Severity
High
Analysis Summary
CVE-2022-21544 CVSS:7.1
An unspecified vulnerability in Oracle FLEXCUBE Universal Banking related to the Infrastructure component could allow an authenticated attacker to take control of the system.
CVE-2022-21428 CVSS:6.7
An unspecified vulnerability in Oracle FLEXCUBE Universal Banking related to the Infrastructure component could allow an authenticated attacker to cause high confidentiality impact, high integrity impact, and low availability impact.
Impact
- Unauthorized Access
Indicators Of Compromise
CVE
- CVE-2022-21544
- CVE-2022-21428
Affected Vendors
Oracle
Affected Products
- Oracle FLEXCUBE Universal Banking 12.1.0
- Oracle FLEXCUBE Universal Banking 12.2.0
- Oracle FLEXCUBE Universal Banking 12.3.0
- Oracle FLEXCUBE Universal Banking 12.4.0
- Oracle FLEXCUBE Universal Banking 14.0.0
- Oracle FLEXCUBE Universal Banking 14.1.0
- Oracle FLEXCUBE Universal Banking 14.3.0
- Oracle FLEXCUBE Universal Banking 14.5.0
Remediation
Refer to Oracle Security Advisory for patch, upgrade or suggested workaround information.
