CNNVD-202510-2697 Information
CNNVD ID
CNNVD-202510-2697
Related CVE
- CNNVD Published: 2025-10-21
Description (Chinese)
Oracle Financial Services Applications是美国甲骨文(Oracle)公司的一套金融服务软件。该产品包括核心银行、网上银行和财产管理等。Financial Services Analytical Applications Infrastructure是其中的一个金融服务分析应用基础设施组件。 Oracle Financial Services Applications的Oracle Financial Services Analytical Applications Infrastructure 8.0.7.9版本、8.0.8.7版本和8.1.2.5版本存在安全漏洞,该漏洞源于低权限攻击者可通过HTTP网络访问进行攻击,可能导致关键数据被未经授权创建、删除或修改。
Description (English)
Oracle Financial Services Applications is a financial services software package for Oracle. The product includes core banking, online banking and property management. One of the financial services analytical application infrastructure components is the Financial Services Analysis Infrastructure. There is a security gap in Oracle Financial Services Applications Version 8.0.7.9, 8.0.8.7 and 8.1.2.5 of Oracle Financial Services Applications, which stems from the fact that low-authority attackers can attack through the HTTP network, which may lead to the unauthorized creation, deletion or modification of key data.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
甲骨文
Published
2025-10-21
Last Modified
2026-02-24
References
https://www.oracle.com/security-alerts/cpuoct2025.html https://access.redhat.com/security/cve/cve-2025-61751
Patch
https://www.oracle.com/security-alerts/cpuoct2025.html
Share on: