How severe is CVE-2017-10098?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.4 out of 10.

What type of vulnerability is CVE-2017-10098?

This is classified as CWE-269, which is a common weakness in software security.

CVE-2017-10098 - MEDIUM Severity | CVSS 5.4

Vulnerability Description

Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Infrastructure). Supported versions that are affected are 11.3.0, 11.4.0, 12.0.1, 12.0.2, 12.0.3, 12.1.0, 12.2.0 and 12.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Universal Banking. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle FLEXCUBE Universal Banking accessible data as well as unauthorized read access to a subset of Oracle FLEXCUBE Universal Banking accessible data. CVSS 3.0 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N).

Related Vulnerabilities

CVE-2017-10046

MEDIUM

CVSS:5.4(Medium)

Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Primavera Products Suite (subcomponent: Web Access). Supported versions that are affected are 8.3, 8.4, 15...

CWE-2692017

CVE-2017-10094

MEDIUM

CVSS:5.4(Medium)

Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain Products Suite (subcomponent: Security). Supported versions that are affected are 9.3.5 and 9.3.6. Easily exploitable vulnerabili...

CWE-2692017

CVE-2017-10142

MEDIUM

CVSS:5.4(Medium)

Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Hospitality Applications (subcomponent: Mobile Apps). Supported versions that are affected are 8.5.1 and 9.0.0. Easi...

CWE-2692017

CVE-2017-1493

MEDIUM

CVSS:5.4(Medium)

IBM UrbanCode Deploy (UCD) 6.1 and 6.2 could allow an authenticated user to edit objects that they should not have access to due to improper access controls. IBM X-Force ID: 128691.

CWE-2692017

CVE-2019-4546

MEDIUM

CVSS:5.4(Medium)

After installing the IBM Maximo Health- Safety and Environment Manager 7.6.1, a user is granted additional privileges that they are not normally allowed to access. IBM X-Force ID: 165948.

CWE-2692019

CVE-2020-14194

MEDIUM

CVSS:5.4(Medium)

Zulip Server before 2.1.5 allows reverse tabnapping via a topic header link.

CWE-2692020