How severe is CVE-2023-21905?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.1 out of 10.

What type of vulnerability is CVE-2023-21905?

This is classified as CWE-284, which is a common weakness in software security.

CVE-2023-21905 - MEDIUM Severity | CVSS 6.1

Vulnerability Description

Vulnerability in the Oracle Banking Virtual Account Management product of Oracle Financial Services Applications (component: Routing Hub). Supported versions that are affected are 14.5, 14.6 and 14.7. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Banking Virtual Account Management. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Banking Virtual Account Management accessible data as well as unauthorized access to critical data or complete access to all Oracle Banking Virtual Account Management accessible data. CVSS 3.1 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N).

Related Vulnerabilities

CVE-2014-8168

MEDIUM

CVSS:6.1(Medium)

Red Hat Satellite 6 allows local users to access mongod and delete pulp_database.

CWE-2842014

CVE-2014-9717

MEDIUM

CVSS:6.1(Medium)

fs/namespace.c in the Linux kernel before 4.0.2 processes MNT_DETACH umount2 system calls without verifying that the MNT_LOCKED flag is unset, which allows local users to bypass intended access restri...

CWE-2842014

CVE-2016-1492

MEDIUM

CVSS:6.1(Medium)

The Wifi hotspot in Lenovo SHAREit before 3.5.48_ww for Android, when configured to receive files, does not require a password, which makes it easier for remote attackers to obtain access by leveragin...

CWE-2842016

CVE-2016-5606

MEDIUM

CVSS:6.1(Medium)

Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect integrity and availability via vectors related to Kernel Zones.

CWE-2842016

CVE-2016-5622

MEDIUM

CVSS:6.1(Medium)

Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.3.0, 11.4.0, 12.0.1 through 12.0.3, 12.1.0, and 12.2.0 allows remote attackers...

CWE-2842016

CVE-2016-7223

MEDIUM

CVSS:6.1(Medium)

Virtual Hard Disk Driver in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 does not properly restrict access to files,...

CWE-2842016