OSA-34462327

Vulnerability in the Oracle Banking Digital Experience product of Oracle Financial Services Applications (component: UI General (Moment.js)). Supported versions that are affected are 21.1.0.0.0, 22.1.0.0.0 and 22.2.0.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Banking Digital Experience. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Banking Digital Experience. CVSS 3.1 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).