OSA-35872496

Vulnerability in the Oracle Banking Liquidity Management product of Oracle Financial Services Applications (component: Infrastructure (Jakarta Expression Language)). The supported version that is affected is 14.7.0.3.0. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle Banking Liquidity Management executes to compromise Oracle Banking Liquidity Management. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Banking Liquidity Management accessible data. CVSS 3.1 Base Score 5.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N).