OSA-38189960

Vulnerability in the Oracle Banking Virtual Account Management product of Oracle Financial Services Applications (component: Platform (Apache Commons FileUpload)). Supported versions that are affected are 14.5.0.0.0-14.8.0.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Banking Virtual Account Management. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Banking Virtual Account Management. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).