CVE-2026-21973
BaseFortify
Publication date: 2026-01-20
Last updated on: 2026-02-02
Assigner: Oracle
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| oracle | flexcube_investor_servicing | 14.5.0.15.0 |
| oracle | flexcube_investor_servicing | 14.7.0.8.0 |
| oracle | flexcube_investor_servicing | 14.8.0.1.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-NVD-CWE-noinfo |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the Oracle FLEXCUBE Investor Servicing product's Security Management System. It allows a low privileged attacker with network access via HTTP to exploit the system easily. Successful exploitation can lead to unauthorized creation, deletion, or modification of critical data or all data accessible by Oracle FLEXCUBE Investor Servicing.
How can this vulnerability impact me? :
The impact of this vulnerability includes unauthorized access to critical data or complete access to all data accessible by Oracle FLEXCUBE Investor Servicing. Attackers can create, delete, or modify critical data, potentially compromising the integrity and confidentiality of the system's data.