Oracle Financial Services Behavior Detection Platform Web UI Vulnerability Allowing Unauthorized Data Access and Modification

A vulnerability exists in the Oracle Financial Services Behavior Detection Platform, specifically in the Web UI component, affecting versions 8.0.8.1, 8.1.2.7, and 8.1.2.8. This vulnerability allows an unauthenticated attacker with network access via HTTP to compromise the Behavior Detection Platform. Exploitation of this vulnerability requires human interaction from a third party. While the vulnerability is contained within the Behavior Detection Platform, successful attacks could significantly impact other Oracle Financial Services applications. The vulnerability allows for unauthorized read access to certain accessible data, as well as unauthorized update, insert, or delete access to some data within the Behavior Detection Platform.

Impact

Exploitation of this vulnerability could lead to unauthorized access to read, modify, insert, or delete data within the Oracle Financial Services Behavior Detection Platform.