{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-11T00:22:08.478","vulnerabilities":[{"cve":{"id":"CVE-2021-2448","sourceIdentifier":"secalert_us@oracle.com","published":"2021-07-21T00:15:11.987","lastModified":"2024-11-21T06:03:08.933","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle Financial Services Crime and Compliance Investigation Hub product of Oracle Financial Services Applications (component: Reports). The supported version that is affected is 20.1.2. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle Financial Services Crime and Compliance Investigation Hub executes to compromise Oracle Financial Services Crime and Compliance Investigation Hub. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Financial Services Crime and Compliance Investigation Hub, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Financial Services Crime and Compliance Investigation Hub accessible data as well as unauthorized read access to a subset of Oracle Financial Services Crime and Compliance Investigation Hub accessible data. CVSS 3.1 Base Score 3.7 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:N)."},{"lang":"es","value":"Una vulnerabilidad en el producto Oracle Financial Services Crime and Compliance Investigation Hub de Oracle Financial Services Applications (componente: Reports). La versión compatible que está afectada es 20.1.2. Una vulnerabilidad difícil de explotar, permite a un atacante con altos privilegios con acceso a la infraestructura donde se ejecuta el Oracle Financial Services Crime and Compliance Investigation Hub comprometer el Oracle Financial Services Crime and Compliance Investigation Hub. Los ataques con éxito requieren una interacción humana de una persona diferente del atacante y mientras la vulnerabilidad se encuentra en Oracle Financial Services Crime and Compliance Investigation Hub, unos ataques pueden afectar significativamente a otros productos. Los ataques con éxito de esta vulnerabilidad pueden resultar en el acceso no autorizado a la actualización, inserción o eliminación de algunos de los datos accesibles de Oracle Financial Services Crime and Compliance Investigation Hub, así como el acceso no autorizado a la lectura de un subconjunto de datos accesibles de Oracle Financial Services Crime and Compliance Investigation Hub. CVSS 3.1 Puntuación Base 3.7 (Impactos en la Confidencialidad y la Integridad). Vector CVSS: (CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:N)"}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:N","baseScore":3.7,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":0.6,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:H/Au:N/C:P/I:P/A:N","baseScore":2.6,"accessVector":"LOCAL","accessComplexity":"HIGH","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":1.9,"impactScore":4.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:financial_services_crime_and_compliance_investigation_hub:20.1.2:*:*:*:*:*:*:*","matchCriteriaId":"22005DDA-C5DB-4F9C-A92F-205A88B91750"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cpujul2021.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]},{"url":"https://www.oracle.com/security-alerts/cpujul2021.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}