← back
CVE-2021-35689

CVE-2021-35689

CVSS 9.8 CRITICALEPSS 2.0%
Vexday Risk Score
28Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 9.8EPSS 2.0%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
24 Feb 2022Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A potential vulnerability in the Oracle Talent Acquisition Cloud - Taleo Enterprise Edition. This high severity potential vulnerability allows attackers to perform remote code execution on Taleo Enterprise Edition system. Successful attacks of this vulnerability can result in unauthorized remote code execution within Taleo Enterprise Edition and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Talent Acquisition Cloud - Taleo Enterprise Edition. All affected customers were notified of CVE-2021-35689 by Oracle.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
Oracle Corporation · Oracle Talent Acquisition Cloud - Taleo Enterprise Edition

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.oracle.com/security-alerts/oracle-cves-outside-other-oracle-public-documents.html