← volver
CVE-2024-21258

CVE-2024-21258

CVSS 5.3 MEDIUMEPSS 0.5%CWE-922
Vexday Risk Score
13Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 5.3EPSS 0.5%KEV nãoPoC Nuclei Metasploit Patch referenciado
Ciclo de vida
15 oct 2024Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
Vulnerability in the Oracle Installed Base product of Oracle E-Business Suite (component: User Interface). Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Installed Base. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Installed Base accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Productos afectados
Oracle Corporation · Oracle Installed Base

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://www.oracle.com/security-alerts/cpuoct2024.html