CVE-2024-20930

CVSS 3.1 Score 6.3 of 10 (medium)

Details

Published Jan 16, 2024
Updated: Jan 20, 2024

Summary

CVE-2024-20930 is a vulnerability affecting Oracle Outside In Technology in Oracle Fusion Middleware's Content Access SDK, Image Export SDK, PDF Export SDK, and HTML Export SDK. The affected version is 8.5.6. This easily exploitable issue allows a low-privileged attacker with network access via HTTP to compromise the Oracle Outside In Technology product. Successful attacks can result in unauthorized updates, inserts, or deletes to some data, unauthorized read access to a subset of data, and a partial denial of service. The CVSS Base Score is 6.3, with impacts on confidentiality, integrity, and availability.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Oracle Outside In Technology

Affected Vendors

  • BonqDAO