CVE-2024-20992

CVSS 3.1 Score 4.4 of 10 (medium)

Details

Published Apr 16, 2024
Updated: Apr 17, 2024

Summary

CVE-2024-20992 is a vulnerability affecting Oracle WebCenter Portal, a component of Oracle Fusion Middleware (version 12.2.1.4.0). This issue allows low-privileged attackers with network access to potentially compromise the portal. Successful exploitation requires human interaction and may result in unauthorized data access, including the ability to update, insert, or delete some Oracle WebCenter Portal data, as well as unauthorized read access to a subset of the data. The scope of impact may extend to additional affected products. The CVSS Base Score is 4.4, indicating low to moderate severity for both confidentiality and integrity impacts.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share