CVSS 3.1 Score 6.1 of 10 (medium)


Published Apr 16, 2024
Updated: Apr 17, 2024


CVE-2024-21042 is a vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul (CMRO) product of Oracle E-Business Suite. This vulnerability affects supported versions 12.2.3-12.2.13. An unauthenticated attacker with network access via HTTP can exploit this vulnerability, which requires human interaction from a person other than the attacker. While the vulnerability is in Oracle CMRO, it may impact other products as well. Successful attacks can result in unauthorized update, insert or delete access to CMRO data, as well as unauthorized read access to a subset of the data. The CVSS 3.1 Base Score for this vulnerability is 6.1, indicating moderate impacts on confidentiality and integrity of the affected system and data.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2024-21042 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options