CVE-2024-21128

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Jul 16, 2024
Updated: Jul 17, 2024

Summary

CVE-2024-21128 is a vulnerability affecting Oracle E-Business Suite's Oracle Application Object Library (AOL). Affected versions include 12.2.6 to 12.2.13. This issue allows a low-privileged attacker with network access via HTTP to compromise the Oracle Application Object Library. Successful exploitation requires human interaction, and the impact may extend to additional affected products. The vulnerability can result in unauthorized update, insert, or delete access to some data, as well as unauthorized read access to a subset of data in Oracle Application Object Library. The CVSS Base Score is 5.4, with impacts on both confidentiality and integrity.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share