CVE-2024-21128
CVSS 3.1 Score 5.4 of 10 (medium)
Details
Summary
CVE-2024-21128 is a vulnerability affecting Oracle E-Business Suite's Oracle Application Object Library (AOL). Affected versions include 12.2.6 to 12.2.13. This issue allows a low-privileged attacker with network access via HTTP to compromise the Oracle Application Object Library. Successful exploitation requires human interaction, and the impact may extend to additional affected products. The vulnerability can result in unauthorized update, insert, or delete access to some data, as well as unauthorized read access to a subset of data in Oracle Application Object Library. The CVSS Base Score is 5.4, with impacts on both confidentiality and integrity.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Vendors
- BonqDAO