See Recorded Future’s Threat Intelligence Solutions in Action

See our Threat Intelligence Solutions in Action

Reduce risk and mitigate cyber attacks, no matter your IT & security stack, maturity journey, or industry

Book a free demo

View Solutions to Reduce Risk

See Recorded Future’s Intelligence in Action

Reduce operational risk through timely, precise, and actionable intelligence.

Book a free demo

Intelligence Cloud Overview

View Services & Support Overview

View Research Overview

CVE-2024-21133

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Jul 16, 2024

Updated: Jul 17, 2024

Summary

CVE-2024-21133 is a vulnerability affecting Oracle Reports Developer in Oracle Fusion Middleware. Affected versions include 12.2.1.4.0 and 12.2.1.19.0. This issue is an easily exploitable network-accessible vulnerability that enables an unauthenticated attacker to compromise Oracle Reports Developer. Successful attacks necessitate human interaction, but if exploited, may lead to unauthorized access or modification of some data in Oracle Reports Developer. Moreover, additional products may be impacted. The vulnerability has a CVSS Base Score of 6.1 for both Confidentiality and Integrity impacts. Attacks may result in unauthorized read, insert, or delete access to data. (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L)

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Oracle Reports Developer

Affected Vendors

BonqDAO

Advisories, Assessments, and Mitigations

Back to Vulnerability Database