CVE-2024-21139

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Jul 16, 2024
Updated: Jul 17, 2024

Summary

CVE-2024-21139 is a vulnerability affecting Oracle Business Intelligence Enterprise Edition (OBIEE), specifically the Analytics Web Answers component. Versions 7.0.0.0.0, 7.6.0.0.0, and 12.2.1.4.0 are susceptible to this issue. A low-privileged attacker with network access can exploit this vulnerability via HTTP, leading to unauthorized data access or manipulation. Successful attacks require human interaction and may result in significant impact on additional products. The Base Score on the Common Vulnerability Scoring System (CVSS) is 5.4, with potential impacts on both confidentiality and integrity.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Business Intelligence Enterprise Edition

Affected Vendors

  • Oracle Corp