CVE-2024-21149

CVSS 3.1 Score 8.1 of 10 (high)

Details

Published Jul 16, 2024

Updated: Jul 17, 2024

Summary

CVE-2024-21149 is a newly disclosed vulnerability affecting the Oracle Enterprise Asset Management component of Oracle E-Business Suite, specifically versions 12.2.11 to 12.2.13. This issue is easily exploitable, allowing a low-privileged attacker with network access via HTTP to compromise the system. Successful attacks can result in unauthorized access to or modification of critical data in Oracle Enterprise Asset Management, posing a high risk to both confidentiality and integrity. The CVSS Base Score is 8.1. Attackers can potentially gain unauthorized access to all Oracle Enterprise Asset Management data or even complete control over the system.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

Oracle Enterprise Asset Management

Affected Vendors

Oracle Corp

Advisories, Assessments, and Mitigations

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Threats to the 2025 NATO Summit

Artificial Eyes: Generative AI in China’s Military Intelligence

GrayAlpha Uses Diverse Infection Vectors to Deploy PowerNet Loader and NetSupport RAT

Know What Matters

For Customers

For Partners