CVE-2024-21152

CVSS 3.1 Score 8.1 of 10 (high)

Details

Published Jul 16, 2024
Updated: Aug 1, 2024
CWE ID 200

Summary

CVE-2024-21152 is a newly identified vulnerability affecting the Oracle Process Manufacturing Financials component of Oracle E-Business Suite (versions 12.2.12-12.2.13). This issue allows a low-privileged, network-accessible attacker to compromise the system via HTTP. Successful exploitation can lead to unauthorized modification or deletion of critical data in Oracle Process Manufacturing Financials, as well as potential complete access to all accessible data. The vulnerability has a CVSS 3.1 Base Score of 8.1 for both Confidentiality and Integrity impacts. Attackers can exploit this vulnerability to gain significant control over affected systems.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share