CVE-2024-21167

CVSS 3.1 Score 8.1 of 10 (high)

Details

Published Jul 16, 2024

Updated: Jul 17, 2024

Summary

CVE-2024-21167 is a vulnerability affecting the Oracle Trading Community product of Oracle E-Business Suite, specifically versions 12.2.3 to 12.2.13. This issue grants a low-privileged attacker with network access via HTTP the ability to exploit and compromise the Oracle Trading Community. Successful attacks could result in unauthorized access to critical data or complete access to all Oracle Trading Community data, leading to potential data manipulation and unauthorized modifications. The vulnerability holds a CVSS 3.1 Base Score of 8.1 for both Confidentiality and Integrity impacts. Attack vectors include network access, making it easily exploitable.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Advisories, Assessments, and Mitigations

Back to Vulnerability Database