CVE-2024-21205

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Oct 15, 2024

Summary

CVE-2024-21205 is a vulnerability affecting the Oracle Service Bus component of Oracle Fusion Middleware, specifically version 12.2.1.4.0. This vulnerability allows a low-privileged attacker with network access via HTTP to potentially gain unauthorized access to critical data within the Oracle Service Bus. The CVSS 3.1 Base Score for this vulnerability is 6.5, indicating a medium severity with high confidentiality impact and low attack complexity. Organizations are advised to remediate this issue by applying relevant security patches provided by Oracle, as successful exploitation can lead to complete access to all data accessible through the affected service bus component. For further details and remediation guidance, users can refer to Oracle's security alerts at their official website.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share