CVE-2024-21206

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Oct 15, 2024

Updated: Oct 31, 2024

CWE ID 203

Summary

CVE-2024-21206 is a new vulnerability affecting the Oracle Enterprise Command Center Framework component of Oracle E-Business Suite, specifically versions ECC:11-13. This issue is classified as easily exploitable and allows a low privileged attacker with network access via HTTP to gain unauthorized read access to a subset of Oracle Enterprise Command Center Framework data. The impact of this vulnerability is rated as Confidentiality impacts with a base score of 4.3 on the CVSS scale. The attacker can exploit this issue without user interaction and there is no known user interface involved. Successful exploitation could result in the attacker accessing sensitive data within the Oracle Enterprise Command Center Framework.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Vendors

BonqDAO

Advisories, Assessments, and Mitigations

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Threats to the 2025 NATO Summit

Artificial Eyes: Generative AI in China’s Military Intelligence

GrayAlpha Uses Diverse Infection Vectors to Deploy PowerNet Loader and NetSupport RAT

Know What Matters

For Customers

For Partners