CVE-2024-21214

Summary

CVE-2024-21214 is a vulnerability affecting Oracle PeopleSoft Enterprise PeopleTools, specifically within the Query component, impacting versions 8.59, 8.60, and 8.61. The vulnerability is characterized as easily exploitable by low-privileged attackers with network access via HTTP, which could lead to unauthorized creation, deletion, or modification of critical data. Successful exploitation poses a significant risk to confidentiality and integrity, with a CVSS score of 8.1 indicating high severity. To remediate this vulnerability, organizations should apply the patches provided in Oracle's security alerts as outlined in their October 2024 CPU update. Without proper remediation, organizations may face severe data breaches and loss of critical information associated with their PeopleSoft systems.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.