CVE-2024-21215

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Oct 15, 2024

Summary

CVE-2024-21215 is a high-severity vulnerability affecting Oracle WebLogic Server versions 12.2.1.4.0 and 14.1.1.0.0, part of Oracle Fusion Middleware's Core component. The vulnerability allows unauthenticated attackers with network access via HTTP to exploit the system, potentially leading to denial-of-service (DoS) conditions through server hangs or crashes. The CVSS 3.1 Base Score for this vulnerability is 7.5, indicating significant availability impacts with low attack complexity and no privileges or user interaction required for exploitation. To remediate this vulnerability, it is advised that organizations apply the latest security patches provided by Oracle as detailed in their security alerts. Failure to address this issue could result in substantial downtime and operational disruption for affected organizations.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share