CVE-2024-21216

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Oct 15, 2024

Summary

CVE-2024-21216 is a critical vulnerability affecting the Oracle WebLogic Server component of Oracle Fusion Middleware, specifically in versions 12.2.1.4.0 and 14.1.1.0.0. This flaw allows unauthenticated attackers with network access to exploit the server via T3 and IIOP protocols, potentially leading to complete server takeover. The CVSS 3.1 Base Score for this vulnerability is 9.8, indicating significant impacts on confidentiality, integrity, and availability. Organizations should remediate this issue by applying the latest security patches provided by Oracle as detailed in their security alert here. Failure to address this vulnerability could expose organizations to severe security breaches and operational disruptions due to the high level of exploitability and impact associated with this threat.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share