CVE-2024-21268

Summary

CVE-2024-21268 is a vulnerability in the Oracle Applications Manager component of the Oracle E-Business Suite, affecting versions 12.2.11 to 12.2.13. This vulnerability is easily exploitable by low-privileged attackers with network access via HTTP, allowing them to gain unauthorized creation, deletion, or modification access to critical data within Oracle Applications Manager. The CVSS 3.1 Base Score for this vulnerability is 8.1, indicating high severity with significant impacts on confidentiality and integrity. Organizations using affected versions are advised to apply security patches provided by Oracle to mitigate the risks associated with this vulnerability. Failure to remediate this issue could lead to substantial data breaches and unauthorized access to sensitive information.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.