CVE-2024-21271
CVSS 3.1 Score 8.1 of 10 (high)
Details
Summary
CVE-2024-21271 identifies a vulnerability in the Oracle Field Service component of Oracle E-Business Suite, specifically affecting versions 12.2.3 through 12.2.13. This vulnerability is characterized as easily exploitable, allowing low-privileged attackers with network access via HTTP to compromise the system, potentially leading to unauthorized creation, deletion, or modification of critical data. The CVSS 3.1 Base Score for this vulnerability is rated at 8.1, indicating high severity with significant impacts on confidentiality and integrity. To remediate this vulnerability, organizations should promptly apply the security updates provided by Oracle as detailed in their security alerts. Failure to address this issue may result in severe data breaches and loss of sensitive information within affected systems.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.