CVE-2024-21274

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Oct 15, 2024

Summary

CVE-2024-21274 is a vulnerability affecting the Oracle WebLogic Server component of Oracle Fusion Middleware, specifically in versions 12.2.1.4.0 and 14.1.1.0.0. This flaw allows unauthenticated attackers with network access via HTTP to exploit the server, potentially leading to a denial-of-service (DoS) condition characterized by server hangs or crashes. The vulnerability has a CVSS 3.1 Base Score of 7.5, indicating significant availability impacts but no confidentiality or integrity concerns. Organizations can mitigate this issue by applying recommended security patches as outlined in Oracle's security alerts. Given its ease of exploitation and high severity rating, it poses a serious risk to operational continuity for affected entities.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share