CVE-2024-21275

Summary

CVE-2024-21275 is a high-severity vulnerability affecting the Oracle Quoting product within the Oracle E-Business Suite, specifically for versions 12.2.7 to 12.2.13. This flaw allows a low-privileged attacker with network access via HTTP to manipulate critical data, potentially leading to unauthorized creation, deletion, or modification of sensitive information within Oracle Quoting. The vulnerability has a CVSS 3.1 Base Score of 8.1, indicating significant impacts on confidentiality and integrity without requiring user interaction. To mitigate this risk, organizations should apply the latest security updates provided by Oracle as outlined in their security alerts. Failure to address this vulnerability could expose an organization to severe data breaches and operational disruptions.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.