CVE-2024-21285

Summary

CVE-2024-21285 is a vulnerability affecting Oracle Banking Liquidity Management, specifically in version 14.5.0.12.0 of Oracle Financial Services Applications. This vulnerability is difficult to exploit, requiring low privileges and human interaction from a user other than the attacker, and can lead to a complete takeover of the affected system. The risk assessment indicates a CVSS base score of 7.1, highlighting significant potential impacts on confidentiality, integrity, and availability. To remediate this vulnerability, organizations should apply the latest security updates provided by Oracle as detailed in their security alert documentation. Failure to address this issue could expose organizations to severe operational disruptions and data breaches.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.