CVE-2024-20909

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Feb 17, 2024

Updated: Feb 20, 2024

Summary

CVE-2024-20909 is a vulnerability affecting Oracle Audit Vault and Database Firewall's Firewall component, with versions 20.1-20.9 being vulnerable. This issue is easily exploitable by unauthenticated attackers with network access via Oracle Net. Successful exploitation may grant an attacker unauthorized access to critical data or all data managed by Oracle Audit Vault and Database Firewall, resulting in integrity impacts with a CVSS Base Score of 7.5. This vulnerability allows for the creation, deletion, or modification of data, posing a significant risk to organizations using the affected versions.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/uKzCV4
https://www.cve.org/CVERecord?id=CVE-2024-20909
https://nvd.nist.gov/vuln/detail/CVE-2024-20909

Back to Vulnerability Database

CVE-2024-20909

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations