CVE-2024-20931

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Feb 17, 2024

Updated: Feb 20, 2024

Summary

CVE-2024-20931 is a vulnerability affecting Oracle WebLogic Server versions 12.2.1.4.0 and 14.1.1.0.0, which is part of Oracle Fusion Middleware. This issue is classified as easily exploitable and allows unauthenticated attackers to compromise the server via T3 or IIOP protocols. Successful attacks can result in unauthorized access to critical data, posing a significant confidentiality risk. The Base Score of this vulnerability is 7.5, according to the Common Vulnerability Scoring System (CVSS) version 3.1. Attackers can exploit this vulnerability remotely without requiring authentication or user interaction.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/uKyEda
https://www.cve.org/CVERecord?id=CVE-2024-20931
https://nvd.nist.gov/vuln/detail/CVE-2024-20931

Back to Vulnerability Database

CVE-2024-20931

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations