CVE-2024-20958

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Feb 17, 2024

Updated: Feb 20, 2024

Summary

CVE-2024-20958 is a vulnerability affecting the Oracle Installed Base component of Oracle E-Business Suite, specifically versions 12.2.3 to 12.2.13. This issue allows a low-privileged attacker with network access to compromise Oracle Installed Base via HTTP. While exploitation requires human interaction, successful attacks could lead to unauthorized data access or manipulation, significantly impacting the confidentiality and integrity of affected data. The CVSS Base Score is 5.4. This vulnerability, though limited in attack vector, may have broader impacts, affecting additional Oracle products.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/uKyX7U
https://www.cve.org/CVERecord?id=CVE-2024-20958
https://nvd.nist.gov/vuln/detail/CVE-2024-20958

Back to Vulnerability Database

CVE-2024-20958

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations