CVE-2024-21045

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Apr 16, 2024

Updated: Apr 17, 2024

Summary

CVE-2024-21045 is a vulnerability affecting the Oracle Complex Maintenance, Repair, and Overhaul component of Oracle E-Business Suite, specifically versions 12.2.3 to 12.2.13. This easily exploitable issue allows unauthenticated attackers with network access to compromise the product via HTTP. Successful attacks necessitate human interaction, and may result in unauthorized data updates, inserts, deletes, or reads in Oracle Complex Maintenance, Repair, and Overhaul, with potential scope change impacting additional products. The CVSS Base Score is 6.1, indicating low to moderate risk for Confidentiality and Integrity.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/vblQFq
https://www.cve.org/CVERecord?id=CVE-2024-21045
https://nvd.nist.gov/vuln/detail/CVE-2024-21045

Back to Vulnerability Database

CVE-2024-21045

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations