CVE-2024-21048

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Apr 16, 2024
Updated: Apr 17, 2024

Summary

CVE-2024-21048 is a newly disclosed vulnerability affecting the Oracle Web Applications Desktop Integrator component of Oracle E-Business Suite, versions 12.2.3 to 12.2.13. This issue allows a low-privileged attacker with network access via HTTP to compromise the Oracle Web Applications Desktop Integrator. Exploitation of this vulnerability may result in unauthorized read access to a subset of the accessible data. The Base Score of CVSS 3.1 for this vulnerability is 4.3, with impacts focusing on confidentiality. Attackers can potentially gain unauthorized access to sensitive information through this easily exploitable network vulnerability.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share