CVE-2024-21067

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Apr 16, 2024

Updated: Aug 15, 2024

CWE ID 284

Summary

CVE-2024-21067 is a vulnerability affecting the Oracle Enterprise Manager Base Platform component of Oracle Enterprise Manager, specifically version 13.5.0.0. This issue allows a low-privileged attacker with logon access to the affected infrastructure to compromise the Oracle Enterprise Manager Base Platform. The impact of this vulnerability goes beyond the affected product, as it may lead to significant damage to additional products as well. Successfully exploiting this vulnerability can result in a complete takeover of the Oracle Enterprise Manager Base Platform, making it a severe threat with a CVSS 3.1 Base Score of 8.8 for Confidentiality, Integrity, and Availability impacts. Attackers can leverage this vulnerability to gain unauthorized access and potentially cause damage to the system.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Advisories, Assessments, and Mitigations

Back to Vulnerability Database