CVE-2024-21076

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Apr 16, 2024

Updated: Jul 8, 2024

CWE ID 284

Summary

CVE-2024-21076 is a vulnerability affecting Oracle E-Business Suite's Oracle Trade Management component (Offer LOV) in versions 12.2.3 to 12.2.13. This issue is considered easily exploitable, allowing unauthenticated attackers to gain unauthorized access to critical data through HTTP network access. Successful attacks can lead to complete access to all Oracle Trade Management data, resulting in significant confidentiality impacts. The CVSS Base Score is 7.5. (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Oracle Trade Management

Affected Vendors

BonqDAO

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/vbkGBf
https://www.cve.org/CVERecord?id=CVE-2024-21076
https://nvd.nist.gov/vuln/detail/CVE-2024-21076

Back to Vulnerability Database