CVE-2024-21081

Summary

CVE-2024-21081 is a vulnerability affecting the Oracle Partner Management component of Oracle E-Business Suite, specifically versions 12.2.3 to 12.2.13. This issue allows unauthenticated attackers, with network access via HTTP, to compromise Oracle Partner Management. The exploitation of this vulnerability necessitates human interaction and may lead to significant impacts beyond Oracle Partner Management, including unauthorized modification of data. The Base Score for this vulnerability, according to the Common Vulnerability Scoring System version 3.1, is 4.7 for integrity impacts, with an attack vector of network (N), a low attack complexity (L), a privilege requirement of none (N), a user interaction requirement of required (R), a scope change (S) potential, and no impact on availability (A), confidentiality (C), or integrity (I) beyond the primary component.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.