CVE-2024-21284

Summary

CVE-2024-21284 is a vulnerability affecting the Oracle Banking Liquidity Management product, specifically in version 14.5.0.12.0 of Oracle Financial Services Applications. This vulnerability is categorized as having high severity, with a CVSS score of 7.1, and allows low-privileged attackers with network access via HTTP to potentially take over the affected system, although successful exploitation requires human interaction from a third party. The impacts include high risks to confidentiality, integrity, and availability of the system due to its exploitability characteristics, including a high attack complexity level. To remediate this issue, organizations should apply security updates provided by Oracle as outlined in their security alerts. Failure to address this vulnerability could lead to significant operational disruptions and data breaches within an organization’s financial management systems.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.