Vulnerability in the Oracle Installed Base product of Oracle E-Business Suite (component: User Interface). Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Installed Base. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Installed Base accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).
References
Link | Resource |
---|---|
https://www.oracle.com/security-alerts/cpuoct2024.html | Vendor Advisory |
Configurations
History
06 Nov 2024, 22:56
Type | Values Removed | Values Added |
---|---|---|
CWE | NVD-CWE-noinfo | |
CPE | cpe:2.3:a:oracle:installed_base:*:*:*:*:*:*:*:* | |
First Time |
Oracle installed Base
Oracle |
|
References | () https://www.oracle.com/security-alerts/cpuoct2024.html - Vendor Advisory |
16 Oct 2024, 15:35
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
|
CWE | CWE-922 |
15 Oct 2024, 20:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-10-15 20:15
Updated : 2024-11-06 22:56
NVD link : CVE-2024-21258
Mitre link : CVE-2024-21258
CVE.ORG link : CVE-2024-21258
JSON object : View
Products Affected
oracle
- installed_base
CWE