CVE-2024-21258

Vulnerability in the Oracle Installed Base product of Oracle E-Business Suite (component: User Interface). Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Installed Base. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Installed Base accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:oracle:installed_base:*:*:*:*:*:*:*:*

History

06 Nov 2024, 22:56

Type Values Removed Values Added
References () https://www.oracle.com/security-alerts/cpuoct2024.html - () https://www.oracle.com/security-alerts/cpuoct2024.html - Vendor Advisory
First Time Oracle installed Base
Oracle
CWE NVD-CWE-noinfo
CPE cpe:2.3:a:oracle:installed_base:*:*:*:*:*:*:*:*

16 Oct 2024, 15:35

Type Values Removed Values Added
Summary
  • (es) Vulnerabilidad en el producto Oracle Installed Base de Oracle E-Business Suite (componente: Interfaz de usuario). Las versiones compatibles afectadas son 12.2.3-12.2.14. Esta vulnerabilidad, que se puede explotar fácilmente, permite que un atacante no autenticado con acceso a la red a través de HTTP ponga en peligro Oracle Installed Base. Los ataques exitosos de esta vulnerabilidad pueden dar como resultado un acceso de lectura no autorizado a un subconjunto de datos accesibles de Oracle Installed Base. Puntuación base de CVSS 3.1: 5,3 (impactos de confidencialidad). Vector CVSS: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).
CWE CWE-922

15 Oct 2024, 20:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-10-15 20:15

Updated : 2024-11-06 22:56


NVD link : CVE-2024-21258

Mitre link : CVE-2024-21258

CVE.ORG link : CVE-2024-21258


JSON object : View

Products Affected

oracle

  • installed_base
CWE
NVD-CWE-noinfo CWE-922

Insecure Storage of Sensitive Information