MEDIUM🇬🇧 English

CVE-2024-21089

CVSS 6.5v3.1pub. 2024-04-16upd. 2024-12-06

Vulnerability in the Oracle Concurrent Processing product of Oracle E-Business Suite (component: Request Submission and Scheduling). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Concurrent Processing. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Concurrent Processing accessible data. CVSS 3.1 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  • Oracle Concurrent Processing

    APP
    Oracle
    12.2.3 – 12.2.13
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2025-61882CRITICAL9.8⚠ KEVPL ✓ten sam produkt

Pominięcie uwierzytelnienia w Oracle Concurrent Processing (E-Business Suite)

CVE-2021-2295HIGH8.1ten sam produkt

Vulnerability in the Oracle Concurrent Processing product of Oracle E-Business Suite (component: BI Publisher ...

CVE-2026-35273CRITICAL9.8⚠ KEVPL ✓ten sam vendor

Pominięcie uwierzytelnienia w Oracle PeopleSoft PeopleTools (RCE/Takeover)

CVE-2025-61757CRITICAL9.8⚠ KEVPL ✓ten sam vendor

Pominięcie uwierzytelnienia w Oracle Identity Manager REST WebServices

CVE-2022-21587CRITICAL9.8⚠ KEVten sam vendor

Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component:...