Unauthenticated Access Vulnerability in Oracle E-Business Suite Scripting Product
CVE-2021-2091

8.2HIGH

Key Information:

Vendor: Oracle
Status: Scripting
Vendor: CVE Published:; 20 January 2021

What is CVE-2021-2091?

An unauthenticated access vulnerability exists in the Oracle Scripting component of the Oracle E-Business Suite. The flaw allows an attacker with network access via HTTP to exploit the Oracle Scripting functionality. Although the vulnerability is contained within Oracle Scripting, successful exploitation could allow unauthorized access to sensitive data, granting attackers the ability to read, modify, or delete information. The attacker's success hinges upon human interaction, which enhances the potential risk significantly as it can impact not only the Scripting component but other interconnected products.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Scripting 12.1.1-12.1.3

Scripting 12.2.3-12.2.10

References

https://www.oracle.com/security-alerts/cpujan2021.html

x_refsource_MISC

CVSS V3.1

Score:

8.2

Severity:

HIGH

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Jan 20, 2021
Vulnerability Reserved
Dec 9, 2020

JSON

Oracle