Denial-of-Service Vulnerability in Oracle Sales Offline by Oracle
CVE-2021-2190

7.5HIGH

Key Information:

Vendor: Oracle
Status: Sales Offline
Vendor: CVE Published:; 22 April 2021

What is CVE-2021-2190?

A vulnerability in the Oracle Sales Offline component of the Oracle E-Business Suite may allow an unauthenticated remote attacker to disrupt service through crafted HTTP requests. The affected versions, ranging from 12.1.1 to 12.2.10, can experience instability leading to frequent crashes or unresponsive states. This situation poses serious availability risks to organizations relying on this software, making it imperative to address this security issue promptly.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Sales Offline 12.1.1-12.1.3

Sales Offline 12.2.3-12.2.10

References

https://www.oracle.com/security-alerts/cpuapr2021.html

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 22, 2021
Vulnerability Reserved
Dec 9, 2020

JSON

Oracle

What is CVE-2021-2190?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.