Unauthenticated Remote DoS Vulnerability in Oracle Outside In Technology
CVE-2021-2450

7.5HIGH

Key Information:

Vendor: Oracle
Status: Outside In Technology
Vendor: CVE Published:; 21 July 2021

Summary

A vulnerability exists in Oracle Outside In Technology that enables an unauthenticated attacker to conduct remote denial-of-service attacks. This flaw permits an attacker with network access via HTTP to exploit the system, leading to frequent crashes or a complete hang of the service. This vulnerability particularly affects version 8.5.5 of Oracle's Outside In Filters, which serve as pivotal components within the Oracle Fusion Middleware suite. Attackers who exploit this vulnerability can severely disrupt the availability of the affected systems, raising concerns for organizations relying on this technology for critical operations.

Affected Version(s)

Outside In Technology 8.5.5

References

https://www.oracle.com/security-alerts/cpujul2021.html

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 21, 2021
Vulnerability Reserved
Dec 9, 2020