Denial of Service Vulnerability in Oracle Outside In Technology of Oracle Fusion Middleware
CVE-2021-2452

7.5HIGH

Key Information:

Vendor
Oracle
Status
Outside In Technology
Vendor
CVE Published:
21 July 2021

Summary

This vulnerability exists in Oracle Outside In Technology, part of Oracle Fusion Middleware, specifically in the Outside In Filters component. It allows unauthenticated attackers with network access via HTTP to exploit the system, potentially causing the software to hang or crash repeatedly. The vulnerability is particularly concerning for applications directly interfacing with the Outside In Technology, as successful exploitation could severely impact service availability. Developers using this suite of SDKs should assess their exposure and apply necessary mitigations.

Affected Version(s)

Outside In Technology 8.5.5

References

https://www.oracle.com/security-alerts/cpujul2021.html
x_refsource_MISC

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.