Denial of Service Flaw in Oracle Outside In Technology - Oracle Fusion Middleware
CVE-2021-35573

7.5HIGH

Key Information:

Vendor: Oracle
Status: Outside In Technology
Vendor: CVE Published:; 20 October 2021

Summary

A vulnerability exists in Oracle Outside In Technology, which is part of Oracle Fusion Middleware's suite of software development kits. This issue allows an unauthenticated attacker with network access to initiate denial of service attacks, potentially leading to significant service interruptions. If successfully exploited, the vulnerability can cause the affected system to hang or crash repeatedly, severely affecting the availability of applications dependent on Outside In Technology. It's crucial for organizations using this software to ensure that data received over the network is properly validated to mitigate possible exploitation.

Affected Version(s)

Outside In Technology 8.5.5

References

https://www.oracle.com/security-alerts/cpuoct2021.html

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 20, 2021
Vulnerability Reserved
Jun 28, 2021