Denial of Service Vulnerability in Oracle Outside In Technology by Oracle
CVE-2021-35659

7.5HIGH

Key Information:

Vendor: Oracle
Status: Outside In Technology
Vendor: CVE Published:; 20 October 2021

What is CVE-2021-35659?

A vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware allows unauthenticated attackers with network access to exploit the system via HTTP. This flaw can lead to denial of service, causing the affected software to hang or crash repeatedly. Outside In Technology serves as a powerful suite of SDKs, and the severity of this issue can vary based on how data is processed by the software using it. The potential for a complete DOS attack poses a significant risk to organizations relying on this technology for their operations.

Affected Version(s)

Outside In Technology 8.5.5

References

https://www.oracle.com/security-alerts/cpuoct2021.html

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 20, 2021
Vulnerability Reserved
Jun 28, 2021