Denial of Service Vulnerability in Oracle Outside In Technology by Oracle
CVE-2021-35660

7.5HIGH

Key Information:

Vendor: Oracle
Status: Outside In Technology
Vendor: CVE Published:; 20 October 2021

What is CVE-2021-35660?

A vulnerability in Oracle Outside In Technology, part of Oracle Fusion Middleware, allows unauthenticated attackers to exploit the service via HTTP. This weakness can lead to a denial of service, causing the technology to hang or crash repeatedly. The affected version is 8.5.5. The nature of this attack relies on direct network data transmission to Outside In Technology, emphasizing the need for stringent security measures in environments using this product.

Affected Version(s)

Outside In Technology 8.5.5

References

https://www.oracle.com/security-alerts/cpuoct2021.html

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 20, 2021
Vulnerability Reserved
Jun 28, 2021