Application Express Customers Plugin Vulnerability in Oracle
CVE-2023-21975

9CRITICAL

Key Information:

Vendor: Oracle
Status: Application Express (apex)
Vendor: CVE Published:; 18 July 2023

What is CVE-2023-21975?

A vulnerability exists in the Oracle Application Express Customers Plugin that may allow a low-privileged attacker with network access to compromise user accounts. Exploitation requires interaction from a user other than the attacker, which could lead to unauthorized access and takeover of the Application Express Customers Plugin. This vulnerability impacts not only the plugin itself but might also affect additional products, indicating a significant security risk if exploited.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Application Express (APEX) Application Express Customers Plugin: 18.2 <= 22.2

References

https://www.oracle.com/security-alerts/cpujul2023.html

vendor-advisory

CVSS V3.1

Score:

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Jul 18, 2023
Vulnerability Reserved
Dec 17, 2022

JSON

Oracle

What is CVE-2023-21975?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.