Unauthorized Access Vulnerability in Oracle WebCenter Content by Oracle
CVE-2024-20928
Summary
Oracle WebCenter Content, part of Oracle Fusion Middleware, is affected by an unauthorized access vulnerability that allows unauthenticated attackers with network access via HTTP to compromise the system. This vulnerability requires human interaction from a user other than the attacker, making exploitation more feasible under certain circumstances. While primarily affecting Oracle WebCenter Content, the potential for scope change means that successful exploitation could also impact other Oracle products. The vulnerability can lead to unauthorized read, update, insert, or delete access to sensitive data, which may significantly jeopardize the integrity and confidentiality of the system.
Affected Version(s)
WebCenter Content 12.2.1.4.0
References
CVSS V3.1
Timeline
Vulnerability published
Vulnerability Reserved