Oracle E-Business Suite Vulnerability in Complex Maintenance, Repair and Overhaul Component
CVE-2024-21030
6.1MEDIUM
Key Information:
- Vendor
- Oracle
- Vendor
- CVE Published:
- 16 April 2024
Summary
A security weakness exists in the Oracle E-Business Suite's Complex Maintenance, Repair, and Overhaul component, allowing an unauthenticated attacker to exploit this vulnerability via network access. While an attack requires interaction from a third-party user, the consequences can significantly impact not only the maintenance system but also extend to other interconnected systems. Attackers could potentially gain unauthorized access to sensitive data, with the ability to update, insert, or delete accessible information, thus compromising both confidentiality and integrity of the affected data.
References
CVSS V3.1
Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed
Timeline
Vulnerability published