Oracle Process Manufacturing Financials Vulnerability

CVE-2024-21152

8.1HIGH

Key Information

Vendor: Oracle
Status: Process Manufacturing Financials
Vendor: CVE Published:; 16 July 2024

Summary

Vulnerability in the Oracle Process Manufacturing Financials product of Oracle E-Business Suite (component: Allocation Rules). Supported versions that are affected are 12.2.12-12.2.13. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Process Manufacturing Financials. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Process Manufacturing Financials accessible data as well as unauthorized access to critical data or complete access to all Oracle Process Manufacturing Financials accessible data. CVSS 3.1 Base Score 8.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N).

Affected Version(s)

Process Manufacturing Financials <= 12.2.13

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published.
Jul 16, 2024

Collectors

NVD DatabaseMitre Database