Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware (component: Web Listener). The supported version that is affected is 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle HTTP Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle HTTP Server accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).
History

Wed, 21 Aug 2024 16:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-200

cve-icon MITRE

Status: PUBLISHED

Assigner: oracle

Published: 2024-04-16T21:25:55.089Z

Updated: 2024-08-21T14:52:19.655Z

Reserved: 2023-12-07T22:28:10.642Z

Link: CVE-2024-20991

cve-icon Vulnrichment

Updated: 2024-08-01T22:13:41.420Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-04-16T22:15:12.110

Modified: 2024-11-21T08:53:34.590

Link: CVE-2024-20991

cve-icon Redhat

No data.