Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: XML input). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Web Applications Desktop Integrator. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Web Applications Desktop Integrator accessible data. CVSS 3.1 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.oracle.com/security-alerts/cpuapr2024.html |
History
Fri, 06 Dec 2024 20:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | NVD-CWE-noinfo | |
CPEs | cpe:2.3:a:oracle:web_applications_desktop_integrator:*:*:*:*:*:*:*:* |
MITRE
Status: PUBLISHED
Assigner: oracle
Published: 2024-04-16T21:26:14.451Z
Updated: 2024-11-06T18:53:24.237Z
Reserved: 2023-12-07T22:28:10.660Z
Link: CVE-2024-21048
Vulnrichment
Updated: 2024-08-01T22:13:42.293Z
NVD
Status : Analyzed
Published: 2024-04-16T22:15:21.810
Modified: 2024-12-06T19:46:40.837
Link: CVE-2024-21048
Redhat
No data.