Vulnerability in the Oracle Production Scheduling product of Oracle E-Business Suite (component: Import Utility). Supported versions that are affected are 12.2.4-12.2.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Production Scheduling. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Production Scheduling accessible data. CVSS 3.1 Base Score 7.5 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N).
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.oracle.com/security-alerts/cpuapr2024.html |
History
Fri, 15 Nov 2024 22:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-444 | |
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: oracle
Published: 2024-04-16T21:26:28.130Z
Updated: 2024-11-15T21:15:15.563Z
Reserved: 2023-12-07T22:28:10.669Z
Link: CVE-2024-21088
Vulnrichment
Updated: 2024-08-01T22:13:42.639Z
NVD
Status : Awaiting Analysis
Published: 2024-04-16T22:15:28.810
Modified: 2024-11-21T08:53:45.673
Link: CVE-2024-21088
Redhat
No data.