2024-11-27
:
This article describes a vulnerability (CVE-2024-20958) in the Oracle Installed Base component of Oracle E-Business Suite versions 12.2.3 to 12.2.13. A low privileged attacker with network access can exploit this vulnerability to gain unauthorized access to some Oracle Installed Base data.
Vulnerability Details:
Platform: Oracle E-Business Suite
Version: 12.2.3 – 12.2.13
Vulnerability: CVE-2024-20958
Severity: Medium (CVSS 3.1 Base Score: 5.4)
Date: February 16, 2024 (Published by NIST)
What Undercode Says:
This vulnerability allows an attacker with some access to potentially modify or view sensitive data within Oracle Installed Base. While user interaction is required, it’s important to patch this vulnerability as soon as possible to prevent unauthorized access. Organizations using Oracle E-Business Suite should consult with Oracle for update information.
References:
Reported By: Nvd.nist.gov
Undercode AI: https://ai.undercodetesting.com
Image Source:
OpenAI: https://openai.com
Undercode AI DI v2: https://ai.undercode.help