2024-11-27
:
This article describes a vulnerability (CVE-2024-20992) in Oracle WebCenter Portal, a component of Oracle Fusion Middleware. The vulnerability allows a low-privileged attacker with network access to potentially modify or view some of the portal’s data. While user interaction is required for a successful attack, it can potentially impact other products as well.
Vulnerability Details:
Platform: Oracle WebCenter Portal (Oracle Fusion Middleware)
Version: 12.2.1.4.0 (affected version)
Vulnerability: Unauthorized access (update, insert, delete, read) to some of Oracle WebCenter Portal data
Severity: Medium (CVSS v3 score: 4.4)
Date: April 16, 2024 (published), November 27, 2024 (last modified)
What Undercode Says:
This vulnerability requires specific circumstances for exploitation, but it’s crucial to stay updated on security patches from Oracle. If you are using Oracle WebCenter Portal 12.2.1.4.0, consult Oracle’s security advisories for mitigation strategies.
References:
Reported By: Nvd.nist.gov
Undercode AI: https://ai.undercodetesting.com
Image Source:
OpenAI: https://openai.com
Undercode AI DI v2: https://ai.undercode.help