How severe is CVE-2024-20949?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.1 out of 10.

What type of vulnerability is CVE-2024-20949?

This is classified as CWE-125, which is a common weakness in software security.

CVE-2024-20949

MEDIUM Year: 2024

CVSS v3 Score

6.1

Medium

Weakness Type

CWE-125

View all →

Vulnerability Description

Vulnerability in the Oracle Customer Interaction History product of Oracle E-Business Suite (component: Outcome-Result). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Customer Interaction History. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Customer Interaction History, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Customer Interaction History accessible data as well as unauthorized read access to a subset of Oracle Customer Interaction History accessible data. CVSS 3.1 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).

CVE-2017-8182

MEDIUM

CVSS:6.1(Medium)

MTK platform in Huawei smart phones with software of earlier than Nice-AL00C00B160 versions, earlier than Nice-AL10C00B140 versions has a out-of-bound read vulnerability. An attacker tricks a user int...

CWE-1252017

CVE-2020-36602

MEDIUM

CVSS:6.1(Medium)

There is an out-of-bounds read and write vulnerability in some headset products. An unauthenticated attacker gets the device physically and crafts malformed message with specific parameter and sends t...

CWE-1252020

CVE-2020-3986

MEDIUM

CVSS:6.1(Medium)

VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain an out-of-bounds read vulnerability in Cortado ThinPrint component (EMF Parser). A malicious actor with normal acces...

CWE-1252020

CVE-2020-3987

MEDIUM

CVSS:6.1(Medium)

VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain an out-of-bounds read vulnerability in Cortado ThinPrint component (EMR STRETCHDIBITS parser). A malicious actor wit...

CWE-1252020

CVE-2020-3988

MEDIUM

CVSS:6.1(Medium)

VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain an out-of-bounds read vulnerability in Cortado ThinPrint component (JPEG2000 parser). A malicious actor with normal ...

CWE-1252020

CVE-2020-9726

MEDIUM

CVSS:6.1(Medium)

Adobe FrameMaker version 2019.0.6 (and earlier versions) has an out-of-bounds read vulnerability that could be exploited to read past the end of an allocated buffer, possibly resulting in a crash or d...

CWE-1252020

CVE-2024-20949

Vulnerability Description

Related Vulnerabilities

CVE-2017-8182

CVE-2020-36602

CVE-2020-3986

CVE-2020-3987

CVE-2020-3988

CVE-2020-9726