How severe is CVE-2024-21030?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.1 out of 10.

What type of vulnerability is CVE-2024-21030?

This is classified as CWE-121, which is a common weakness in software security.

CVE-2024-21030

MEDIUM Year: 2024

CVSS v3 Score

6.1

Medium

Weakness Type

CWE-121

View all →

Vulnerability Description

Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business Suite (component: LOV). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Complex Maintenance, Repair, and Overhaul. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Complex Maintenance, Repair, and Overhaul, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Complex Maintenance, Repair, and Overhaul accessible data as well as unauthorized read access to a subset of Oracle Complex Maintenance, Repair, and Overhaul accessible data. CVSS 3.1 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).

CVE-2021-39845

MEDIUM

CVSS:6.1(Medium)

Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a stack overflow vulnerability due to insecure handling of a craf...

CWE-1212021

CVE-2021-39846

MEDIUM

CVSS:6.1(Medium)

CWE-1212021

CVE-2022-1355

MEDIUM

CVSS:6.1(Medium)

A stack buffer overflow flaw was found in Libtiffs' tiffcp.c in main() function. This flaw allows an attacker to pass a crafted TIFF file to the tiffcp tool, triggering a stack buffer overflow issue, ...

CWE-1212022

CVE-2024-41166

MEDIUM

CVSS:6.1(Medium)

Stack-based buffer overflow in some Intel(R) PROSet/Wireless WiFi and Killerâ„¢ WiFi software for Windows before version 23.80 may allow an unauthenticated user to potentially enable denial of service...

CWE-1212024

CVE-2024-7784

MEDIUM

CVSS:6.1(Medium)

During internal Axis Security Development Model (ASDM) threat-modelling, a flaw was found in the protection for device tampering (commonly known as Secure Boot) in AXIS OS making it vulnerable to a so...

CWE-1212024

CVE-2023-0330

MEDIUM

CVSS:6.0(Medium)

A vulnerability in the lsi53c895a device affects the latest version of qemu. A DMA-MMIO reentrancy problem may lead to memory corruption bugs like stack overflow or use-after-free.

CWE-1212023

CVE-2024-21030

Vulnerability Description

Related Vulnerabilities

CVE-2021-39845

CVE-2021-39846

CVE-2022-1355

CVE-2024-41166

CVE-2024-7784

CVE-2023-0330