How severe is CVE-2024-21039?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.1 out of 10.

What type of vulnerability is CVE-2024-21039?

This is classified as CWE-285, which is a common weakness in software security.

CVE-2024-21039 - MEDIUM Severity | CVSS 6.1

Vulnerability Description

Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business Suite (component: LOV). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Complex Maintenance, Repair, and Overhaul. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Complex Maintenance, Repair, and Overhaul, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Complex Maintenance, Repair, and Overhaul accessible data as well as unauthorized read access to a subset of Oracle Complex Maintenance, Repair, and Overhaul accessible data. CVSS 3.1 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).

Related Vulnerabilities

CVE-2022-22268

MEDIUM

CVSS:6.1(Medium)

Incorrect implementation of Knox Guard prior to SMR Jan-2022 Release 1 allows physically proximate attackers to temporary unlock the Knox Guard via Samsung DeX mode.

CWE-2852022

CVE-2023-41819

MEDIUM

CVSS:6.1(Medium)

A PendingIntent hijacking vulnerability was reported in the Motorola Face Unlock application that could allow a local attacker to access unauthorized content providers.

CWE-2852023

CVE-2024-21018

MEDIUM

CVSS:6.1(Medium)

CWE-2852024

CVE-2024-21026

MEDIUM

CVSS:6.1(Medium)

CWE-2852024

CVE-2024-21031

MEDIUM

CVSS:6.1(Medium)

CWE-2852024

CVE-2024-21035

MEDIUM

CVSS:6.1(Medium)

CWE-2852024