How severe is CVE-2024-21143?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.3 out of 10.

What type of vulnerability is CVE-2024-21143?

This is classified as CWE-125, which is a common weakness in software security.

CVE-2024-21143 - MEDIUM Severity | CVSS 5.3

Vulnerability Description

Vulnerability in the Oracle iStore product of Oracle E-Business Suite (component: User Management). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iStore. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle iStore accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).

Related Vulnerabilities

CVE-2015-8629

MEDIUM

CVSS:5.3(Medium)

The xdr_nullstring function in lib/kadm5/kadm_rpc_xdr.c in kadmind in MIT Kerberos 5 (aka krb5) before 1.13.4 and 1.14.x before 1.14.1 does not verify whether '\0' characters exist as expected, which ...

CWE-1252015

CVE-2016-2375

MEDIUM

CVSS:5.3(Medium)

An exploitable out-of-bounds read exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT contact information sent from the server can result in memory disclosure.

CWE-1252016

CVE-2016-2518

MEDIUM

CVSS:5.3(Medium)

The MATCH_ASSOC function in NTP before version 4.2.8p9 and 4.3.x before 4.3.92 allows remote attackers to cause an out-of-bounds reference via an addpeer request with a large hmode value.

CWE-1252016

CVE-2016-5186

MEDIUM

CVSS:5.3(Medium)

Devtools in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android incorrectly handled objects after a tab crash, which allowed a remote attacker to perform an out o...

CWE-1252016

CVE-2016-8875

MEDIUM

CVSS:5.3(Medium)

The ConvertToPDF plugin in Foxit Reader and PhantomPDF before 8.1 on Windows, when the gflags app is enabled, allows remote attackers to cause a denial of service (out-of-bounds read and application c...

CWE-1252016

CVE-2017-12722

MEDIUM

CVSS:5.3(Medium)

An Out-of-bounds Read issue was discovered in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump, Version 1.1, 1.5, and 1.6. A third-party component used in the pump reads memory out of boun...

CWE-1252017