Description

Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: XML input). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Web Applications Desktop Integrator. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Web Applications Desktop Integrator accessible data. CVSS 3.1 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).

INFO

Published Date :

2024-04-16T21:26:14.451Z

Last Modified :

2025-03-19T18:02:15.507Z

Source :

oracle
AFFECTED PRODUCTS

The following products are affected by CVE-2024-21048 vulnerability.

Vendors Products
Oracle
  • Web Applications Desktop Integrator
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-21048.

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact