cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-21034,https://securityvulnerability.io/vulnerability/CVE-2024-21034,"Unauthenticated Input Vulnerability in Oracle E-Business Suite's Complex Maintenance, Repair, and Overhaul Product","The vulnerability in Oracle's Complex Maintenance, Repair, and Overhaul component of the E-Business Suite allows an unauthenticated attacker with network access via HTTP to exploit the system. Successful exploitation requires user interaction from a third party, which increases the risk of unauthorized data manipulation, including the ability to update, insert, and delete certain data. Additionally, an attacker can gain unauthorized read access to sensitive data. This vulnerability not only affects the Complex Maintenance, Repair, and Overhaul product but also poses potential risks to interconnected systems, highlighting the need for urgent patching and comprehensive security measures.",Oracle,"Complex Maintenance, Repair, And Overhaul",6.1,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-04-16T22:15:00.000Z,0
CVE-2024-21035,https://securityvulnerability.io/vulnerability/CVE-2024-21035,"Unauthenticated Vulnerability in Oracle E-Business Suite's Complex Maintenance, Repair, and Overhaul","The vulnerability in Oracle E-Business Suite's Complex Maintenance, Repair, and Overhaul component allows unauthenticated attackers with network access to exploit easily. Although attacks require human interaction, successful exploitation can lead to unauthorized modification and retrieval of sensitive data. This flaw poses significant risks, potentially impacting other integrated products, and requires immediate attention to secure sensitive operations and maintain data integrity.",Oracle,Complex Maintenance Repair And Overhaul,6.1,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-04-16T22:15:00.000Z,0
CVE-2024-21032,https://securityvulnerability.io/vulnerability/CVE-2024-21032,"Vulnerability in Oracle E-Business Suite Affecting Complex Maintenance, Repair, and Overhaul Component","A vulnerability exists in the Oracle Complex Maintenance, Repair, and Overhaul component of the Oracle E-Business Suite. This flaw allows unauthenticated attackers with network access to leverage HTTP connections to compromise the system. Successful exploitation can lead to unauthorized actions such as updates, inserts, or deletions of accessible data. Furthermore, attackers can gain unauthorized read access to certain data sets within the application. Notably, the nature of the attack necessitates user interaction, though the attack vector could have wider implications across various products.",Oracle,Complex Maintenance Repair And Overhaul,6.1,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-04-16T22:15:00.000Z,0
CVE-2024-21026,https://securityvulnerability.io/vulnerability/CVE-2024-21026,Unauthenticated HTTP Vulnerability in Oracle E-Business Suite's Maintenance Product,"An unpatched vulnerability in Oracle's Complex Maintenance, Repair, and Overhaul component allows unauthenticated attackers to exploit the system through HTTP. Attackers can gain unauthorized access to data, permitting updates, inserts, or deletions without detection. Successful exploitation necessitates human interaction from a user, potentially leading to significant data breaches across other interconnected applications within the Oracle E-Business Suite.",Oracle,"Complex Maintenance, Repair, And Overhaul",6.1,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-04-16T22:15:00.000Z,0
CVE-2024-21024,https://securityvulnerability.io/vulnerability/CVE-2024-21024,"Vulnerability in Oracle E-Business Suite: Complex Maintenance, Repair, and Overhaul Component","A vulnerability exists in the Oracle E-Business Suite, specifically within the Complex Maintenance, Repair, and Overhaul component, allowing unauthenticated attackers with network access to exploit the system. This vulnerability requires interaction from another user, which can lead to unauthorized updates, deletes, or reads of sensitive data within the system. While the primary impact is to the affected component, there are potential risks of broader impacts on associated products due to scope changes during an attack.",Oracle,"Complex Maintenance, Repair, And Overhaul",6.1,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-04-16T22:15:00.000Z,0
CVE-2024-21022,https://securityvulnerability.io/vulnerability/CVE-2024-21022,Unauthenticated Network Vulnerability in Oracle E-Business Suite Complex Maintenance Product,"A vulnerability exists in the Oracle E-Business Suite's Complex Maintenance, Repair, and Overhaul product, specifically impacting versions 12.2.3 through 12.2.13. This vulnerability enables an unauthenticated attacker with network access via HTTP to exploit the system, requiring human interaction from a user to successfully execute attacks. Although primarily affecting the maintenance product, the consequences of an attack could extend to other components, leading to unauthorized access which allows attackers to update, insert, or delete sensitive data, as well as read restricted data subsets. Stakeholders are advised to take the necessary precautions to secure their systems in light of these risks.",Oracle,Complex Maintenance Repair And Overhaul,6.1,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-04-16T22:15:00.000Z,0
CVE-2024-21037,https://securityvulnerability.io/vulnerability/CVE-2024-21037,Unauthenticated Access Vulnerability in Oracle E-Business Suite Complex Maintenance Module,"A vulnerability exists in the Oracle Complex Maintenance, Repair, and Overhaul component of the Oracle E-Business Suite, which could allow unauthenticated attackers with network access via HTTP to exploit the system. Successful exploitation increases the risk of unauthorized modifications or deletions of data within the affected product, as well as unauthorized read access to some confidential data. Notably, while the flaw is localized to the Complex Maintenance, Repair, and Overhaul product, it has the potential to impact other integrated services, depending on the specific environment configurations. Users should be aware of the requirement for human interaction from someone other than the attacker to execute a successful attack.",Oracle,"Complex Maintenance, Repair, And Overhaul",6.1,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-04-16T22:15:00.000Z,0
CVE-2024-21036,https://securityvulnerability.io/vulnerability/CVE-2024-21036,Unauthorized Access Vulnerability in Oracle E-Business Suite's Maintenance Product,"A vulnerability exists in the Oracle Complex Maintenance, Repair, and Overhaul component of the Oracle E-Business Suite, affecting versions 12.2.3 through 12.2.13. It allows unauthenticated remote attackers to exploit the system via HTTP, potentially leading to unauthorized updates, insertion, deletion of data, and unauthorized reading of sensitive information. Successful exploitation necessitates human interaction from a user other than the attacker, which heightens the risk of data compromise across associated products.",Oracle,"Complex Maintenance, Repair, And Overhaul",6.1,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-04-16T22:15:00.000Z,0
CVE-2024-21046,https://securityvulnerability.io/vulnerability/CVE-2024-21046,"Unauthenticated Access Vulnerability in Oracle E-Business Suite's Complex Maintenance, Repair, and Overhaul","A vulnerability exists in the Oracle E-Business Suite's Complex Maintenance, Repair, and Overhaul component, allowing unauthenticated attackers with network access to exploit the system. Successful exploitation requires human interaction, creating a risk of unauthorized updates, inserts, or deletions of accessible data. Moreover, it can lead to unauthorized read access to sensitive data, potentially extending impacts to other components within Oracle E-Business Suite.",Oracle,"Complex Maintenance, Repair, And Overhaul",6.1,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-04-16T22:15:00.000Z,0
CVE-2024-21018,https://securityvulnerability.io/vulnerability/CVE-2024-21018,"Vulnerability in Oracle E-Business Suite's Complex Maintenance, Repair, and Overhaul Product","A vulnerability exists in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business Suite, affecting versions 12.2.3 to 12.2.13. This vulnerability enables an unauthenticated attacker with network access via HTTP to compromise the system, requiring human interaction from a user other than the attacker. While primarily located in the Oracle Complex Maintenance, Repair, and Overhaul product, successful exploitation can have a broader impact on related Oracle products. The vulnerability allows unauthorized updates, inserts, or deletions to accessible data, as well as unauthorized read access to certain data subsets, potentially leading to significant security implications.",Oracle,"Complex Maintenance, Repair, And Overhaul",6.1,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-04-16T22:15:00.000Z,0
CVE-2024-21042,https://securityvulnerability.io/vulnerability/CVE-2024-21042,Unauthenticated Vulnerability in Oracle E-Business Suite's Maintenance Module,"An unauthenticated vulnerability exists in the Oracle Complex Maintenance, Repair, and Overhaul module of the Oracle E-Business Suite. This flaw allows an attacker with network access via HTTP to exploit the application, requiring human interaction from a user other than the attacker. While primarily affecting the Complex Maintenance and Repair module, successful exploitation could lead to unauthorized updates, inserts, or deletions of accessible data. Additionally, attackers may gain unauthorized read access to certain data sets, potentially compromising data integrity and confidentiality. Administrators should be aware of the potential risks and take appropriate remediation actions.",Oracle,"Complex Maintenance, Repair, And Overhaul",6.1,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-04-16T22:15:00.000Z,0
CVE-2024-21019,https://securityvulnerability.io/vulnerability/CVE-2024-21019,Unauthenticated Network Vulnerability in Oracle E-Business Suite's Complex Maintenance Component,"A vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul component of Oracle E-Business Suite enables an unauthenticated attacker with network access via HTTP to potentially compromise sensitive data. Exploitation of this vulnerability necessitates human interaction from a third party, while the root issue resides within Oracle's Complex Maintenance functionalities. The attack could lead to unauthorized data updates, insertions, deletions, and reading of certain data subsets, thereby impacting overall data confidentiality and integrity. Affected versions include 12.2.3 through 12.2.13 of the E-Business Suite, underscoring the importance of timely patching to secure essential business functions.",Oracle,"Complex Maintenance, Repair, And Overhaul",6.1,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-04-16T22:15:00.000Z,0
CVE-2024-21017,https://securityvulnerability.io/vulnerability/CVE-2024-21017,"Vulnerability in Oracle E-Business Suite: Complex Maintenance, Repair, and Overhaul Component","This vulnerability in the Complex Maintenance, Repair, and Overhaul product of Oracle E-Business Suite permits unauthenticated attackers to exploit the system via HTTP. It primarily affects versions 12.2.3 to 12.2.13. Successful exploitation requires human interaction, which can lead to unauthorized access that may allow attackers to update, insert, or delete data, compromising the confidentiality and integrity of sensitive information within the application. Additionally, the potential for broader impacts on connected systems underscores the serious implications of this vulnerability.",Oracle,"Complex Maintenance, Repair, And Overhaul",6.1,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-04-16T22:15:00.000Z,0
CVE-2024-21023,https://securityvulnerability.io/vulnerability/CVE-2024-21023,"Exploitable Vulnerability in Oracle E-Business Suite's Maintenance, Repair, and Overhaul Component","A vulnerability exists in the Oracle Complex Maintenance, Repair, and Overhaul component of Oracle E-Business Suite, which can be exploited by an unauthenticated attacker with network access. This flaw allows unauthorized interactions that can lead to unauthorized changes or access to sensitive data. Exploitation requires human interaction from a victim, as the attack method involves tricking a user into unintentionally facilitating the breach. The implications of this vulnerability extend beyond the initially targeted component and can affect other associated products as well, risking data confidentiality and integrity.",Oracle,"Complex Maintenance, Repair, And Overhaul",6.1,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-04-16T22:15:00.000Z,0
CVE-2024-21025,https://securityvulnerability.io/vulnerability/CVE-2024-21025,Unauthorized Data Access Vulnerability in Oracle E-Business Suite,"A vulnerability exists in the Oracle Complex Maintenance, Repair, and Overhaul component of the Oracle E-Business Suite. This flaw allows an unauthenticated attacker with network access via HTTP to compromise the system. Successful exploitation requires human interaction from a user other than the attacker, presenting a significant risk as attacks can impact related products. The vulnerability enables unauthorized updates, inserts, or deletions of data and grants unauthorized read access to portions of the system's data. Organizations must take immediate action to mitigate the risks associated with this exposure.",Oracle,"Complex Maintenance, Repair, And Overhaul",6.1,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-04-16T22:15:00.000Z,0
CVE-2024-21029,https://securityvulnerability.io/vulnerability/CVE-2024-21029,Unauthenticated Access Vulnerability in Oracle E-Business Suite Component,"This vulnerability in Oracle's Complex Maintenance, Repair, and Overhaul component of the E-Business Suite allows unauthenticated attackers with network access via HTTP to exploit the system. Successful exploitation hinges on the interaction of a third party, not the attacker. This could lead to unauthorized updates, insertions, or deletions of data, as well as unauthorized read access to certain data within Oracle Complex Maintenance, Repair, and Overhaul. Attackers could potentially affect other interconnected products, broadening the impact of the vulnerability beyond the initial target.",Oracle,"Complex Maintenance, Repair, And Overhaul",6.1,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-04-16T22:15:00.000Z,0
CVE-2024-21031,https://securityvulnerability.io/vulnerability/CVE-2024-21031,Unauthorized Data Access in Oracle E-Business Suite Component,"A vulnerability in Oracle Complex Maintenance, Repair, and Overhaul within the Oracle E-Business Suite allows an unauthenticated attacker with network access to exploit the system. The attacker can compromise sensitive data without needing direct interaction, requiring only that a user is misled into interacting with a crafted request. Successful exploitation may lead to unauthorized update, insert, or delete access to key data, along with unauthorized read access to some data subsets, potentially impacting additional products due to the scope change. Users of the affected versions are strongly advised to apply the necessary updates to mitigate the associated risks.",Oracle,Complex Maintenance Repair And Overhaul,6.1,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-04-16T22:15:00.000Z,0
CVE-2024-21033,https://securityvulnerability.io/vulnerability/CVE-2024-21033,"Vulnerability in Oracle E-Business Suite's Complex Maintenance, Repair, and Overhaul Product","This vulnerability in Oracle E-Business Suite's Complex Maintenance, Repair, and Overhaul product allows an unauthenticated attacker to exploit the system via HTTP. Although successful exploitation requires human interaction from a third party, it poses a significant risk. The vulnerability could enable unauthorized updates, inserts, or deletions to the accessible data within the Oracle Complex Maintenance, Repair, and Overhaul. Moreover, there is the potential for unauthorized read access to a portion of accessible data, creating a broader impact on the security of the overall system.",Oracle,Complex Maintenance Repair And Overhaul,6.1,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-04-16T22:15:00.000Z,0
CVE-2024-21038,https://securityvulnerability.io/vulnerability/CVE-2024-21038,Unauthenticated Network Vulnerability in Oracle E-Business Suite Maintenance Product,"A vulnerability exists in the Oracle Complex Maintenance, Repair, and Overhaul component of Oracle E-Business Suite, affecting versions 12.2.3 to 12.2.13. An unauthenticated attacker with network access via HTTP can exploit this weakness, given that the attack requires interaction from an unsuspecting user. The potential impacts include unauthorized updates, inserts, or deletions of accessible data, in addition to unauthorized read access to specific data sets. This vulnerability not only compromises the integrity and confidentiality of the data within the maintenance product but may also affect other interconnected products within the Oracle ecosystem.",Oracle,Complex Maintenance Repair And Overhaul,6.1,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-04-16T22:15:00.000Z,0
CVE-2024-21041,https://securityvulnerability.io/vulnerability/CVE-2024-21041,Unauthenticated HTTP Vulnerability in Oracle E-Business Suite's Complex Maintenance,"The vulnerability in Oracle's Complex Maintenance, Repair, and Overhaul component of the E-Business Suite allows unauthenticated attackers with network access via HTTP to exploit the system. The exploit requires human interaction, yet it poses a significant risk due to the potential unauthorized updates, insertions, deletions, and read access to sensitive data. This vulnerability could affect the integrity and confidentiality of operational data, potentially impacting various other products connected to the Oracle environment.",Oracle,"Complex Maintenance, Repair, And Overhaul",6.1,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-04-16T22:15:00.000Z,0
CVE-2024-21039,https://securityvulnerability.io/vulnerability/CVE-2024-21039,"Unauthenticated Vulnerability in Oracle E-Business Suite 'Complex Maintenance, Repair, and Overhaul' Product","An unauthenticated vulnerability exists in Oracle's Complex Maintenance, Repair, and Overhaul product within the E-Business Suite, affecting versions 12.2.3 through 12.2.13. This vulnerability allows an attacker with network access via HTTP to potentially compromise the system. Exploiting this issue requires interaction from a user not controlled by the attacker. While the primary focus is on the Complex Maintenance, Repair, and Overhaul component, the implications of a successful attack could extend to other products, facilitating unauthorized data updates, insertions or deletions, as well as unauthorized reading of sensitive information.",Oracle,Complex Maintenance Repair And Overhaul,6.1,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-04-16T22:15:00.000Z,0
CVE-2024-21044,https://securityvulnerability.io/vulnerability/CVE-2024-21044,"Unauthorized Access Vulnerability in Oracle Complex Maintenance, Repair, and Overhaul","A security vulnerability has been identified in the Oracle Complex Maintenance, Repair, and Overhaul component of the Oracle E-Business Suite. This issue allows an unauthenticated attacker with network access via HTTP to exploit the system, potentially leading to unauthorized updates, inserts, or deletions of data. While direct attacks are limited to the Complex Maintenance product, the impact may extend to other interconnected systems. Successful exploitation requires human interaction from a different user, which may complicate detection and mitigation efforts.",Oracle,Complex Maintenance Repair And Overhaul,6.1,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-04-16T22:15:00.000Z,0
CVE-2024-21043,https://securityvulnerability.io/vulnerability/CVE-2024-21043,"Vulnerability in Oracle E-Business Suite Complex Maintenance, Repair, and Overhaul","A vulnerability has been identified in the Oracle E-Business Suite's Complex Maintenance, Repair, and Overhaul component that allows an unauthenticated attacker with network access to potentially manipulate accessible data. Exploitation requires human interaction, making it particularly tricky as it can involve unintended user involvement. The vulnerability poses risks of unauthorized updates, deletions, and read access to certain data within the affected system. Although primarily located in the Complex Maintenance, Repair, and Overhaul module, the ramifications of an attack can extend to other interconnected products within the E-Business Suite. This raises concerns regarding data confidentiality and integrity, necessitating immediate attention from users and administrators.",Oracle,"Complex Maintenance, Repair, And Overhaul",6.1,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-04-16T22:15:00.000Z,0
CVE-2024-21030,https://securityvulnerability.io/vulnerability/CVE-2024-21030,"Oracle E-Business Suite Vulnerability in Complex Maintenance, Repair and Overhaul Component","A security weakness exists in the Oracle E-Business Suite's Complex Maintenance, Repair, and Overhaul component, allowing an unauthenticated attacker to exploit this vulnerability via network access. While an attack requires interaction from a third-party user, the consequences can significantly impact not only the maintenance system but also extend to other interconnected systems. Attackers could potentially gain unauthorized access to sensitive data, with the ability to update, insert, or delete accessible information, thus compromising both confidentiality and integrity of the affected data.",Oracle,Complex Maintenance Repair And Overhaul,6.1,MEDIUM,0.0006200000061653554,false,false,false,false,,false,false,2024-04-16T22:15:00.000Z,0
CVE-2024-21045,https://securityvulnerability.io/vulnerability/CVE-2024-21045,Authentication Bypass Vulnerability in Oracle E-Business Suite,"A vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business Suite enables unauthenticated attackers with network access to exploit the service through HTTP. This vulnerability could allow unauthorized updates, insertions, or deletions of accessible data, as well as unauthorized read access to a subset of that data. Successful exploitation of this issue requires interaction from a user other than the attacker. Notably, while primarily affecting the Complex Maintenance, Repair, and Overhaul component, the repercussions may extend to other integrated Oracle products, increasing the potential scope of impact.",Oracle,"Complex Maintenance, Repair, And Overhaul",6.1,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-04-16T22:15:00.000Z,0