CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-20951
https://notcve.org/view.php?id=CVE-2024-20951
17 Feb 2024 — Vulnerability in the Oracle Customer Interaction History product of Oracle E-Business Suite (component: Outcome-Result). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Customer Interaction History. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Customer Interaction History, attacks may significantly impact ad... • https://www.oracle.com/security-alerts/cpujan2024.html • CWE-284: Improper Access Control •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-20949
https://notcve.org/view.php?id=CVE-2024-20949
17 Feb 2024 — Vulnerability in the Oracle Customer Interaction History product of Oracle E-Business Suite (component: Outcome-Result). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Customer Interaction History. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Customer Interaction History, attacks may significantly impact ad... • https://www.oracle.com/security-alerts/cpujan2024.html • CWE-125: Out-of-bounds Read •