June 30, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
PatchWork APT Threat Actor Group – Active IOCs
July 19, 2024Multiple IBM Products Vulnerabilities
July 19, 2024PatchWork APT Threat Actor Group – Active IOCs
July 19, 2024Multiple IBM Products Vulnerabilities
July 19, 2024
Severity
High
Analysis Summary
CVE-2024-21183 CVSS:7.5
An unspecified vulnerability in Oracle WebLogic Server related to the Core component could allow a remote attacker to cause high confidentiality impact.
CVE-2024-21175 CVSS:7.5
An unspecified vulnerability in Oracle WebLogic Server related to the Core component could allow a remote attacker to cause high integrity impact.
CVE-2024-21182 CVSS:7.5
An unspecified vulnerability in Oracle WebLogic Server related to the Core component could allow a remote attacker to cause high confidentiality impact.
CVE-2024-21181 CVSS:9.8
An unspecified vulnerability in Oracle WebLogic Server related to the Core component could allow a remote attacker to cause high confidentiality, integrity and availability impact.
CVE-2024-21152 CVSS:8.1
An unspecified vulnerability in Oracle Process Manufacturing Financials related to the Allocation Rules component could allow a remote authenticated attacker to cause high confidentiality and high integrity impacts.
CVE-2024-21149 CVSS:8.1
An unspecified vulnerability in Oracle Enterprise Asset Management related to the Work Definition Issues component could allow a remote authenticated attacker to cause high confidentiality and high integrity impacts.
CVE-2024-21146 CVSS:8.1
An unspecified vulnerability in Oracle Trade Management related to the GL Accounts component could allow a remote authenticated attacker to cause high confidentiality and high integrity impacts.
CVE-2024-21153 CVSS:8.1
An unspecified vulnerability in Oracle Process Manufacturing Product Development related to the Quality Management Specs component could allow a remote authenticated attacker to cause high confidentiality and high integrity impacts.
CVE-2024-21167 CVSS:8.1
An unspecified vulnerability in Oracle Trading Community related to the Party Search UI component could allow a remote authenticated attacker to cause high confidentiality and high integrity impacts.
CVE-2024-21184 CVSS:7.2
An unspecified vulnerability in Oracle Database Server related to the Oracle Database RDBMS Security component could allow a remote authenticated attacker to cause high confidentiality, high integrity and high availability impacts.
Impact
- Gain Access
Indicators of Compromise
CVE
- CVE-2024-21183
- CVE-2024-21175
- CVE-2024-21182
- CVE-2024-21181
- CVE-2024-21152
- CVE-2024-21149
- CVE-2024-21146
- CVE-2024-21153
- CVE-2024-21167
- CVE-2024-21184
Affected Vendors
Oracle
Affected Products
- Oracle WebLogic Server 14.1.1.0.0
- Oracle Trade Management 12.2.3
- Oracle Trade Management 12.2.13
- Oracle Database 19.3
- Oracle Database 19.23
- Oracle Trading Community 12.2.13
- Oracle Trading Community 12.2.3
- Oracle Process Manufacturing Financials 12.2.13
- Oracle Process Manufacturing Financials 12.2.12
- Oracle Enterprise Asset Management 12.2.13
- Oracle Enterprise Asset Management 12.2.11
Remediation
Refer to Oracle Critical Patch Update Advisory for patch, upgrade or suggested workaround information.