← Back to CVE List

CVE-2024-20991

Published: 2024-04-16T22:15Z
Last Modified: 2025-04-10T17:41Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware (component: Web Listener). The supported version that is affected is 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle HTTP Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle HTTP Server accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N). > MITRE Terms of Use apply – see LICENSE‑MITRE.txt