The vulnerability of the Oracle CRM Technical Foundation component of the Oracle E-Business Suite system, which allows a perpetrator to gain unauthorized access to protected information or to modify, add, or delete data.

🗓️ 02 Feb 2021 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

Remote vulnerability in Oracle CRM Technical Foundation enables unauthorized access or data changes via Hypertext Transfer Protocol due to insufficient input validation.

Reporter	Title	Published	Views	Family All 14
Circl	CVE-2021-2085	20 Jan 202118:43	–	circl
CNNVD	Oracle E-Business Suite 组件访问控制错误漏洞	19 Jan 202100:00	–	cnnvd
CNVD	Oracle E-Business Suite Access Control Error Vulnerability (CNVD-2021-08458)	20 Jan 202100:00	–	cnvd
CVE	CVE-2021-2085	20 Jan 202114:50	–	cve
Cvelist	CVE-2021-2085	20 Jan 202114:50	–	cvelist
EUVD	EUVD-2021-16544	7 Oct 202500:30	–	euvd
NCSC	Vulnerabilities fixed in Oracle E-Business Suite	21 Jan 202100:00	–	ncsc
NVD	CVE-2021-2085	20 Jan 202115:15	–	nvd
Oracle	Oracle Critical Patch Update Advisory - January 2021	19 Jan 202100:00	–	oracle
Tenable Nessus	Oracle E-Business Suite Multiple Vulnerabilities (Jan 2021 CPU)	20 Jan 202100:00	–	nessus

Vulners

Node

oracle e-business_suiteMatch12.1.3

oracle e-business_suiteRange12.2.3–12.2.10

Source	Link
oracle	www.oracle.com/security-alerts/cpujan2021.html
cybersecurity-help	www.cybersecurity-help.cz/vdb/SB2021012027
web	www.web.nvd.nist.gov/view/vuln/detail

02 Feb 2021 00:00Current

7.7High risk

Vulners AI Score7.7

CVSS 38.2

CVSS 28.5

EPSS0.01169