Lucene search

OracleCVELIST:CVE-2021-35689

HistoryFeb 24, 2022 - 12:25 a.m.

CVE-2021-35689

2022-02-2400:25:09

oracle

www.cve.org

oracle

taleo enterprise edition

high severity

remote code execution

unauthorized access

denial of service

cve-2021-35689

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

8.6

Confidence

High

EPSS

0.006

Percentile

78.3%

JSON

A potential vulnerability in the Oracle Talent Acquisition Cloud - Taleo Enterprise Edition. This high severity potential vulnerability allows attackers to perform remote code execution on Taleo Enterprise Edition system. Successful attacks of this vulnerability can result in unauthorized remote code execution within Taleo Enterprise Edition and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Talent Acquisition Cloud - Taleo Enterprise Edition. All affected customers were notified of CVE-2021-35689 by Oracle.

CNA Affected

[
  {
    "product": "Oracle Talent Acquisition Cloud - Taleo Enterprise Edition",
    "vendor": "Oracle Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "*"
      }
    ]
  }
]

References

www.oracle.com/security-alerts/oracle-cves-outside-other-oracle-public-documents.html

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

8.6

Confidence

High

EPSS

0.006

Percentile

78.3%

JSON

Related for CVELIST:CVE-2021-35689