Improper input validation in Oracle Outside In Technology - CVE-2024-20930
Published: January 16, 2024 / Updated: April 5, 2024
Vulnerability identifier: #VU85462
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2024-20930
CWE-ID: CWE-20
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Oracle
Affected software:
Oracle Outside In Technology
Oracle Outside In Technology
Detailed vulnerability description
The vulnerability allows a remote authenticated user to read and manipulate data.
The vulnerability exists due to improper input validation within the Content Access SDK, Image Export SDK, PDF Export SDK, HTML Export SDK component in Oracle Outside In Technology. A remote authenticated user can exploit this vulnerability to read and manipulate data.
How to mitigate CVE-2024-20930
Install updates from vendor's website.