Main Vulnerability Database Vulnerabilities #VU85462

Improper input validation in Oracle Outside In Technology - CVE-2024-20930

Published: January 16, 2024 / Updated: April 5, 2024

Vulnerability identifier: #VU85462

CSH Severity: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2024-20930

CWE-ID: CWE-20

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Oracle Outside In Technology

Software vendor:
Oracle

Description

The vulnerability allows a remote authenticated user to read and manipulate data.

The vulnerability exists due to improper input validation within the Content Access SDK, Image Export SDK, PDF Export SDK, HTML Export SDK component in Oracle Outside In Technology. A remote authenticated user can exploit this vulnerability to read and manipulate data.

Remediation

Install updates from vendor's website.

External links

https://www.oracle.com/security-alerts/cpujan2024.html

Improper input validation in Oracle Outside In Technology - CVE-2024-20930

Description

Remediation

External links

Please verify you're human