Vulnerability Details : CVE-2021-35689
A potential vulnerability in the Oracle Talent Acquisition Cloud - Taleo Enterprise Edition. This high severity potential vulnerability allows attackers to perform remote code execution on Taleo Enterprise Edition system. Successful attacks of this vulnerability can result in unauthorized remote code execution within Taleo Enterprise Edition and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Talent Acquisition Cloud - Taleo Enterprise Edition. All affected customers were notified of CVE-2021-35689 by Oracle.
Vulnerability category: Execute codeDenial of service
Products affected by CVE-2021-35689
- cpe:2.3:a:oracle:talent_acquisition_cloud:-:*:*:*:taleo_enterprise:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2021-35689
0.05%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 20 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2021-35689
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST | |
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
Oracle |
References for CVE-2021-35689
-
https://www.oracle.com/security-alerts/oracle-cves-outside-other-oracle-public-documents.html
Oracle CVEs outside other Oracle public documentsPermissions Required;Vendor Advisory
Jump to