CVE-2021-35689
Last modified
CVE-2021-35689 is a critical-severity vulnerability rated 9.8/10 on the CVSS scale. A potential vulnerability in the Oracle Talent Acquisition Cloud - Taleo Enterprise Edition. This high severity potential vulnerability allows attackers to perform remote code execution on Taleo Enterprise Edition system. EPSS estimates a 2.04% chance of exploitation in the next 30 days.
Description
A potential vulnerability in the Oracle Talent Acquisition Cloud - Taleo Enterprise Edition. This high severity potential vulnerability allows attackers to perform remote code execution on Taleo Enterprise Edition system. Successful attacks of this vulnerability can result in unauthorized remote code execution within Taleo Enterprise Edition and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Talent Acquisition Cloud - Taleo Enterprise Edition. All affected customers were notified of CVE-2021-35689 by Oracle.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Oracle | Talent Acquisition Cloud | All versions |
References
- https://www.oracle.com/security-alerts/oracle-cves-outside-other-oracle-public-documents.htmlPermissions Required, Vendor Advisory
- https://www.oracle.com/security-alerts/oracle-cves-outside-other-oracle-public-documents.htmlPermissions Required, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2021-35689?
How severe is CVE-2021-35689?
How do I fix CVE-2021-35689?
Are you affected by CVE-2021-35689?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST