CVE-2021-2430

Name of the Vulnerable Software and Affected Versions Oracle Outside In Technology version 8.5.5

Description The issue is related to insufficient input validation in the Outside In Filters component of the Oracle Outside In Technology product, which is a suite of software development kits (SDKs). This allows an unauthenticated attacker with network access via HTTP to compromise Oracle Outside In Technology, resulting in the ability to cause a hang or frequently repeatable crash (complete DOS) of the system. The protocol and impact depend on the software that uses Outside In Technology.

Recommendations For version 8.5.5, consider restricting network access to the Outside In Technology component until a patch is available. As a temporary workaround, disabling the Outside In Filters component may help minimize the risk of exploitation.