CVE-2021-2420

Name of the Vulnerable Software and Affected Versions Oracle Outside In Technology version 8.5.5

Description The issue is related to insufficient input validation in the Outside In Filters component of Oracle Outside In Technology, a suite of software development kits (SDKs). This allows an unauthenticated attacker with network access via HTTP to compromise Oracle Outside In Technology. Successful attacks can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Outside In Technology, as well as potential unauthorized creation, deletion, or modification access to critical data.

Recommendations For Oracle Outside In Technology version 8.5.5, consider disabling the Outside In Filters component until a patch is available to prevent potential exploitation. Restrict access to the affected component to minimize the risk of unauthorized data access or system crashes. Avoid using the affected software to process data received over a network until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.