CVE-2021-2423

Name of the Vulnerable Software and Affected Versions Oracle Outside In Technology version 8.5.5

Description The issue exists due to insufficient input validation in the Outside In Filters component of Oracle Outside In Technology. This allows a remote attacker to cause a denial of service via the HTTP protocol. Successful attacks can result in unauthorized ability to cause a hang or frequently repeatable crash of Oracle Outside In Technology, potentially leading to unauthorized creation, deletion, or modification access to critical data.

Recommendations For version 8.5.5, consider restricting access to the Outside In Filters component until a patch is available. As a temporary workaround, avoid using the HTTP protocol to pass data directly to Outside In Technology. Restrict network access to the component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.