CVE-2021-2449

Name of the Vulnerable Software and Affected Versions Oracle Outside In Technology version 8.5.5

Description The issue is related to insufficient input validation in the Outside In Filters component of Oracle Outside In Technology, allowing an unauthenticated attacker with network access via HTTP to compromise the system. Successful attacks can result in unauthorized ability to cause a hang or frequently repeatable crash of Oracle Outside In Technology, potentially leading to a denial of service. The protocol and impact depend on the software that uses Outside In Technology.

Recommendations For version 8.5.5, consider disabling the Outside In Filters component until a patch is available to prevent potential exploitation. As a temporary workaround, restrict access to the Oracle Outside In Technology component to minimize the risk of exploitation. Avoid using the Oracle Outside In Technology component with network-received data until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.