CVE-2024-20992

Name of the Vulnerable Software and Affected Versions Oracle WebCenter Portal version 12.2.1.4.0

Description The vulnerability in the Oracle WebCenter Portal product is related to insufficient protection of internal data. It allows a remote attacker to gain unauthorized access to read, add, modify, or delete protected information via the HTTP protocol. Successful attacks require human interaction and may significantly impact additional products. The vulnerability can result in unauthorized update, insert, or delete access to some Oracle WebCenter Portal accessible data, as well as unauthorized read access to a subset of Oracle WebCenter Portal accessible data.

Recommendations For version 12.2.1.4.0, update to a newer version that contains a fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.