CVE-2021-35689 — CRITICAL (9.8)

Vulnerability Description

A potential vulnerability in the Oracle Talent Acquisition Cloud - Taleo Enterprise Edition. This high severity potential vulnerability allows attackers to perform remote code execution on Taleo Enterprise Edition system. Successful attacks of this vulnerability can result in unauthorized remote code execution within Taleo Enterprise Edition and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Talent Acquisition Cloud - Taleo Enterprise Edition. All affected customers were notified of CVE-2021-35689 by Oracle.

CVSS Score

9.8

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Oracle	Talent Acquisition Cloud	-

References

https://www.oracle.com/security-alerts/oracle-cves-outside-other-oracle-public-dPermissions RequiredVendor Advisory
https://www.oracle.com/security-alerts/oracle-cves-outside-other-oracle-public-dPermissions RequiredVendor Advisory

FAQ

What is CVE-2021-35689?

CVE-2021-35689 is a vulnerability with a CVSS score of 9.8 (CRITICAL). A potential vulnerability in the Oracle Talent Acquisition Cloud - Taleo Enterprise Edition. This high severity potential vulnerability allows attackers to perform remote code execution on Taleo Enter...

How severe is CVE-2021-35689?

CVE-2021-35689 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2021-35689?

Check the references section above for vendor advisories and patch information. Affected products include: Oracle Talent Acquisition Cloud.