Oracle Complex Maintenance Repair Overhaul

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in Oracle Complex Maintenance Repair Overhaul.

By the Year

In 2025 there have been 0 vulnerabilities in Oracle Complex Maintenance Repair Overhaul. Last year, in 2024 Complex Maintenance Repair Overhaul had 32 security vulnerabilities published. Right now, Complex Maintenance Repair Overhaul is on track to have less security vulnerabilities in 2025 than it did last year.

Year	Vulnerabilities	Average Score
2025	0	0.00
2024	32	6.13
2023	0	0.00
2022	0	0.00
2021	3	8.20

It may take a day or so for new Complex Maintenance Repair Overhaul vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Oracle Complex Maintenance Repair Overhaul Security Vulnerabilities

Unauth Network HTTP CVE-2024-21017: Oracle EBS LOV 12.2.312.2.13
CVE-2024-21017 6.1 - Medium - April 16, 2024

Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business Suite (component: LOV). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Complex Maintenance, Repair, and Overhaul. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Complex Maintenance, Repair, and Overhaul, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Complex Maintenance, Repair, and Overhaul accessible data as well as unauthorized read access to a subset of Oracle Complex Maintenance, Repair, and Overhaul accessible data. CVSS 3.1 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).

Oracle EBS CMRO 12.2.3-12.2.13 unauth HTTP flaw yields unauthorized data access
CVE-2024-21033 6.1 - Medium - April 16, 2024

Oracle EBS CMRO LOV PrivEsc v12.2.3-12.2.13
CVE-2024-21032 6.1 - Medium - April 16, 2024

Oracle CMRO 12.2.3-12.2.13 LOV Unauth HTTP RCE
CVE-2024-21025 6.1 - Medium - April 16, 2024

Oracle EBS CMO (LOV) CVE-2024-21024: Uauth HTTP Read/Write (12.2.3-12.2.13)
CVE-2024-21024 6.1 - Medium - April 16, 2024

Oracle EBS LOV 12.2.3-12.2.13 CVE-2024-21022: UI RCE
CVE-2024-21022 6.1 - Medium - April 16, 2024

Oracle CMRRO LOV Unauth HTTP Data Breach CVE-2024-21020
CVE-2024-21020 6.1 - Medium - April 16, 2024

Oracle EBS: Unauth HTTP RCE in LOV (12.2.3-12.2.13) Data Compromise
CVE-2024-21019 6.1 - Medium - April 16, 2024

Oracle CMO 12.2.3-13 LOV RCE Vulnerability
CVE-2024-21018 6.1 - Medium - April 16, 2024

Oracle CMRO 12.2.3-12.2.13 - Unauth HTTP Vulnerability
CVE-2024-21034 - April 16, 2024

Oracle CMRO LOV Unauth HTTP Exploit (12.2.3-12.2.13)
CVE-2024-21016 6.1 - Medium - April 16, 2024

Oracle EBS LOV HTTP unauth Access CVE-2024-21046 before 12.2.13
CVE-2024-21046 6.1 - Medium - April 16, 2024

Oracle CMRO LOv: v12.2.3-12.2.13 Unauth HTTP Access
CVE-2024-21043 6.1 - Medium - April 16, 2024

Unauth HTTP CVE-2024-21041 in Oracle CMRO LOV 12.2.3-12.2.13
CVE-2024-21041 6.1 - Medium - April 16, 2024

Oracle EBS CMRO LOV 12.2.3-12.2.13 HTTP CVE-2024-21040
CVE-2024-21040 6.1 - Medium - April 16, 2024

Oracle CMRO 12.2.3-12.2.13 Unauth HTTP Exploit, Scope Change
CVE-2024-21036 6.1 - Medium - April 16, 2024

Oracle EBS LOV Unauth HTTP Vulnerability 12.2.3-13.0
CVE-2024-21023 6.1 - Medium - April 16, 2024

CVE-2024-21021: Unauth HTTP Remote Use in Oracle Complex Maint 12.2.x (LOV)
CVE-2024-21021 - April 16, 2024

Unauthenticated HTTP Exploit Enables Data Access in Oracle CMR 12.2.3-12.2.13
CVE-2024-21035 6.1 - Medium - April 16, 2024

Oracle CMO LOV CVE-2024-21031: Unauth Access 12.2.3-12.2.13
CVE-2024-21031 6.1 - Medium - April 16, 2024

Unauthenticated HTTP Exploit in Oracle CMRO 12.2.x (LOV)
CVE-2024-21030 6.1 - Medium - April 16, 2024

Oracle EBS CMO v12.2.3-12.2.13 Unauth HTTP Access (LOV)
CVE-2024-21029 6.1 - Medium - April 16, 2024

Oracle EBS OMR/LOV: Unauth HTTP Exploit (12.2.312.2.13)
CVE-2024-21028 6.1 - Medium - April 16, 2024

Oracle E-Business Suite CMO-LOV RCE CVE-2024-21027 (12.2.3-12.2.13)
CVE-2024-21027 6.1 - Medium - April 16, 2024

Oracle EBS 12.2.x: Unauth HTTP Data Mod/Disclosure via LOV
CVE-2024-21026 7.1 - High - April 16, 2024

Oracle Complex Maintenance LOV 12.2.13: Unauth HTTP Exploit (AV:N)
CVE-2024-21045 6.1 - Medium - April 16, 2024

Oracle EBS CMRO LOV VULN 12.2.3-12.2.13 - Unauth HTTP Access
CVE-2024-21044 6.1 - Medium - April 16, 2024

Oracle EBS LOV Unauth HTTP Exploit, 12.2.3-12.2.13
CVE-2024-21042 - April 16, 2024

Oracle EBS Complex Maintenance, Repair, and Overhaul v12.2.3-12.2.13 LoV Exploit
CVE-2024-21039 6.1 - Medium - April 16, 2024

CVE-2024-21038: Oracle EBS CMR LOV Vulnerability before 12.2.13 (6.1)
CVE-2024-21038 6.1 - Medium - April 16, 2024

Oracle EBS LOV: Unauth HTTP Access in 12.2.312.2.13 (scope change)
CVE-2024-21037 6.1 - Medium - April 16, 2024

Oracle CMO/Repair & Overhaul LOV v11.5/12.1/12.2 HTTP Unauth RCE (Scope Change)
CVE-2024-20942 6.1 - Medium - January 16, 2024

Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle Supply Chain (component: LOV). Supported versions that are affected are 11.5, 12.1 and 12.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Complex Maintenance, Repair, and Overhaul. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Complex Maintenance, Repair, and Overhaul, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Complex Maintenance, Repair, and Overhaul accessible data as well as unauthorized read access to a subset of Oracle Complex Maintenance, Repair, and Overhaul accessible data. CVSS 3.1 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).

Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle Supply Chain (component: Dialog Box)
CVE-2021-2102 8.2 - High - January 20, 2021

Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle Supply Chain (component: Dialog Box). Supported versions that are affected are 11.5.10, 12.1 and 12.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Complex Maintenance, Repair, and Overhaul. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Complex Maintenance, Repair, and Overhaul, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Complex Maintenance, Repair, and Overhaul accessible data as well as unauthorized update, insert or delete access to some of Oracle Complex Maintenance, Repair, and Overhaul accessible data. CVSS 3.1 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N).

Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle Supply Chain (component: Dialog Box)
CVE-2021-2104 8.2 - High - January 20, 2021

Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle Supply Chain (component: Dialog Box)
CVE-2021-2103 8.2 - High - January 20, 2021

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Oracle Complex Maintenance Repair Overhaul or by Oracle? Click the Watch button to subscribe.

Oracle
Vendor

Oracle Complex Maintenance Repair Overhaul
Product

Oracle Complex Maintenance Repair Overhaul

Don't miss out!

By the Year

Recent Oracle Complex Maintenance Repair Overhaul Security Vulnerabilities

Unauth Network HTTP CVE-2024-21017: Oracle EBS LOV 12.2.312.2.13 CVE-2024-21017 6.1 - Medium - April 16, 2024

Oracle EBS CMRO 12.2.3-12.2.13 unauth HTTP flaw yields unauthorized data access CVE-2024-21033 6.1 - Medium - April 16, 2024

Oracle EBS CMRO LOV PrivEsc v12.2.3-12.2.13 CVE-2024-21032 6.1 - Medium - April 16, 2024

Oracle CMRO 12.2.3-12.2.13 LOV Unauth HTTP RCE CVE-2024-21025 6.1 - Medium - April 16, 2024

Oracle EBS CMO (LOV) CVE-2024-21024: Uauth HTTP Read/Write (12.2.3-12.2.13) CVE-2024-21024 6.1 - Medium - April 16, 2024

Oracle EBS LOV 12.2.3-12.2.13 CVE-2024-21022: UI RCE CVE-2024-21022 6.1 - Medium - April 16, 2024

Oracle CMRRO LOV Unauth HTTP Data Breach CVE-2024-21020 CVE-2024-21020 6.1 - Medium - April 16, 2024

Oracle EBS: Unauth HTTP RCE in LOV (12.2.3-12.2.13) Data Compromise CVE-2024-21019 6.1 - Medium - April 16, 2024

Oracle CMO 12.2.3-13 LOV RCE Vulnerability CVE-2024-21018 6.1 - Medium - April 16, 2024

Oracle CMRO 12.2.3-12.2.13 - Unauth HTTP Vulnerability CVE-2024-21034 - April 16, 2024

Oracle CMRO LOV Unauth HTTP Exploit (12.2.3-12.2.13) CVE-2024-21016 6.1 - Medium - April 16, 2024

Oracle EBS LOV HTTP unauth Access CVE-2024-21046 before 12.2.13 CVE-2024-21046 6.1 - Medium - April 16, 2024

Oracle CMRO LOv: v12.2.3-12.2.13 Unauth HTTP Access CVE-2024-21043 6.1 - Medium - April 16, 2024

Unauth HTTP CVE-2024-21041 in Oracle CMRO LOV 12.2.3-12.2.13 CVE-2024-21041 6.1 - Medium - April 16, 2024

Oracle EBS CMRO LOV 12.2.3-12.2.13 HTTP CVE-2024-21040 CVE-2024-21040 6.1 - Medium - April 16, 2024

Oracle CMRO 12.2.3-12.2.13 Unauth HTTP Exploit, Scope Change CVE-2024-21036 6.1 - Medium - April 16, 2024

Oracle EBS LOV Unauth HTTP Vulnerability 12.2.3-13.0 CVE-2024-21023 6.1 - Medium - April 16, 2024

CVE-2024-21021: Unauth HTTP Remote Use in Oracle Complex Maint 12.2.x (LOV) CVE-2024-21021 - April 16, 2024

Unauthenticated HTTP Exploit Enables Data Access in Oracle CMR 12.2.3-12.2.13 CVE-2024-21035 6.1 - Medium - April 16, 2024

Oracle CMO LOV CVE-2024-21031: Unauth Access 12.2.3-12.2.13 CVE-2024-21031 6.1 - Medium - April 16, 2024

Unauthenticated HTTP Exploit in Oracle CMRO 12.2.x (LOV) CVE-2024-21030 6.1 - Medium - April 16, 2024

Oracle EBS CMO v12.2.3-12.2.13 Unauth HTTP Access (LOV) CVE-2024-21029 6.1 - Medium - April 16, 2024

Oracle EBS OMR/LOV: Unauth HTTP Exploit (12.2.312.2.13) CVE-2024-21028 6.1 - Medium - April 16, 2024

Oracle E-Business Suite CMO-LOV RCE CVE-2024-21027 (12.2.3-12.2.13) CVE-2024-21027 6.1 - Medium - April 16, 2024

Oracle EBS 12.2.x: Unauth HTTP Data Mod/Disclosure via LOV CVE-2024-21026 7.1 - High - April 16, 2024

Oracle Complex Maintenance LOV 12.2.13: Unauth HTTP Exploit (AV:N) CVE-2024-21045 6.1 - Medium - April 16, 2024

Oracle EBS CMRO LOV VULN 12.2.3-12.2.13 - Unauth HTTP Access CVE-2024-21044 6.1 - Medium - April 16, 2024

Oracle EBS LOV Unauth HTTP Exploit, 12.2.3-12.2.13 CVE-2024-21042 - April 16, 2024

Oracle EBS Complex Maintenance, Repair, and Overhaul v12.2.3-12.2.13 LoV Exploit CVE-2024-21039 6.1 - Medium - April 16, 2024

CVE-2024-21038: Oracle EBS CMR LOV Vulnerability before 12.2.13 (6.1) CVE-2024-21038 6.1 - Medium - April 16, 2024

Oracle EBS LOV: Unauth HTTP Access in 12.2.312.2.13 (scope change) CVE-2024-21037 6.1 - Medium - April 16, 2024

Oracle CMO/Repair & Overhaul LOV v11.5/12.1/12.2 HTTP Unauth RCE (Scope Change) CVE-2024-20942 6.1 - Medium - January 16, 2024

Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle Supply Chain (component: Dialog Box) CVE-2021-2102 8.2 - High - January 20, 2021

Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle Supply Chain (component: Dialog Box) CVE-2021-2104 8.2 - High - January 20, 2021

Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle Supply Chain (component: Dialog Box) CVE-2021-2103 8.2 - High - January 20, 2021