CVE-2026-34279 - Vulnerability Analysis
CriticalCVSS: 9.1Last Updated: April 21, 2026
Oracle Enterprise Manager - Privilege Escalation
Published: April 21, 2026Updated: April 21, 2026Remote Exploitable
Overview
Oracle Enterprise Manager Base Platform 13.5 and 24.1 contains a privilege escalation vulnerability in Event Management, letting high privileged attackers with network HTTP access take over the platform, exploit requires high privileges.
Severity & Score
Severity: Critical
CVSS Score: 9.1
Impact
High privileged attackers can fully compromise Oracle Enterprise Manager Base Platform, impacting confidentiality, integrity, and availability.
Mitigation
Update to the latest available version beyond 13.5 and 24.1.
Related Resources
Details
- CVE ID
- CVE-2026-34279
- Severity
- Critical
- CVSS Score
- 9.1
- Type
- broken_access_control
- Status
- new
CVSS Metrics
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H