Vulnerabilities fixed in Oracle Analytics

🗓️ 19 Oct 2023 00:00:00Reported by NCSCType

ncsc

ncsc🔗 advisories.ncsc.nl👁 7 Views

Oracle fixed vulnerabilities in Oracle Analytics, including BI Publisher and BI Enterprise Edition.

Reporter	Title	Published	Views	Family All 2027
IBM Security Bulletins	Security Bulletin: Multipe vulnerabilities in DITA may affect IBM Business Automation Workflow Case Management docGenerator feature (CVE-2023-2976, CVE-2022-44729, CVE-2022-44730)	12 Dec 202309:49	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Sterling Connect:Direct for UNIX is vulnerable to remote code execution due to Apache Commons Configuration (CVE-2022-33980)	6 Sep 202216:47	–	ibm
IBM Security Bulletins	Security Bulletin: A Security Vulnerability has been Identified in Websphere Application Server Shipped with Predictive Customer Intelligence (CVE-2019-10086)	23 Jun 202019:24	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in Flask affects IBM Cloud Pak for Data System 2.0 (CPDS 2.0) [ CVE-2023-30861]	4 Mar 202509:04	–	ibm
IBM Security Bulletins	Security Bulletin: Session Cookie Exposure via Improper Cache Handling in Flask (≤ v2.3.1, ≤ v2.2.4), affects watsonx.data	8 Apr 202610:31	–	ibm
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server, which is shipped with, or a required product for, IBM Tivoli Netcool Configuration Manager (CVE-2019-10086)	24 Mar 202012:15	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a sensitive information exposure in Google Guava [CVE-2023-2976]	29 Sep 202320:53	–	ibm
IBM Security Bulletins	Security Bulletin: Use of Java's default temporary directory for file creation in `FileBackedOutputStream` allows other users and apps to be able to access the files created by the class, which affects IBM watsonx.data	29 Aug 202514:29	–	ibm
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server which is used by IBM Rational ClearQuest (CVE-2019-10086)	10 Dec 201902:23	–	ibm
IBM Security Bulletins	Security Bulletin: Remediation of Multiple Apache Struts 1.1 Vulnerabilities in IBM Library Support for Struts	16 Jan 202609:15	–	ibm

19 Oct 2023 00:00Current

7.7High risk

Vulners AI Score7.7

CVSS 3.17.5 - 9.9

CVSS 27.5

EPSS0.8383

SSVC

Oracle Analytics Publisher Business Intelligence Edition Vulnerabilities fixed