234 matches found
The vulnerability of the web component of the Essbase Analytic Provider Services allows a perpetrator to trigger a service failure.
The vulnerability of the Essbase Analytic Provider Services web component is related to errors in processing input data. Exploiting this vulnerability can allow a malicious actor to cause service failures...
Oracle JDeveloper XXE (July 2021 CPU)
The version of Oracle JDeveloper installed on the remote host is prior to 12.2.1.4.0. It is, therefore, affected by multiple vulnerabilities as referenced in the July 2021 CPU advisory: - Vulnerability in the Essbase product of Oracle Essbase component: Infrastructure Apache Commons Compress. The...
CVE-2021-2435
Vulnerability in the Essbase Analytic Provider Services product of Oracle Essbase component: JAPI. The supported version that is affected is 11.1.2.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Essbase Analytic Provider Services...
CVE-2021-2435
Vulnerability in the Essbase Analytic Provider Services product of Oracle Essbase component: JAPI. The supported version that is affected is 11.1.2.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Essbase Analytic Provider Services...
CVE-2021-2433
Vulnerability in the Essbase Analytic Provider Services product of Oracle Essbase component: Web Services. Supported versions that are affected are 11.1.2.4 and 21.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Essbase Analytic...
CVE-2021-2433
Vulnerability in the Essbase Analytic Provider Services product of Oracle Essbase component: Web Services. Supported versions that are affected are 11.1.2.4 and 21.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Essbase Analytic...
Code injection
Vulnerability in the Essbase Analytic Provider Services product of Oracle Essbase component: Web Services. Supported versions that are affected are 11.1.2.4 and 21.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Essbase Analytic...
Design/Logic Flaw
Vulnerability in the Essbase Analytic Provider Services product of Oracle Essbase component: JAPI. The supported version that is affected is 11.1.2.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Essbase Analytic Provider Services...
CVE-2021-2350
Vulnerability in the Hyperion Essbase Administration Services product of Oracle Essbase component: EAS Console. Supported versions that are affected are 11.1.2.4 and 21.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Hyperion Essbase...
CVE-2021-2350
Vulnerability in the Hyperion Essbase Administration Services product of Oracle Essbase component: EAS Console. Supported versions that are affected are 11.1.2.4 and 21.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Hyperion Essbase...
CVE-2021-2349
Vulnerability in the Hyperion Essbase Administration Services product of Oracle Essbase component: EAS Console. Supported versions that are affected are 11.1.2.4 and 21.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Hyperion Essbase...
CVE-2021-2349
Vulnerability in the Hyperion Essbase Administration Services product of Oracle Essbase component: EAS Console. Supported versions that are affected are 11.1.2.4 and 21.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Hyperion Essbase...
Design/Logic Flaw
Vulnerability in the Hyperion Essbase Administration Services product of Oracle Essbase component: EAS Console. Supported versions that are affected are 11.1.2.4 and 21.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Hyperion Essbase...
Design/Logic Flaw
Vulnerability in the Hyperion Essbase Administration Services product of Oracle Essbase component: EAS Console. Supported versions that are affected are 11.1.2.4 and 21.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Hyperion Essbase...
Oracle Hyperion Essbase Administration Services has an unspecified vulnerability (CNVD-2021-56440)
Oracle Hyperion Essbase Administration Services is a robust, cross-platform graphical user interface that makes Essbase administration tasks easy to perform.Oracle Hyperion Essbase Administration Services 11.1.2.4. Release 21.2 contains a security vulnerability in the EAS Console component. An...
Oracle Hyperion Essbase Administration Services has an unspecified vulnerability (CNVD-2021-56441)
Oracle Hyperion Essbase Administration Services is a robust, cross-platform graphical user interface that makes Essbase administration tasks easy to perform.Oracle Hyperion Essbase Administration Services 11.1.2.4. Release 21.2 contains a security vulnerability in the EAS Console component. An...
CVE-2021-2435
Vulnerability in the Essbase Analytic Provider Services product of Oracle Essbase component: JAPI. The supported version that is affected is 11.1.2.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Essbase Analytic Provider Services...
CVE-2021-2435
Vulnerability in the Essbase Analytic Provider Services product of Oracle Essbase component: JAPI. The supported version that is affected is 11.1.2.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Essbase Analytic Provider Services...
CVE-2021-2435
CVE-2021-2435 affects Oracle Essbase Analytic Provider Services (EAPS) component JAPI in Oracle Essbase, affected version 11.1.2.4. The vulnerability allows an unauthenticated attacker with network access via HTTP to compromise EAPS, with human interaction required for exploitation. Consequences ...
CVE-2021-2433
CVE-2021-2433 affects Oracle’s Essbase Analytic Provider Services (Web Services) in Essbase. Affected versions are 11.1.2.4 and 21.2. An unauthenticated attacker with network access via HTTP can cause the service to hang or crash repeatedly (complete DOS). The CVSS 3.1 base score is 7.5 (Availabi...