111 matches found
Design/Logic Flaw
Vulnerability in the Oracle BI Publisher product of Oracle Analytics component: Web Server. Supported versions that are affected are 6.4.0.0.0 and 7.0.0.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle BI Publisher. Successful...
CVE-2024-20980
CVE-2024-20980 affects the Oracle BI Publisher Web Server in Oracle Analytics, impacting versions 6.4.0.0.0 and 7.0.0.0.0. The vulnerability can be exploited by a low-privilege attacker with network access over HTTP, requiring user interaction, to cause unauthorized updates/inserts/deletes and un...
Oracle Business Intelligence Publisher (January 2024 CPU)
The versions of Oracle Business Intelligence Publisher installed on the remote host are affected by multiple vulnerabilities as referenced in the January 2024 CPU advisory. - Vulnerability in the Oracle BI Publisher product of Oracle Analytics component: Web Server. Supported versions that are...
Oracle Business Intelligence Publisher 6.4 / 7.0 (OAS) (January 2024 CPU)
The versions of Oracle Business Intelligence Publisher OAS installed on the remote host are affected by a vulnerability as referenced in the January 2024 CPU advisory. - Vulnerability in the Oracle BI Publisher product of Oracle Analytics component: Web Server. Supported versions that are affecte...
Vulnerabilities fixed in Oracle Analytics
Oracle has fixed vulnerabilities in several Analytics products. A malicious party could exploit the vulnerabilities to execute attacks that could result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Manipulation of data Access to sensitive data Oracle has...
CVE-2024-20979
Vulnerability in the Oracle BI Publisher product of Oracle Analytics component: Web Server. Supported versions that are affected are 6.4.0.0.0, 7.0.0.0.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle BI Publisher...
CVE-2024-20904
Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics component: Pod Admin. Supported versions that are affected are 6.4.0.0.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Orac...
Buffer overflow
Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics component: Pod Admin. Supported versions that are affected are 6.4.0.0.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Orac...
CVE-2024-20987
CVE-2024-20987 affects Oracle BI Publisher Web Server (Oracle Analytics). Version 12.2.1.4.0 is vulnerable due to insufficient input validation in the Web Server component. An unauthenticated attacker with network access over HTTP, requiring user interaction, can lead to unauthorized update/inser...
CVE-2024-20979
Oracle BI Publisher (Oracle Analytics) contains CVE-2024-20979 affecting Web Server component. Affected versions: 6.4.0.0.0, 7.0.0.0.0, and 12.2.1.4.0. The vulnerability is exploitable over HTTP with network access by a low-privileged user and user interaction is required. Impact includes potenti...
CVE-2024-20904
CVE-2024-20904 affects Oracle Business Intelligence Enterprise Edition (pod Admin) versions 6.4.0.0.0 and 12.2.1.4.0. The issue arises from insufficient input validation in the Pod Admin component, allowing a low-privileged attacker with network access via HTTP to read a subset of data. Attacks m...
Oracle BI Publisher Security Vulnerability
Oracle BI Publisher is a reporting solution from Oracle Corporation USA that makes it easier and faster to create, manage and deliver all reports and documents than traditional reporting tools. A security vulnerability exists in Oracle BI Publisher version 12.2.1.4.0 for Oracle Analytics. An...
Oracle Business Intelligence Enterprise Edition Security Vulnerability
Oracle Business Intelligence Enterprise Edition is an intelligent business analytics software from Oracle. Visualize and analyze enterprise data to aid decision-making, reduce total cost of ownership, and increase ROI across the organization. A security vulnerability exists in Oracle Business...
Oracle Business Intelligence Enterprise Edition (OAS 7.0) (October 2023 CPU)
The version of Oracle Business Intelligence Enterprise Edition OAS 7.0.0.0 installed on the remote host is affected by multiple vulnerabilities as referenced in the October 2023 CPU advisory, including the following: - Vulnerability in the Oracle Business Intelligence Enterprise Edition product o...
Oracle Business Intelligence Publisher 6.4 / 7.0 (OAS) (October 2023 CPU)
The versions of Oracle Business Intelligence Publisher OAS installed on the remote host are affected by a vulnerability as referenced in the October 2023 CPU advisory. - Vulnerability in the BI Publisher product of Oracle Analytics component: Web Server. Supported versions that are affected are...
Vulnerabilities fixed in Oracle Analytics
Vulnerabilities have been fixed in Oracle Analytics products. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that can result in the following categories of damage: Denial-of-Service DoS. Circumvention of security measure Accessing sensitive data Accessing syst...
CVE-2023-22105
Vulnerability in the BI Publisher product of Oracle Analytics component: Web Server. Supported versions that are affected are 6.4.0.0.0 and 7.0.0.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise BI Publisher. Successful attacks requir...
CVE-2023-22109
Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics component: Analytics Web Dashboards. Supported versions that are affected are 6.4.0.0.0, 7.0.0.0.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access v...
CVE-2023-22109
Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics component: Analytics Web Dashboards. Supported versions that are affected are 6.4.0.0.0, 7.0.0.0.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access v...
CVE-2023-22105
Vulnerability in the BI Publisher product of Oracle Analytics component: Web Server. Supported versions that are affected are 6.4.0.0.0 and 7.0.0.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise BI Publisher. Successful attacks requir...