Oracle Business Intelligence Enterprise Edition (OAS 6.4) (January 2024 CPU)

The version of Oracle Business Intelligence Enterprise Edition OAS 6.4.0.0.0 installed on the remote host is affected by multiple vulnerabilities as referenced in the January 2024 CPU advisory, including the following: - Vulnerability in the Oracle Business Intelligence Enterprise Edition product...

The vulnerability of the Pod Admin component of the Oracle Business Intelligence Enterprise Edition software platform allows a perpetrator to disclose protected information.

The vulnerability of the Pod Admin component of the Oracle Business Intelligence Enterprise Edition software platform is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to disclose sensitive information that is protected b...

CVE-2024-20904

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics component: Pod Admin. Supported versions that are affected are 6.4.0.0.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Orac...

CVE-2024-20904

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics component: Pod Admin. Supported versions that are affected are 6.4.0.0.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Orac...

Buffer overflow

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics component: Pod Admin. Supported versions that are affected are 6.4.0.0.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Orac...

CVE-2024-20904

CVE-2024-20904 affects Oracle Business Intelligence Enterprise Edition (pod Admin) versions 6.4.0.0.0 and 12.2.1.4.0. The issue arises from insufficient input validation in the Pod Admin component, allowing a low-privileged attacker with network access via HTTP to read a subset of data. Attacks m...

The vulnerability of the Pod Admin component of the Oracle Business Intelligence Enterprise Edition software platform allows a malicious individual to gain access to read, modify, add, or delete data.

The vulnerability of the Pod Admin component of the Oracle Business Intelligence Enterprise Edition software platform is related to insufficient validation of input data. Exploiting this vulnerability may allow an attacker, operating remotely, to gain access to read, modify, add, or delete data...

CVE-2023-22082

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics component: Pod Admin. Supported versions that are affected are 6.4.0.0.0 and 7.0.0.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracl...

CVE-2023-22082

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics component: Pod Admin. Supported versions that are affected are 6.4.0.0.0 and 7.0.0.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracl...

CVE-2023-22082

The CVE-2023-22082 issue affects Oracle BI Enterprise Edition (OAS) Pod Admin in Oracle Analytics for versions 6.4.0.0.0 and 7.0.0.0.0. Root cause: insufficient input validation in Pod Admin, allowing a low-privileged attacker with HTTP network access and user interaction to perform unauthorized ...