174 matches found
CVE-2022-21609
Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware component: Analytics Server. The supported version that is affected is 5.9.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracl...
The vulnerability of the Analytics Server component of the Oracle Business Intelligence Enterprise Edition software allows a perpetrator to gain access to read data or modify data.
The vulnerability of the Analytics Server component of the Oracle Business Intelligence Enterprise Edition software relates to reading data beyond the buffer in memory. Exploiting this vulnerability could allow a malicious actor to gain access to read data or modify data through HTTP requests...
Cross site scripting
A reflected XSS issue exists in the Management Console of several WSO2 products. This affects API Manager 2.2.0, 2.5.0, 2.6.0, 3.0.0, 3.1.0, 3.2.0, and 4.0.0; API Manager Analytics 2.2.0, 2.5.0, and 2.6.0; API Microgateway 2.2.0; Data Analytics Server 3.2.0; Enterprise Integrator 6.2.0, 6.3.0,...
CVE-2022-29548
A reflected XSS issue exists in the Management Console of several WSO2 products. This affects API Manager 2.2.0, 2.5.0, 2.6.0, 3.0.0, 3.1.0, 3.2.0, and 4.0.0; API Manager Analytics 2.2.0, 2.5.0, and 2.6.0; API Microgateway 2.2.0; Data Analytics Server 3.2.0; Enterprise Integrator 6.2.0, 6.3.0,...
CVE-2022-29548
CVE-2022-29548 is a reflected Cross-Site Scripting (XSS) vulnerability in the WSO2 Management Console affecting API Manager and related products (e.g., API Manager 2.2.0, 2.5.0, 2.6.0, 3.0.0–3.2.0, 4.0.0; API Manager Analytics; API Microgateway; Data Analytics Server; Enterprise Integrator; IS as...
CVE-2022-21492
CVE-2022-21492 affects Oracle Fusion Middleware’s Oracle BI Enterprise Edition (Analytics Server) with affected version 5.9.0.0.0. The vulnerability enables an unauthenticated attacker, over HTTP, to compromise Oracle BI EE. The exploit path requires user interaction and, while the flaw is in Ora...
Oracle Business Intelligence Publisher Multiple Vulnerabilities (Jan 2021 CPU)
The version of Oracle Business Intelligence Publisher or Oracle Analytics Server 5.5 running on the remote host is 11.1.1.9.x prior to 11.1.1.9.210119, 12.2.1.3.x prior to 12.2.1.3.201216, 12.2.1.4.x prior to 12.2.1.4.201216, or 12.2.5.5.x OAS 5.5 prior to 12.2.5.5.201216. It is, therefore,...
CVE-2020-24704
An issue was discovered in certain WSO2 products. The Try It tool allows Reflected XSS. This affects API Manager 2.2.0, API Manager Analytics 2.2.0, API Microgateway 2.2.0, Data Analytics Server 3.2.0, Enterprise Integrator through 6.6.0, IS as Key Manager 5.5.0, Identity Server 5.5.0 and 5.8.0,...
CVE-2020-24704
An issue was discovered in certain WSO2 products. The Try It tool allows Reflected XSS. This affects API Manager 2.2.0, API Manager Analytics 2.2.0, API Microgateway 2.2.0, Data Analytics Server 3.2.0, Enterprise Integrator through 6.6.0, IS as Key Manager 5.5.0, Identity Server 5.5.0 and 5.8.0,...
Cross site scripting
An issue was discovered in certain WSO2 products. The Try It tool allows Reflected XSS. This affects API Manager 2.2.0, API Manager Analytics 2.2.0, API Microgateway 2.2.0, Data Analytics Server 3.2.0, Enterprise Integrator through 6.6.0, IS as Key Manager 5.5.0, Identity Server 5.5.0 and 5.8.0,...
CVE-2020-24704
An issue was discovered in certain WSO2 products. The Try It tool allows Reflected XSS. This affects API Manager 2.2.0, API Manager Analytics 2.2.0, API Microgateway 2.2.0, Data Analytics Server 3.2.0, Enterprise Integrator through 6.6.0, IS as Key Manager 5.5.0, Identity Server 5.5.0 and 5.8.0,...
PT-2020-15814 · Wso2 · Wso2 Identity Server Analytics +8
Name of the Vulnerable Software and Affected Versions: WSO2 API Manager versions 2.2.0 WSO2 API Manager Analytics versions 2.2.0 WSO2 API Microgateway versions 2.2.0 WSO2 Data Analytics Server versions 3.2.0 WSO2 Enterprise Integrator versions through 6.6.0 WSO2 IS as Key Manager versions 5.5.0...
The vulnerability of the Analytics Server component of the Oracle Business Intelligence Enterprise Edition allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the Analytics Server component of the Oracle Business Intelligence Enterprise Edition software is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...
Nord Security: User data not anonymized is sent to analytics server
A good report from @martinbydefault. Although we have never received the IDs and they could not be linked with any specific events, we have removed the connection events altogether. While, even prior to the fix, it was impossible to tie the ID with the username or activity, the reporter's concern...
CVE-2020-2535
Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware component: Analytics Server. Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP t...
Buffer overflow
Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware component: Analytics Server. Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP t...
CVE-2020-2535
Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware component: Analytics Server. Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP t...
Oracle Business Intelligence Enterprise Edition Multiple Remote Security Vulnerabilities
Description Oracle Business Intelligence Enterprise Edition is prone to multiple remote security vulnerabilities. These vulnerabilities can be exploited over the 'HTTP' protocol. The 'Analytics Actions', 'BI Platform Security' and 'Analytics Server' components are affected. These vulnerabilities...
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Spectrum LSF Analytics
Summary There are multiple vulnerabilities in IBMRuntime Environment JavaVersion 7 used by IBM Spectrum LSF Analytics. IBM Spectrum LSF Analytics has addressed the applicable CVEs. Vulnerability Details Refer to the security bulletinss listed in the Remediation/Fixes section Affected Products and...
The vulnerability of the Analytics Server sub-component of the Oracle Business Intelligence Enterprise Edition component of the Oracle Fusion Middleware software allows a perpetrator to access, modify, add, or delete data.
The vulnerability of the Analytics Server component of the Oracle Business Intelligence Enterprise Edition software from Oracle Fusion Middleware is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain access to modify, add,...