Lucene search
K

174 matches found

Cvelist
Cvelist
added 2022/10/18 12:0 a.m.21 views

CVE-2022-21609

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware component: Analytics Server. The supported version that is affected is 5.9.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracl...

5.7CVSS6.2AI score0.00587EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2022/06/27 12:0 a.m.7 views

The vulnerability of the Analytics Server component of the Oracle Business Intelligence Enterprise Edition software allows a perpetrator to gain access to read data or modify data.

The vulnerability of the Analytics Server component of the Oracle Business Intelligence Enterprise Edition software relates to reading data beyond the buffer in memory. Exploiting this vulnerability could allow a malicious actor to gain access to read data or modify data through HTTP requests...

6.1CVSS6.9AI score0.00857EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2022/04/21 2:15 a.m.18 views

Cross site scripting

A reflected XSS issue exists in the Management Console of several WSO2 products. This affects API Manager 2.2.0, 2.5.0, 2.6.0, 3.0.0, 3.1.0, 3.2.0, and 4.0.0; API Manager Analytics 2.2.0, 2.5.0, and 2.6.0; API Microgateway 2.2.0; Data Analytics Server 3.2.0; Enterprise Integrator 6.2.0, 6.3.0,...

4.3CVSS5.9AI score0.40481EPSS
Exploits5References3Affected Software9
OSV
OSV
added 2022/04/21 12:0 a.m.22 views

CVE-2022-29548

A reflected XSS issue exists in the Management Console of several WSO2 products. This affects API Manager 2.2.0, 2.5.0, 2.6.0, 3.0.0, 3.1.0, 3.2.0, and 4.0.0; API Manager Analytics 2.2.0, 2.5.0, and 2.6.0; API Microgateway 2.2.0; Data Analytics Server 3.2.0; Enterprise Integrator 6.2.0, 6.3.0,...

4.6CVSS5.9AI score0.40481EPSS
Exploits5References5
CVE
CVE
added 2022/04/21 12:0 a.m.749 views

CVE-2022-29548

CVE-2022-29548 is a reflected Cross-Site Scripting (XSS) vulnerability in the WSO2 Management Console affecting API Manager and related products (e.g., API Manager 2.2.0, 2.5.0, 2.6.0, 3.0.0–3.2.0, 4.0.0; API Manager Analytics; API Microgateway; Data Analytics Server; Enterprise Integrator; IS as...

6.1CVSS5.8AI score0.40481EPSS
Exploits5References3Affected Software9
CVE
CVE
added 2022/04/19 8:38 p.m.89 views

CVE-2022-21492

CVE-2022-21492 affects Oracle Fusion Middleware’s Oracle BI Enterprise Edition (Analytics Server) with affected version 5.9.0.0.0. The vulnerability enables an unauthenticated attacker, over HTTP, to compromise Oracle BI EE. The exploit path requires user interaction and, while the flaw is in Ora...

6.1CVSS5.9AI score0.00857EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/03/10 12:0 a.m.40 views

Oracle Business Intelligence Publisher Multiple Vulnerabilities (Jan 2021 CPU)

The version of Oracle Business Intelligence Publisher or Oracle Analytics Server 5.5 running on the remote host is 11.1.1.9.x prior to 11.1.1.9.210119, 12.2.1.3.x prior to 12.2.1.3.201216, 12.2.1.4.x prior to 12.2.1.4.201216, or 12.2.5.5.x OAS 5.5 prior to 12.2.5.5.201216. It is, therefore,...

7.6CVSS7.6AI score0.011EPSS
Exploits0References6
NVD
NVD
added 2020/08/27 4:15 p.m.25 views

CVE-2020-24704

An issue was discovered in certain WSO2 products. The Try It tool allows Reflected XSS. This affects API Manager 2.2.0, API Manager Analytics 2.2.0, API Microgateway 2.2.0, Data Analytics Server 3.2.0, Enterprise Integrator through 6.6.0, IS as Key Manager 5.5.0, Identity Server 5.5.0 and 5.8.0,...

6.1CVSS6.3AI score0.00722EPSS
Exploits0References1
OSV
OSV
added 2020/08/27 4:15 p.m.16 views

CVE-2020-24704

An issue was discovered in certain WSO2 products. The Try It tool allows Reflected XSS. This affects API Manager 2.2.0, API Manager Analytics 2.2.0, API Microgateway 2.2.0, Data Analytics Server 3.2.0, Enterprise Integrator through 6.6.0, IS as Key Manager 5.5.0, Identity Server 5.5.0 and 5.8.0,...

6.1CVSS6.8AI score
Exploits0References1
Prion
Prion
added 2020/08/27 4:15 p.m.23 views

Cross site scripting

An issue was discovered in certain WSO2 products. The Try It tool allows Reflected XSS. This affects API Manager 2.2.0, API Manager Analytics 2.2.0, API Microgateway 2.2.0, Data Analytics Server 3.2.0, Enterprise Integrator through 6.6.0, IS as Key Manager 5.5.0, Identity Server 5.5.0 and 5.8.0,...

4.3CVSS6.2AI score0.00722EPSS
Exploits0References1Affected Software9
Cvelist
Cvelist
added 2020/08/27 12:0 a.m.33 views

CVE-2020-24704

An issue was discovered in certain WSO2 products. The Try It tool allows Reflected XSS. This affects API Manager 2.2.0, API Manager Analytics 2.2.0, API Microgateway 2.2.0, Data Analytics Server 3.2.0, Enterprise Integrator through 6.6.0, IS as Key Manager 5.5.0, Identity Server 5.5.0 and 5.8.0,...

6.1CVSS6.3AI score0.00722EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2020/08/27 12:0 a.m.10 views

PT-2020-15814 · Wso2 · Wso2 Identity Server Analytics +8

Name of the Vulnerable Software and Affected Versions: WSO2 API Manager versions 2.2.0 WSO2 API Manager Analytics versions 2.2.0 WSO2 API Microgateway versions 2.2.0 WSO2 Data Analytics Server versions 3.2.0 WSO2 Enterprise Integrator versions through 6.6.0 WSO2 IS as Key Manager versions 5.5.0...

8.8CVSS8.4AI score0.0105EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2020/02/11 12:0 a.m.5 views

The vulnerability of the Analytics Server component of the Oracle Business Intelligence Enterprise Edition allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Analytics Server component of the Oracle Business Intelligence Enterprise Edition software is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

4.7CVSS5.9AI score0.01357EPSS
Exploits0References3Affected Software1
Hacker One
Hacker One
added 2020/01/23 3:59 a.m.32 views

Nord Security: User data not anonymized is sent to analytics server

A good report from @martinbydefault. Although we have never received the IDs and they could not be linked with any specific events, we have removed the connection events altogether. While, even prior to the fix, it was impossible to tie the ID with the username or activity, the reporter's concern...

6.6AI score
Exploits0
OSV
OSV
added 2020/01/15 5:15 p.m.6 views

CVE-2020-2535

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware component: Analytics Server. Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP t...

4.7CVSS6.1AI score0.01357EPSS
Exploits0References1
Prion
Prion
added 2020/01/15 5:15 p.m.21 views

Buffer overflow

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware component: Analytics Server. Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP t...

4.3CVSS4AI score0.01357EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/01/15 4:33 p.m.27 views

CVE-2020-2535

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware component: Analytics Server. Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP t...

4.7CVSS4.1AI score0.01357EPSS
Exploits0References1
Symantec
Symantec
added 2020/01/14 12:0 a.m.17 views

Oracle Business Intelligence Enterprise Edition Multiple Remote Security Vulnerabilities

Description Oracle Business Intelligence Enterprise Edition is prone to multiple remote security vulnerabilities. These vulnerabilities can be exploited over the 'HTTP' protocol. The 'Analytics Actions', 'BI Platform Security' and 'Analytics Server' components are affected. These vulnerabilities...

1AI score
Exploits0References1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/12/20 8:47 a.m.18 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Spectrum LSF Analytics

Summary There are multiple vulnerabilities in IBMRuntime Environment JavaVersion 7 used by IBM Spectrum LSF Analytics. IBM Spectrum LSF Analytics has addressed the applicable CVEs. Vulnerability Details Refer to the security bulletinss listed in the Remediation/Fixes section Affected Products and...

0.9AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/01/28 12:0 a.m.6 views

The vulnerability of the Analytics Server sub-component of the Oracle Business Intelligence Enterprise Edition component of the Oracle Fusion Middleware software allows a perpetrator to access, modify, add, or delete data.

The vulnerability of the Analytics Server component of the Oracle Business Intelligence Enterprise Edition software from Oracle Fusion Middleware is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain access to modify, add,...

8.2CVSS7.5AI score0.01562EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder