3 matches found
CVE-2018-3215
Vulnerability in the Oracle Endeca Information Discovery Integrator component of Oracle Fusion Middleware subcomponent: Integrator ETL. Supported versions that are affected are 3.1.0 and 3.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...
Oracle Endeca Information Discovery Integrator ETL Server UploadFileContent Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable instances of Oracle Endeca Information Discovery. Authentication is required to exploit this vulnerability but an authentication bypass is known. The specific flaw exists within the handling of file uploads using...
Oracle Endeca Information Discovery Integrator ETL Server Authentication Bypass Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable instances of Oracle Endeca Information Discovery. Authentication is not required to exploit this vulnerability. The specific flaw exists within the generation and use of session hashes. The issue lies in the use of...