Lucene search
K
OracleEssbase Administration Services

7 matches found

CVE
CVE
added 2019/11/08 2:46 p.m.296 views

CVE-2019-10219

The CVE-2019-10219 entry affects Hibernate Validator: SafeHtml validator annotation fails to sanitize HTML comments/instructions, enabling XSS in affected code paths. Affected CP4S versions are 1.7.2.0, 1.8.0.0, and 1.8.1.0. Remediation is to upgrade to Cloud Pak for Security 1.9.0.0 per IBM guid...

6.5CVSS6AI score0.02167EPSS
CVE
CVE
added 2022/01/19 11:21 a.m.62 views

CVE-2021-35683

CVE-2021-35683 affects Oracle Essbase Administration Services (EAS Console) in Oracle Essbase; affected versions are before 11.1.2.4.047. The vulnerability enables a low-privilege, network-accessible attacker over HTTP to compromise EAS, with the potential to takeover the Essbase Administration S...

9.9CVSS9AI score0.01191EPSS
CVE
CVE
added 2021/10/20 10:51 a.m.61 views

CVE-2021-35652

The CVE-2021-35652 issue affects Oracle Essbase EAS Console in Oracle Essbase. Affected versions are pre-11.1.2.4.046 and pre-21.3; the vulnerability enables an unauthenticated, network-accessible attacker over HTTP to compromise Essbase Administration Services, with potential takeover of the ser...

10CVSS9.2AI score0.01813EPSS
CVE
CVE
added 2021/10/20 10:51 a.m.60 views

CVE-2021-35651

CVE-2021-35651 affects Oracle Essbase EAS Console. Affected versions are prior to 11.1.2.4.046 and prior to 21.3. An attacker with low privileges on the network can access via HTTP to compromise Essbase Administration Services, potentially leading to unauthorized access to data and unauthorized u...

8.5CVSS8.2AI score0.01008EPSS
CVE
CVE
added 2021/10/20 10:51 a.m.58 views

CVE-2021-35653

CVE-2021-35653 affects Oracle Essbase Essbase Administration Services (EAS Console). Vulnerable in Essex versions prior to 11.1.2.4.046 and prior to 21.3; an unauthenticated, low-privilege attacker with network access via HTTP can compromise EAS and potentially gain unauthorized access to data ac...

7.7CVSS7.5AI score0.01202EPSS
CVE
CVE
added 2021/10/20 10:51 a.m.55 views

CVE-2021-35654

The CVE-2021-35654 issue affects Oracle Essbase EAS Console within Essbase Administration Services, with affected versions listed as prior to 11.1.2.4.046 and prior to 21.3. An unauthenticated attacker with network access over HTTP can cause the Essbase Administration Services to hang or crash re...

7.5CVSS7.4AI score0.01528EPSS
CVE
CVE
added 2021/10/20 10:51 a.m.55 views

CVE-2021-35655

CVE-2021-35655 affects Oracle Essbase EAS Console within Essbase Administration Services. Affected products/versions are prior to 11.1.2.4.046 and prior to 21.3. The issue allows an unauthenticated, network-accessible attacker via HTTP to read a subset of Essbase Administration Services data. The...

5.3CVSS4.8AI score0.01134EPSS