12 matches found
CVE-2021-45105
Summary of CVE-2021-45105 (Log4j2) : Affected Log4j 2.x versions 2.0-alpha1 through 2.16.0 (except 2.12.3 and 2.3.1) are vulnerable to denial of service via uncontrolled recursion triggered by self-referential lookups in Thread Context Map data. The root cause is improper handling of self-referen...
CVE-2024-21257
CVE-2024-21257 affects Oracle Hyperion BI+ (UI and Visualization) 11.2.18.0.000. A vulnerability due to insufficient input validation in the UI/Visualization component allows a low-privileged attacker with network-adjacent access and user interaction to read a subset of data. Exploitation require...
CVE-2017-10312
The CVE-2017-10312 entry concerns Oracle Hyperion BI+ UI/Visualization in Oracle Hyperion, affected version 11.1.2.4. The vulnerability is described as easily exploitable with network access via HTTP, requiring user interaction, and can lead to unauthorized access to data and possible unauthorize...
CVE-2020-14770
Concretely affected product: Oracle Hyperion BI+ (IQR-Foundation service) with version 11.1.2.4. Root cause/impact described across sources: vulnerability allows a high-privilege attacker with network access (via multiple protocols) to read a subset of Hyperion BI+ data; exploitation requires use...
CVE-2018-3184
CVE-2018-3184 affects Oracle Hyperion BI+ (IQR - Foundation Services) with version 11.1.2.4. The vulnerability permits an attacker with network access via HTTP to read a subset of Hyperion BI+ data, with exploitation requiring user interaction from another user. The documents do not provide expli...
CVE-2017-10359
CVE-2017-10359 affects Oracle Hyperion BI+ UI and Visualization in Oracle Hyperion, specifically version 11.1.2.4. The vulnerability is exploitable over HTTP with network access and requires user interaction; it can allow an unauthenticated attacker to read and also update/insert/delete data with...
CVE-2018-2594
The CVE-2018-2594 entry concerns Oracle Hyperion BI+ (Foundation UI & Servlets) affected in version 11.1.2.4. The vulnerability enables a high-privilege attacker with network access via HTTP to compromise Hyperion BI+, with exploitation requiring user interaction. Impact includes unauthorized upd...
CVE-2019-2415
CVE-2019-2415 affects Oracle Hyperion BI+ (Foundation UI & Servlets) with the 11.1.2.4 release. The vulnerability enables a high-privilege attacker, over network HTTP, to read, update, insert, or delete Hyperion BI+ data and to cause partial denial of service, with human interaction required. The...
CVE-2021-2439
CVE-2021-2439 affects Oracle Hyperion BI+ (UI and Visualization). Affected versions are 11.1.2.4 and 11.2.5.0. The vulnerability can be exploited by an unauthenticated attacker over HTTP with network access; exploitation requires human interaction from another user. Successful attacks may disclos...
CVE-2020-14560
The CVE-2020-14560 entry concerns Oracle Hyperion BI+ (UI and Visualization) with affected version 11.1.2.4. The vulnerability is described as difficult to exploit, requiring high privileges and network access via HTTP, with user interaction needed, and could lead to unauthorized access to confid...
CVE-2018-2595
CVE-2018-2595 affects Oracle Hyperion Hyperion BI+ Foundation UI & Servlets (11.1.2.4). A high-privilege attacker who can access via HTTP and coerces user interaction can read, update, insert, or delete Hyperion BI+ data and potentially cause a partial denial of service, according to CVSS 3.0 (ba...
CVE-2020-14767
The CVE-2020-14767 entry relates to Oracle Hyperion BI+ (IQR-Foundation service) with affected version 11.1.2.4. The vulnerability is described as exploitable by a high-privilege attacker with network access via multiple protocols, requiring user interaction, and capable of granting access to all...