Oracle Business Intelligence Enterprise Edition (July 2024 CPU)
Discription

The version of Oracle Business Intelligence Enterprise Edition 12.2.1.4 installed on the remote host is affected by multiple vulnerabilities as referenced in the July 2024 CPU advisory, including the following: Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics (component: BI FNDN (Apache XMLBeans)). The supported version that is affected is 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Business Intelligence Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Business Intelligence Enterprise Edition accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Business Intelligence Enterprise Edition. (CVE-2021-23926) Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics (component: Storage Service Integration (Nimbus JOSE+JWT)). The supported version that is affected is 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Business Intelligence Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Business Intelligence Enterprise…Read More

Back to Main

Subscribe for the latest news: