漏洞标题
N/A
漏洞描述信息
Oracle Fusion Middleware中的Oracle商业智能企业版产品(组件:可视化分析器)的漏洞。受影响的支持版本是5.9.0.0.0和6.4.0.0.0。易 exploit 的漏洞允许通过HTTP方式获得网络访问的较低特权攻击者访问Oracle商业智能企业版。成功的攻击需要非攻击者的人类互动,尽管漏洞在Oracle商业智能企业版中,但攻击可能显著影响其他产品(范围更改)。利用此漏洞的成功攻击可能导致未经授权的更新、插入或删除访问某些Oracle商业智能企业版可用数据,以及未经授权的读取访问部分Oracle商业智能企业版可用数据的温度(CVSS 3.1基础得分5.4(保密性和完整性影响)。CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N)
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Visual Analyzer). Supported versions that are affected are 5.9.0.0.0 and 6.4.0.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Business Intelligence Enterprise Edition. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Business Intelligence Enterprise Edition, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Business Intelligence Enterprise Edition accessible data as well as unauthorized read access to a subset of Oracle Business Intelligence Enterprise Edition accessible data. CVSS 3.1 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N).
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
漏洞类别
N/A
漏洞标题
Oracle Business Intelligence Enterprise Edition 安全漏洞
漏洞描述信息
Oracle Business Intelligence Enterprise Edition是美国甲骨文(Oracle)公司的一款智能商业分析软件。对企业数据进行可视化分析,从而辅助决策、降低总体拥有成本并提高整个组织的投资回报率。 Oracle Business Intelligence Enterprise Edition 5.9.0.0.0 版本和 6.4.0.0.0 版本存在安全漏洞。低权限攻击者通过 HTTP 访问网络来破坏 Oracle 商务智能企业版。
CVSS信息
N/A
漏洞类别
其他