CyberSec.Space Logo
Back to CVE Browser

CVE-2021-35683

CRITICAL
9.9
CVSS Severity Score
EPSS Score0.0320%
EPSS Percentile1.81th
PublishedJan 19, 2022
Last ModifiedNov 21, 2024

Vulnerability Description

Vulnerability in the Oracle Essbase Administration Services product of Oracle Essbase (component: EAS Console). The supported version that is affected is Prior to 11.1.2.4.047. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Essbase Administration Services. While the vulnerability is in Oracle Essbase Administration Services, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Essbase Administration Services. CVSS 3.1 Base Score 9.9 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).

Affected Platforms (CPE)

📦
Oracle

Essbase Administration Services

< 11.1.2.4.047

References & Advisories

🔗 https://www.oracle.com/security-alerts/cpujan2022.html
🔗 https://www.oracle.com/security-alerts/cpujan2022.html

Related Vulnerabilities

CVE-2021-3565210.0

Vulnerability in the Essbase Administration Services product of Oracle Essbase (component: EAS Console). The supported versions th...

CVE-2016-06358.8

Unspecified vulnerability in the Enterprise Manager Ops Center component in Oracle Enterprise Manager Grid Control 12.1.4, 12.2.2,...

CVE-2021-23498.6

Vulnerability in the Hyperion Essbase Administration Services product of Oracle Essbase (component: EAS Console). Supported versio...

CVE-2021-356518.5

Vulnerability in the Essbase Administration Services product of Oracle Essbase (component: EAS Console). The supported versions th...