CyberSec.Space Logo
返回 CVE 浏览器

CVE-2021-2350

HIGH
7.5
CVSS Severity Score
EPSS Score0.0200%
EPSS Percentile33.01th
Published2021年7月21日
Last Modified2024年11月21日

Vulnerability Description

Vulnerability in the Hyperion Essbase Administration Services product of Oracle Essbase (component: EAS Console). Supported versions that are affected are 11.1.2.4 and 21.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Hyperion Essbase Administration Services. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Hyperion Essbase Administration Services accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).

Affected Platforms (CPE)

📦
Oracle

Hyperion Essbase Administration Services

= 11.1.2.4
📦
Oracle

Hyperion Essbase Administration Services

= 21.2

References & Advisories

🔗 https://www.oracle.com/security-alerts/cpujul2021.html
🔗 https://www.oracle.com/security-alerts/cpujul2021.html

相关漏洞威胁

CVE-2016-06358.8

Unspecified vulnerability in the Enterprise Manager Ops Center component in Oracle Enterprise Manager Grid Control 12.1.4, 12.2.2,...

CVE-2021-23498.6

Vulnerability in the Hyperion Essbase Administration Services product of Oracle Essbase (component: EAS Console). Supported versio...

CVE-2018-31427.7

Vulnerability in the Hyperion Essbase Administration Services component of Oracle Hyperion (subcomponent: EAS Console). The suppor...

CVE-2018-31406.1

Vulnerability in the Hyperion Essbase Administration Services component of Oracle Hyperion (subcomponent: EAS Console). The suppor...