CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2021-35683

CRITICAL
9.9
CVSS Severity Score
EPSS Score0.0320%
EPSS Percentile1.81th
Published2022年1月19日
Last Modified2024年11月21日

Vulnerability Description

Vulnerability in the Oracle Essbase Administration Services product of Oracle Essbase (component: EAS Console). The supported version that is affected is Prior to 11.1.2.4.047. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Essbase Administration Services. While the vulnerability is in Oracle Essbase Administration Services, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Essbase Administration Services. CVSS 3.1 Base Score 9.9 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).

Affected Platforms (CPE)

📦
Oracle

Essbase Administration Services

< 11.1.2.4.047

References & Advisories

🔗 https://www.oracle.com/security-alerts/cpujan2022.html
🔗 https://www.oracle.com/security-alerts/cpujan2022.html

相關漏洞威脅

CVE-2021-3565210.0

Vulnerability in the Essbase Administration Services product of Oracle Essbase (component: EAS Console). The supported versions th...

CVE-2016-06358.8

Unspecified vulnerability in the Enterprise Manager Ops Center component in Oracle Enterprise Manager Grid Control 12.1.4, 12.2.2,...

CVE-2021-23498.6

Vulnerability in the Hyperion Essbase Administration Services product of Oracle Essbase (component: EAS Console). Supported versio...

CVE-2021-356518.5

Vulnerability in the Essbase Administration Services product of Oracle Essbase (component: EAS Console). The supported versions th...