← Back

CVE-2022-21346

nvd nist
Published: Jan 19, 2022Modified: Nov 21, 2024

JSON object

Loading...
7.5
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Exploitability: 3.9 / Impact: 3.6
Source: secalert_us@oracle.com (Secondary)

Description

Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: BI Publisher Security). Supported versions that are affected are 5.5.0.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle BI Publisher. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle BI Publisher accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).

Affected (3)

Products: Oracle: Bi Publisher
Oracle
1 product
Bi Publisher
Configuration A
3 vulnerable
Vulnerable SoftwareAffected Versions
Oracle
Bi Publisher
Version 12.2.1.3.0
Bi Publisher
Version 12.2.1.4.0
Bi Publisher
Version 5.5.0.0.0

References (4)

Source: secalert_us@oracle.com
Vendor Advisory
Source: secalert_us@oracle.com
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory

Timeline

No history available yet.