N/A

Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: E-Business Suite - XDO). Supported versions that are affected are 5.5.0.0.0, 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle BI Publisher. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle BI Publisher accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

N/A

Oracle Fusion Middleware 安全漏洞

Oracle Fusion Middleware（Oracle融合中间件）是美国甲骨文（Oracle）公司的一套面向企业和云环境的业务创新平台。该平台提供了中间件、软件集合等功能。 Oracle Fusion Middleware 中存在安全漏洞，该漏洞源于产品的 E-Business Suite - XDO 组件未正确限制来自非授权用户的访问，攻击者可通过该漏洞访问敏感数据。以下产品及版本受到影响：Oracle BI Publisher 5.5.0.0.0、11.1.1.9.0、12.2.1.3.0、1

N/A

N/A