N/A

Vulnerability in the Oracle Essbase Administration Services product of Oracle Essbase (component: EAS Console). The supported version that is affected is Prior to 11.1.2.4.047. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Essbase Administration Services. While the vulnerability is in Oracle Essbase Administration Services, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Essbase Administration Services. CVSS 3.1 Base Score 9.9 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

N/A

Oracle Essbase 安全漏洞

Oracle Essbase是美国甲骨文（Oracle）公司的一个应用软件。使组织能够使用假设分析和数据可视化工具从多维数据集中快速生成洞察力。 Oracle Essbase 的 Oracle Essbase 管理服务产品中存在安全漏洞，该漏洞允许通过 HTTP 访问网络的低权限攻击者破坏 Oracle Essbase 管理服务。虽然该漏洞存在于 Oracle Essbase 管理服务中，但攻击可能会严重影响其他产品。成功攻击此漏洞可导致 Oracle Essbase 管理服务被接管。

N/A

N/A