Vulnerability in Hyperion Financial Close Management by Oracle
CVE-2020-14546

4.2MEDIUM

Key Information:

Vendor: Oracle
Status: Hyperion Financial Close Management
Vendor: CVE Published:; 15 July 2020

Summary

The vulnerability in Oracle's Hyperion Financial Close Management (version 11.1.2.4) involves an access control issue within the Close Manager component. An attacker with high privileges and network access can exploit this flaw, but successful exploitation necessitates human interaction from a third party. An attacker can create, delete, or modify critical data stored within the application, posing serious risks to data integrity. As a result, this vulnerability represents a significant security concern for organizations using affected versions of Hyperion Financial Close Management.

Affected Version(s)

Hyperion Financial Close Management 11.1.2.4

References

https://www.oracle.com/security-alerts/cpujul2020.html

x_refsource_MISC

CVSS V3.1

Score:

4.2

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

High

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jul 15, 2020
Vulnerability Reserved
Jun 19, 2020