Unauthorized Access in Oracle Business Intelligence Enterprise Edition
CVE-2020-14626

8.1HIGH

Key Information:

Vendor

Oracle
Status
Oracle Business Intelligence Enterprise Edition
Vendor
CVE Published:
15 July 2020

What is CVE-2020-14626?

A vulnerability exists in Oracle Business Intelligence Enterprise Edition, specifically in the Analytics Web General component of Oracle Fusion Middleware. This flaw allows an unauthenticated attacker with network access to exploit the system via HTTP. Successful attempts can lead to unauthorized takeover of the Oracle Business Intelligence platform. Systems running versions 5.5.0.0.0, 11.1.1.9.0, 12.2.1.3.0, and 12.2.1.4.0 are particularly at risk. Organizations using these versions must apply the latest security patches urgently to safeguard their data and infrastructure.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Oracle Business Intelligence Enterprise Edition 5.5.0.0.0

Oracle Business Intelligence Enterprise Edition 11.1.1.9.0

Oracle Business Intelligence Enterprise Edition 12.2.1.3.0

References

https://www.oracle.com/security-alerts/cpujul2020.html
x_refsource_MISC
https://security.gentoo.org/glsa/202105-27
vendor-advisoryx_refsource_GENTOO

CVSS V3.1

Score:
8.1
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.