Unauthenticated Access Flaw in Oracle E-Business Intelligence Suite
CVE-2020-2808

8.2HIGH

Key Information:

Vendor: Oracle
Status: E-business Intelligence
Vendor: CVE Published:; 15 April 2020

What is CVE-2020-2808?

An access vulnerability in Oracle E-Business Intelligence allows an unauthenticated attacker with network access to potentially compromise the system. Although exploitation requires human interaction from a third party, the consequences can include unauthorized access to sensitive data and various forms of data manipulation, such as updates, inserts, or deletions. This issue primarily affects versions 12.1.1 to 12.1.3 of Oracle E-Business Intelligence but can also impact other products in the suite, highlighting the importance of a robust security posture.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

E-Business Intelligence 12.1.1-12.1.3

References

https://www.oracle.com/security-alerts/cpuapr2020.html

x_refsource_MISC

CVSS V3.1

Score:

8.2

Severity:

HIGH

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Apr 15, 2020
Vulnerability Reserved
Dec 10, 2019

JSON

Oracle