Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-21099


Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics (component: Data Visualization). The supported version that is affected is 7.0.0.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Business Intelligence Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Business Intelligence Enterprise Edition accessible data. CVSS 3.1 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).


Published

2024-04-16T22:15:30.723

Last Modified

2025-05-08T14:21:56.673

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 4.3 (MEDIUM)

Weaknesses
  • Type: Secondary
    CWE-125

Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application oracle business_intelligence 7.0.0.0.0 Yes

References