CVE-2020-2769

LOW

2.4

Beschreibung

Vulnerability in the Hyperion Financial Reporting product of Oracle Hyperion (component: Web Based Report Designer). The supported version that is affected is 11.1.2.4. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Hyperion Financial Reporting. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Hyperion Financial Reporting accessible data. CVSS 3.0 Base Score 2.4 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N).

CVE Details

CVSS v3.1 Bewertung2.4

SchweregradLOW

CVSS VektorCVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N

AngriffsvektorNETWORK

KomplexitatLOW

Erforderliche PrivilegienHIGH

BenutzerinteraktionREQUIRED

Veroffentlicht4/15/2020

Zuletzt geandert11/21/2024

Quellenvd

Honeypot-Sichtungen0

Betroffene Produkte

oracle:hyperion_financial_reporting

Referenzen

https://www.oracle.com/security-alerts/cpuapr2020.html(secalert_us@oracle.com)

https://www.oracle.com/security-alerts/cpuapr2020.html(af854a3a-2127-422b-91ae-364da2661108)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.