ID CVE-2018-3178
Summary Vulnerability in the Hyperion Common Events component of Oracle Hyperion (subcomponent: User Interface). The supported version that is affected is 11.1.2.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Hyperion Common Events. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Hyperion Common Events, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Hyperion Common Events accessible data as well as unauthorized read access to a subset of Hyperion Common Events accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).
References
Vulnerable Configurations
  • Oracle Hyperion Common Events 11.1.2.4
    cpe:2.3:a:oracle:hyperion_common_events:11.1.2.4
CVSS
Base: 5.8
Impact:
Exploitability:
refmap via4
bid 105642
confirm http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
sectrack 1041898
Last major update 16-10-2018 - 21:31
Published 16-10-2018 - 21:31
Last modified 02-10-2019 - 20:03
Back to Top