CVE-2023-22011

Summary

CVE-2023-22011 is a vulnerability affecting Oracle Business Intelligence Enterprise Edition (OBIEE), specifically the Analytics Server component. Versions 6.4.0.0.0 and 7.0.0.0.0 are susceptible to this easily exploitable issue. A low-privileged attacker with network access can exploit this vulnerability via HTTP, resulting in unauthorized data manipulation and partial denial of service. The base score, according to the Common Vulnerability Scoring System (CVSS), is 5.4 for both integrity and availability impacts. The CVSS Vector is (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L).

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.