CVE-2024-20913

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Feb 17, 2024

Updated: Feb 20, 2024

Summary

CVE-2024-20913 is a vulnerability affecting Oracle Business Intelligence Enterprise Edition version 12.2.1.4.0 of Oracle Analytics. This issue, which has a base score of 5.4 in CVSS 3.1, allows a low-privileged attacker with network access via HTTP to potentially compromise Oracle Business Intelligence Enterprise Edition. Successful attacks require human interaction and may result in unauthorized update, insert, or delete access to some data, as well as unauthorized read access to a subset of data. The impact goes beyond Oracle Business Intelligence Enterprise Edition as it may significantly affect additional products, making this a potential scope change issue.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Advisories, Assessments, and Mitigations

Back to Vulnerability Database