CVE-2024-21257

CVSS 3.1 Score 3.0 of 10 (low)

Details

Published Oct 15, 2024

Summary

CVE-2024-21257 is a vulnerability identified in the Oracle Hyperion BI+ product, specifically affecting version 11.2.18.0.000 of the UI and Visualization component. This vulnerability can be easily exploited by a low-privileged attacker who has access to the physical communication segment of the hardware running Oracle Hyperion BI+, requiring human interaction from an individual other than the attacker. If successfully exploited, it may allow unauthorized read access to certain data within Oracle Hyperion BI+. Organizations are advised to implement security measures as outlined in Oracle's security alerts to mitigate this risk. The vulnerability has a CVSS 3.1 Base Score of 3.0, indicating a low severity level with confidentiality impacts but no integrity or availability impacts.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share