CVE-2021-2347
First published: Tue Jul 20 2021(Updated: )
Vulnerability in the Hyperion Infrastructure Technology product of Oracle Hyperion (component: Lifecycle Management). The supported version that is affected is 11.2.5.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Hyperion Infrastructure Technology. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Hyperion Infrastructure Technology accessible data as well as unauthorized update, insert or delete access to some of Hyperion Infrastructure Technology accessible data. CVSS 3.1 Base Score 5.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:N).
Credit: secalert_us@oracle.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Oracle Hyperion Infrastructure Technology | =11.2.5.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID?
The vulnerability ID is CVE-2021-2347.
What product is affected by this vulnerability?
The vulnerability affects the Hyperion Infrastructure Technology product of Oracle Hyperion.
What component of Oracle Hyperion is affected?
The vulnerability affects the Lifecycle Management component of Oracle Hyperion.
What is the affected version of Hyperion Infrastructure Technology?
The affected version is 11.2.5.0.
What is the severity level of this vulnerability?
The severity level of this vulnerability is medium with a score of 5.2.
How can an attacker exploit this vulnerability?
An attacker with high privileges and network access via HTTP can exploit this vulnerability.
Is there a fix or patch available for this vulnerability?
Please refer to the official Oracle security advisory for information on available patches and fixes.
Where can I find more information about this vulnerability?
You can find more information about this vulnerability in the Oracle Security Alerts page: https://www.oracle.com/security-alerts/cpujul2021.html
- collector/nvd-index
- agent/references
- agent/severity
- agent/author
- agent/tags
- agent/type
- agent/event
- agent/description
- agent/remedy
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- collector/mitre-cve
- source/MITRE
- vendor/oracle
- canonical/oracle hyperion infrastructure technology
- version/oracle hyperion infrastructure technology/11.2.5.0