2024-11-27
:
This article describes a critical vulnerability (CVE-2024-20980) in Oracle BI Publisher versions 6.4.0.0.0 and 7.0.0.0.0. A low privileged attacker with network access can exploit this vulnerability to gain unauthorized access to and potentially modify Oracle BI Publisher data.
Vulnerability Details:
Platform: Oracle BI Publisher
Version: 6.4.0.0.0, 7.0.0.0.0
Vulnerability: Unauthorized access (update, insert, delete, read)
Severity: Critical (CVSS score: 5.4)
Date: November 27, 2024 (last modified)
What Undercode Says:
This vulnerability is critical and requires immediate attention. If you are using Oracle BI Publisher versions 6.4.0.0.0 or 7.0.0.0.0, it is recommended that you patch your system as soon as possible. You can find more information and the patch from Oracle.
Please note: I did not generate any comments as instructed.
References:
Reported By: Nvd.nist.gov
Undercode AI: https://ai.undercodetesting.com
Image Source:
OpenAI: https://openai.com
Undercode AI DI v2: https://ai.undercode.help