cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-21961,https://securityvulnerability.io/vulnerability/CVE-2023-21961,Vulnerability in Oracle Hyperion Essbase Administration Services,"A vulnerability exists in the Oracle Hyperion Essbase Administration Services, specifically within the EAS Administration and EAS Console components. An attacker with privileged credentials can exploit this vulnerability to gain unauthorized access to sensitive data within the Oracle Hyperion environment. This exploitation can potentially lead to a significant compromise of various products integrated with the Oracle Hyperion system, as the effects of the breach may extend beyond the compromised service. Organizations using the affected version, 21.4.3.0.0, should prioritize patching and enhancing their security posture to mitigate risks associated with unauthorized data access.",Oracle,Hyperion Essbase Administration Services,6,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2023-07-18T21:15:00.000Z,0
CVE-2021-35683,https://securityvulnerability.io/vulnerability/CVE-2021-35683,Arbitrary Code Execution Vulnerability in Oracle Essbase Administration Services,"A vulnerability in the Oracle Essbase Administration Services allows a low-privileged attacker with network access via HTTP to execute arbitrary code. This security issue affects the EAS Console component of Oracle Essbase and could lead to unauthorized control over the system. Successful exploitation can jeopardize the confidentiality, integrity, and availability of the affected product, significantly impacting related services.",Oracle,Hyperion Essbase Administration Services,9.9,CRITICAL,0.00044999999227002263,false,,false,false,false,,,false,false,,2022-01-19T11:21:44.000Z,0
CVE-2021-35655,https://securityvulnerability.io/vulnerability/CVE-2021-35655,Unauthorized Read Access Vulnerability in Oracle Essbase Administration Services,"A vulnerability exists in Oracle Essbase Administration Services (EAS Console) that allows an unauthenticated attacker with network access via HTTP to exploit the system. This vulnerability affects EAS versions prior to 11.1.2.4.046 and prior to 21.3, enabling unauthorized users to gain read access to sensitive data within the system. Proper security measures must be implemented to mitigate the risk associated with this vulnerability. For further details, refer to Oracle's security alerts.",Oracle,Hyperion Essbase Administration Services,5.3,MEDIUM,0.001019999966956675,false,,false,false,false,,,false,false,,2021-10-20T10:51:34.000Z,0
CVE-2021-35654,https://securityvulnerability.io/vulnerability/CVE-2021-35654,Denial of Service Vulnerability in Oracle Essbase Administration Services,"An unauthenticated vulnerability in the Essbase Administration Services of Oracle Essbase allows attackers with network access to disrupt service. Exploitation enables attackers to cause a denial of service, leading to frequent crashes or hang-ups of the Essbase Administration Services. This vulnerability affects specific versions prior to 11.1.2.4.046 and 21.3, highlighting the importance of timely updates and patches to safeguard against unauthorized network attacks.",Oracle,Hyperion Essbase Administration Services,7.5,HIGH,0.0010100000072270632,false,,false,false,false,,,false,false,,2021-10-20T10:51:33.000Z,0
CVE-2021-35653,https://securityvulnerability.io/vulnerability/CVE-2021-35653,Unauthorized Access Flaw in Oracle Essbase Administration Services,"A vulnerability exists in Oracle Essbase Administration Services allowing low-privileged attackers with network access via HTTP to compromise the service. The flaw impacts versions prior to 11.1.2.4.046 and 21.3, potentially leading to unauthorized access to sensitive data. While the vulnerability is primarily in the EAS Console, it poses risks to additional integrated products, enabling attackers to exploit this weakness to gain critical information or full access to data managed by Essbase Administration Services.",Oracle,Hyperion Essbase Administration Services,7.7,HIGH,0.0009399999980814755,false,,false,false,false,,,false,false,,2021-10-20T10:51:32.000Z,0
CVE-2021-35652,https://securityvulnerability.io/vulnerability/CVE-2021-35652,Unattended Remote Code Execution Vulnerability in Oracle Essbase Administration Services,"A vulnerability in Oracle's Essbase Administration Services component allows an unauthenticated attacker with network access via HTTP to compromise the services. Affected versions include those prior to 11.1.2.4.046 and 21.3, making it particularly critical for users operating outdated releases. Successful exploitation can lead to full control over Essbase Administration Services, posing significant risk to its integrity, confidentiality, and availability. Attackers can leverage this vulnerability to perform unauthorized actions, resulting in widespread consequences across additional Oracle products.",Oracle,Hyperion Essbase Administration Services,10,CRITICAL,0.010459999553859234,false,,false,false,false,,,false,false,,2021-10-20T10:51:31.000Z,0
CVE-2021-35651,https://securityvulnerability.io/vulnerability/CVE-2021-35651,Unauthorized Access Vulnerability in Oracle Essbase Administration Services,"The vulnerability in Oracle's Essbase Administration Services allows low-privileged attackers with network access through HTTP to gain unauthorized access. This compromise can lead to significant risks, including unauthorized updates, inserts, or deletions of data within the Essbase Administration Services environment. Exploiting this vulnerability may expose sensitive data and disrupt essential services, impacting various interconnected products beyond Essbase itself.",Oracle,Hyperion Essbase Administration Services,8.5,HIGH,0.0009399999980814755,false,,false,false,false,,,false,false,,2021-10-20T10:51:29.000Z,0
CVE-2021-2350,https://securityvulnerability.io/vulnerability/CVE-2021-2350,Unauthorized Access Vulnerability in Oracle Hyperion Essbase Administration Services,"The Hyperion Essbase Administration Services, a product of Oracle Essbase, is susceptible to an unauthorized access vulnerability that can be exploited by unauthenticated attackers with network access via HTTP. This flaw enables malicious actors to potentially gain access to sensitive data within the service. Affected versions include 11.1.2.4 and 21.2, posing significant risks to data confidentiality and integrity.",Oracle,Hyperion Essbase Administration Services,7.5,HIGH,0.004110000096261501,false,,false,false,false,,,false,false,,2021-07-20T22:43:28.000Z,0
CVE-2021-2349,https://securityvulnerability.io/vulnerability/CVE-2021-2349,Unauthenticated Access Vulnerability in Oracle Hyperion Essbase Administration Services,"A critical vulnerability exists in the Oracle Hyperion Essbase Administration Services, specifically within the EAS Console component. This weakness allows an unauthenticated attacker with network access via HTTP to exploit the system. While the vulnerability specifically impacts Hyperion Essbase Administration Services, successful exploitation could lead to unauthorized access to sensitive data, compromising the integrity of the entire service. Affected versions include 11.1.2.4 and 21.2, highlighting the urgency for users to assess their exposure and implement protective measures as soon as possible.",Oracle,Hyperion Essbase Administration Services,8.6,HIGH,0.004110000096261501,false,,false,false,false,,,false,false,,2021-07-20T22:43:27.000Z,0
CVE-2018-3141,https://securityvulnerability.io/vulnerability/CVE-2018-3141,,"Vulnerability in the Hyperion Essbase Administration Services component of Oracle Hyperion (subcomponent: EAS Console). The supported version that is affected is 11.1.2.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Hyperion Essbase Administration Services. While the vulnerability is in Hyperion Essbase Administration Services, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Hyperion Essbase Administration Services accessible data. CVSS 3.0 Base Score 5.8 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N).",Oracle,Hyperion Essbase Administration Services,5.8,MEDIUM,0.001339999958872795,false,,false,false,false,,,false,false,,2018-10-17T01:00:00.000Z,0
CVE-2018-3142,https://securityvulnerability.io/vulnerability/CVE-2018-3142,,"Vulnerability in the Hyperion Essbase Administration Services component of Oracle Hyperion (subcomponent: EAS Console). The supported version that is affected is 11.1.2.4. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Hyperion Essbase Administration Services. While the vulnerability is in Hyperion Essbase Administration Services, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Hyperion Essbase Administration Services accessible data. CVSS 3.0 Base Score 7.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N).",Oracle,Hyperion Essbase Administration Services,7.7,HIGH,0.0007900000200606883,false,,false,false,false,,,false,false,,2018-10-17T01:00:00.000Z,0
CVE-2018-3140,https://securityvulnerability.io/vulnerability/CVE-2018-3140,,"Vulnerability in the Hyperion Essbase Administration Services component of Oracle Hyperion (subcomponent: EAS Console). The supported version that is affected is 11.1.2.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Hyperion Essbase Administration Services. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Hyperion Essbase Administration Services, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Hyperion Essbase Administration Services accessible data as well as unauthorized read access to a subset of Hyperion Essbase Administration Services accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).",Oracle,Hyperion Essbase Administration Services,6.1,MEDIUM,0.0011099999537691474,false,,false,false,false,,,false,false,,2018-10-17T01:00:00.000Z,0