CVE-2018-2610Corporation Hyperion Data Relationship Management vulnerability

3 documents3 sources
Severity
5.3MEDIUMNVD
EPSS
0.6%
top 31.56%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Oracle Corporation Hyperion Data Relationship ManagementOracle Hyperion Data Relationship Management
Timeline
PublishedJan 18
Latest updateMay 13

Description

Vulnerability in the Hyperion Data Relationship Management component of Oracle Hyperion (subcomponent: Access and security). The supported version that is affected is 11.1.2.4.330. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Hyperion Data Relationship Management. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Hyperion Data Relationship Management accessible data. CVSS 3.0 Base Score 5.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages2 packages

Patches

Patch: www.oracle.comPatch: www.oracle.com

🔴Vulnerability Details

2
GHSA
GHSA-fg79-67xj-wr9v: Vulnerability in the Hyperion Data Relationship Management component of Oracle Hyperion (subcomponent: Access and security)2022-05-13
CVEList
CVE-2018-2610: Vulnerability in the Hyperion Data Relationship Management component of Oracle Hyperion (subcomponent: Access and security)2018-01-18
CVE-2018-2610 — MEDIUM severity | cvebase