CVE-2018-3208

3 documents3 sources

Severity

7.7HIGH

EPSS

0.8%

top 26.79%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Oracle Corporation Hyperion Data Relationship Management Oracle Hyperion Data Relationship Management

Timeline

PublishedOct 17

Latest updateMay 13

Description

Vulnerability in the Hyperion Data Relationship Management component of Oracle Hyperion (subcomponent: Access and Security). The supported version that is affected is 11.1.2.4.345. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Hyperion Data Relationship Management. While the vulnerability is in Hyperion Data Relationship Management, attacks may significantly impact additional products. Successful attacks of this vulnerability can resul…

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:NExploitability: 3.1 | Impact: 4.0

Affected Packages2 packages

▶NVDoracle/hyperion_data_relationship_management11.1.2.4.345

▶CVEListV5oracle_corporation/hyperion_data_relationship_management11.1.2.4.345

Patches

Patch: www.oracle.com ↗Patch: www.oracle.com ↗

🔴Vulnerability Details

GHSA

GHSA-pff2-cgx3-69gw: Vulnerability in the Hyperion Data Relationship Management component of Oracle Hyperion (subcomponent: Access and Security)↗2022-05-13

▶

CVEList

CVE-2018-3208: Vulnerability in the Hyperion Data Relationship Management component of Oracle Hyperion (subcomponent: Access and Security)↗2018-10-17

▶