cbcvebase.
CVE-2021-2401
published 2021-07-21

CVE-2021-2401: Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: E-Business Suite - XDO). Supported versions that are affected are…

PriorityP353medium5.3CVSS 3.1
AVNACLPRNUINSUCLINAN
EPSS
84.82%
99.7th percentile
Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: E-Business Suite - XDO). Supported versions that are affected are 5.5.0.0.0, 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle BI Publisher. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle BI Publisher accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).

Affected

8 ranges
VendorProductVersion rangeFixed in
oraclebi_publisher
oraclebi_publisher
oraclebi_publisher
oraclebi_publisher
oracle_corporationbi_publisher
oracle_corporationbi_publisher
oracle_corporationbi_publisher
oracle_corporationbi_publisher

Detection & IOCsextracted from sources · hover to see the quote

  • CVE-2021-2401 affects Oracle BI Publisher via HTTP with no authentication required (PR:N/UI:N), target the E-Business Suite - XDO component; monitor for unauthenticated HTTP requests to BI Publisher XDO endpoints
  • Affected Oracle BI Publisher versions are 5.5.0.0.0, 11.1.1.9.0, 12.2.1.3.0, and 12.2.1.4.0; flag traffic to/from unpatched instances of these versions
  • ·Exploitation is network-based over HTTP with no privileges or user interaction required (CVSS:3.1/AV:N/AC:L/PR:N/UI:N), meaning the attack surface is fully exposed on any internet- or network-facing BI Publisher deployment
  • ·Impact is limited to unauthorized read access (Confidentiality only); no integrity or availability impact reported

CVSS provenance

nvdv3.15.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
vendor_redhat5.5MEDIUM
vendor_oracle5.3MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.