CVE-2023-22062

4 documents4 sources
Severity
8.5HIGH
EPSS
0.3%
top 49.46%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Oracle Corporation Hyperion Financial ReportingOracle Hyperion
Timeline
PublishedJul 18

Description

Vulnerability in the Oracle Hyperion Financial Reporting product of Oracle Hyperion (component: Repository). The supported version that is affected is 11.2.13.0.000. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hyperion Financial Reporting. While the vulnerability is in Oracle Hyperion Financial Reporting, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:LExploitability: 3.1 | Impact: 4.7

Affected Packages2 packages

NVDoracle/hyperion11.2.13.0.000

Patches

Patch: www.oracle.comPatch: www.oracle.com

🔴Vulnerability Details

2
CVEList
CVE-2023-22062: Vulnerability in the Oracle Hyperion Financial Reporting product of Oracle Hyperion (component: Repository)2023-07-18
GHSA
GHSA-797f-5wm3-347q: Vulnerability in the Oracle Hyperion Financial Reporting product of Oracle Hyperion (component: Repository)2023-07-18

📋Vendor Advisories

1
Oracle
Oracle Oracle Hyperion Risk Matrix: Repository — CVE-2023-220622023-07-15