Oracle BI Publisher Unauthenticated Data Access Vulnerability

Vulnerability

A vulnerability exists in Oracle BI Publisher, part of Oracle Analytics, specifically in the XML Services component. It affects versions 7.6.0.0.0 and 12.2.1.4.0. This vulnerability allows an unauthenticated attacker with network access via HTTP to compromise Oracle BI Publisher. Exploitation of this vulnerability could lead to unauthorized access to critical data or complete access to all data accessible through Oracle BI Publisher.

Impact

Successful exploitation allows unauthorized access to critical data or complete access to all data in Oracle BI Publisher that is accessible to the user.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

2.5

exploitability

7.0

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

2.5

exploitability

7.0

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Oracle BI Publisher Unauthenticated Data Access Vulnerability

Vulnerability

Impact

Affected Products

Oracle BI Publisher

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating