Oracle Business Intelligence Enterprise Edition Platform Security Vulnerability Allowing Unauthorized Data Access

Vulnerability

A vulnerability has been identified in Oracle Business Intelligence Enterprise Edition (OBIEE) within the Oracle Analytics product line, specifically in the Platform Security component. This vulnerability affects versions 7.6.0.0.0, 8.2.0.0.0, and 12.2.1.4.0. The issue allows an unauthenticated attacker with network access via HTTP to compromise OBIEE. Exploitation of this vulnerability requires human interaction from a third party. While the vulnerability resides in OBIEE, successful attacks could significantly impact other products, leading to a scope change. The vulnerability allows unauthorized users to read, update, insert, or delete certain accessible data within OBIEE.

Impact

Exploitation of this vulnerability could result in unauthorized access to read, update, insert, or delete some data within Oracle Business Intelligence Enterprise Edition.

Added: Jul 15, 2025, 11:05 PM

Updated: Jul 15, 2025, 11:05 PM

Vulnerability Rating

Custom Algorithm

spread

5.0

impact

5.0

exploitability

6.4

remediation

0.0

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.0

impact

5.0

exploitability

6.4

remediation

0.0

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Oracle Business Intelligence Enterprise Edition Platform Security Vulnerability Allowing Unauthorized Data Access

Vulnerability

Impact

Affected Products

Oracle Business Intelligence Enterprise Edition

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating