Oracle Essbase Web Platform Vulnerability Allowing Unauthorized Data Access and Modification

Vulnerability

A vulnerability has been identified in Oracle Essbase version 21.7.3.0.0, specifically within the Essbase Web Platform component. This easily exploitable vulnerability allows a low-privileged attacker with network access via HTTP to compromise Oracle Essbase. Successful exploitation can lead to unauthorized creation, deletion, or modification of critical data, as well as unauthorized access to essential data or complete access to all data accessible within Oracle Essbase.

Impact

Exploitation of this vulnerability could result in unauthorized access to critical data or complete access to all data within Oracle Essbase, along with the ability to create, delete, or modify data.

Added: Oct 21, 2025, 9:08 PM

Updated: Oct 21, 2025, 9:08 PM

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

5.0

exploitability

4.9

remediation

0.0

relevance

0.8

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

5.0

exploitability

4.9

remediation

0.0

relevance

0.8

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Oracle Essbase Web Platform Vulnerability Allowing Unauthorized Data Access and Modification

Vulnerability

Impact

Affected Products

Oracle Essbase

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating