Request a Demo
Rewterz
Rewterz Threat Advisory – Multiple Oracle MySQL Vulnerabilities
October 21, 2021
Rewterz
Rewterz Threat Advisory – Multiple Google Chrome Vulnerabilities
October 21, 2021

Rewterz Threat Advisory – Multiple Oracle Essbase Administration Server Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2021-35655 

An unspecified vulnerability in Oracle Essbase Administration Services related to the EAS Console component could allow an unauthenticated attacker to obtain sensitive information resulting in a low confidentiality impact using unknown attack vectors.

CVE-2021-35654 

An unspecified vulnerability in Oracle Essbase Administration Services related to the EAS Console component could allow an unauthenticated attacker to cause a denial of service resulting in a high availability impact using unknown attack vectors.

CVE-2021-35653 

An unspecified vulnerability in Oracle Essbase Administration Services related to the EAS Console component could allow an authenticated attacker to obtain sensitive information resulting in a high confidentiality impact using unknown attack vectors.

CVE-2021-35652 

An unspecified vulnerability in Essbase Administration Services related to the EAS Console component could allow an unauthenticated attacker to take control of the system.

CVE-2021-35651 

An unspecified vulnerability in Oracle Essbase Administration Services related to the EAS Console component could allow an authenticated attacker to cause high confidentiality impact, low integrity impact, and no availability impact.

Impact

  • Information Disclosure
  • Denial of Service
  • Unauthorized Access

Affected Vendors

Oracle

Affected Products

  • Oracle Essbase Administration Services 11.1.2.4.046

Remediation

Refer to Oracle Critical Patch Update Advisory for patch, upgrade, or suggested workaround information.

https://www.oracle.com/security-alerts/cpuoct2021.html