Rewterz Threat Advisory – Multiple Oracle MySQL Vulnerabilities
October 21, 2021Rewterz Threat Advisory – Multiple Google Chrome Vulnerabilities
October 21, 2021Rewterz Threat Advisory – Multiple Oracle MySQL Vulnerabilities
October 21, 2021Rewterz Threat Advisory – Multiple Google Chrome Vulnerabilities
October 21, 2021Severity
Medium
Analysis Summary
CVE-2021-35655
An unspecified vulnerability in Oracle Essbase Administration Services related to the EAS Console component could allow an unauthenticated attacker to obtain sensitive information resulting in a low confidentiality impact using unknown attack vectors.
CVE-2021-35654
An unspecified vulnerability in Oracle Essbase Administration Services related to the EAS Console component could allow an unauthenticated attacker to cause a denial of service resulting in a high availability impact using unknown attack vectors.
CVE-2021-35653
An unspecified vulnerability in Oracle Essbase Administration Services related to the EAS Console component could allow an authenticated attacker to obtain sensitive information resulting in a high confidentiality impact using unknown attack vectors.
CVE-2021-35652
An unspecified vulnerability in Essbase Administration Services related to the EAS Console component could allow an unauthenticated attacker to take control of the system.
CVE-2021-35651
An unspecified vulnerability in Oracle Essbase Administration Services related to the EAS Console component could allow an authenticated attacker to cause high confidentiality impact, low integrity impact, and no availability impact.
Impact
- Information Disclosure
- Denial of Service
- Unauthorized Access
Affected Vendors
Oracle
Affected Products
- Oracle Essbase Administration Services 11.1.2.4.046
Remediation
Refer to Oracle Critical Patch Update Advisory for patch, upgrade, or suggested workaround information.