Rewterz Threat Alert – Multiple GitHub Enterprise Server Vulnerabilities
January 18, 2024Rewterz Threat Advisory – Multiple Google Chrome Vulnerabilities
January 18, 2024Rewterz Threat Alert – Multiple GitHub Enterprise Server Vulnerabilities
January 18, 2024Rewterz Threat Advisory – Multiple Google Chrome Vulnerabilities
January 18, 2024Severity
Medium
Analysis Summary
CVE-2024-20979 CVSS:5.4
An unspecified vulnerability in Oracle BI Publisher related to the Web Server component could allow a remote authenticated attacker to cause low confidentiality and low integrity impact.
CVE-2024-20987 CVSS:5.4
An unspecified vulnerability in Oracle BI Publisher related to the Web Server component could allow a remote authenticated attacker to cause low confidentiality and low integrity impact.
CVE-2024-20955 CVSS:3.7
An unspecified vulnerability in Oracle GraalVM for JDK and GraalVM Enterprise Edition related to the Compiler component could allow a remote attacker to cause low confidentiality impact.
CVE-2023-21901 CVSS:7.4
An unspecified vulnerability in Oracle Financial Services Analytical Applications Infrastructure related to the Infrastructure component could allow a remote authenticated attacker to cause low confidentiality impact, low integrity impact, and no availability impact.
CVE-2024-20920 CVSS:3.8
An unspecified vulnerability in Oracle Solaris related to the Filesystem component could allow a local authenticated attacker to cause low confidentiality impact.
Impact
- Denial of Service
- Information Theft
Indicators Of Compromise
CVE
- CVE-2024-20979
- CVE-2024-20987
- CVE-2024-20955
- CVE-2023-21901
- CVE-2024-20920
Affected Vendors
Oracle
Affected Products
- Oracle Solaris 11
- Oracle BI Publisher 12.2.1.4.0
- Oracle GraalVM Enterprise Edition 22.3.2
- Oracle BI Publisher 6.4.0.0.0
- Oracle GraalVM Enterprise Edition 21.3.8
- Oracle GraalVM for JDK 17.0.9
- Oracle Financial Services Analytical Applications Infrastructure 8.0.7
- Oracle Financial Services Analytical Applications Infrastructure 8.0.8
- Oracle Financial Services Analytical Applications Infrastructure 8.0.9
- Oracle Financial Services Analytical Applications Infrastructure 8.1.0
- Oracle Financial Services Analytical Applications Infrastructure 8.1.1
- Oracle Financial Services Analytical Applications Infrastructure 8.1.2
Remediation
Refer to Oracle Security Advisory for patch, upgrade or suggested workaround information.