Vulnerability Details : CVE-2014-4246
Unspecified vulnerability in the Hyperion Analytic Provider Services component in Oracle Hyperion 11.1.2.2 and 11.1.2.3 allows remote authenticated users to affect confidentiality via vectors related to SVP.
Exploit prediction scoring system (EPSS) score for CVE-2014-4246
Probability of exploitation activity in the next 30 days: 0.31%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 69 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2014-4246
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
3.5
|
LOW | AV:N/AC:M/Au:S/C:P/I:N/A:N |
6.8
|
2.9
|
NIST |
References for CVE-2014-4246
-
http://www.vmware.com/security/advisories/VMSA-2014-0012.html
VMSA-2014-0012.1
-
http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
Oracle Critical Patch Update - July 2014Vendor Advisory
-
http://seclists.org/fulldisclosure/2014/Dec/23
Full Disclosure: NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities
-
http://www.securityfocus.com/bid/68586
Oracle Hyperion Analytic Provider Services CVE-2014-4246 Remote Security Vulnerability
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/94567
Oracle Hyperion Analytic Provider Services SVP information disclosure CVE-2014-4246 Vulnerability Report
-
http://www.securityfocus.com/archive/1/534161/100/0/threaded
SecurityFocus
-
http://www.securitytracker.com/id/1030579
Oracle Hyperion Bugs Let Remote and Local Users Partially Access and Modify Data and Partially Deny Service - SecurityTracker
Products affected by CVE-2014-4246
- cpe:2.3:a:oracle:hyperion:11.1.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:hyperion:11.1.2.2:*:*:*:*:*:*:*