CVE-2018-2594

Name of the Vulnerable Software and Affected Versions Oracle Hyperion versions 11.1.2.4

Description The issue affects the Hyperion BI+ component, specifically the Foundation UI & Servlets subcomponent. It allows a high-privileged attacker with network access via HTTP to compromise Hyperion BI+, requiring human interaction from someone other than the attacker. This can result in unauthorized access to some Hyperion BI+ data, including update, insert, delete, and read access, as well as the ability to cause a partial denial of service.

Recommendations For version 11.1.2.4, at the moment, there is no information about a newer version that contains a fix for this vulnerability.