CVE-2018-3184

Name of the Vulnerable Software and Affected Versions Oracle Hyperion versions 11.1.2.4

Description The issue affects the Hyperion BI+ component, specifically the IQR - Foundation Services subcomponent. It allows a high-privileged attacker with network access via HTTP to compromise Hyperion BI+, resulting in unauthorized read access to a subset of Hyperion BI+ accessible data. The attack requires human interaction from a person other than the attacker.

Recommendations For Oracle Hyperion version 11.1.2.4, at the moment, there is no information about a newer version that contains a fix for this vulnerability.