CVE-2023-21846

Name of the Vulnerable Software and Affected Versions Oracle BI Publisher versions 5.9.0.0.0, 6.4.0.0.0, and 12.2.1.4.0

Description The issue is related to insufficient input validation in the Security component of Oracle BI Publisher, part of Oracle Fusion Middleware. This easily exploitable vulnerability allows a low-privileged attacker with network access via multiple protocols to compromise Oracle BI Publisher, potentially resulting in a takeover of the system.

Recommendations For versions 5.9.0.0.0, 6.4.0.0.0, and 12.2.1.4.0, update to a version that includes the fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.