CVE-2023-21970

Name of the Vulnerable Software and Affected Versions Oracle BI Publisher version 6.4.0.0.0

Description The issue exists due to insufficient input validation in the Security component of Oracle BI Publisher. This allows a remote attacker to disclose sensitive information using HTTP requests. Successful attacks require human interaction and can result in unauthorized access to critical data or complete access to all accessible data.

Recommendations For Oracle BI Publisher version 6.4.0.0.0, update to a version that addresses the insufficient input validation issue in the Security component to prevent unauthorized access to sensitive information.