PT-2026-34161 · Oracle · Oracle Hyperion Infrastructure Technology+1
Pierre_Adams
·
Published
2026-04-21
·
Updated
2026-04-26
·
CVE-2026-35244
CVSS v3.1
5.2
Medium
| Vector | AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
Oracle Hyperion Infrastructure Technology version 11.2.24.0.000
Description
An issue in the Lifecycle Management component of Oracle Hyperion Infrastructure Technology allows a high-privileged attacker with network access via HTTP to compromise the system. The attack requires human interaction from a person other than the attacker. Successful exploitation can lead to unauthorized read access to a subset of data, as well as unauthorized creation, deletion, or modification of critical data or all accessible data within the infrastructure.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Improper Access Control
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Oracle Hyperion Infrastructure Technology
Hyperion Infrastructure Technology