PT-2026-3723 · Oracle · Oracle Analytics Cloud+1
Published
2026-01-20
·
Updated
2026-01-20
·
CVE-2026-21976
CVSS v3.1
7.1
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
Oracle Business Intelligence Enterprise Edition versions 7.6.0.0.0 through 8.2.0.0.0
Description
An easily exploitable issue exists in Oracle Business Intelligence Enterprise Edition, specifically within the Oracle Analytics Cloud component. A low-privileged attacker with access to the system where Oracle Business Intelligence Enterprise Edition is running can compromise the application. Successful exploitation may lead to unauthorized data manipulation, including creation, deletion, or modification of critical data, as well as complete access to all data accessible through Oracle Business Intelligence Enterprise Edition.
Recommendations
Update Oracle Business Intelligence Enterprise Edition version 7.6.0.0.0 to a later version.
Update Oracle Business Intelligence Enterprise Edition version 8.2.0.0.0 to a later version.
Fix
Improper Access Control
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Oracle Analytics Cloud
Oracle Business Intelligence Enterprise Edition