Vulnerability Details : CVE-2014-4206
Unspecified vulnerability in the Hyperion Enterprise Performance Management Architect component in Oracle Hyperion 11.1.2.2 and 11.1.2.3 allows local users to affect integrity and availability via unknown vectors related to Data Synchronizer.
Products affected by CVE-2014-4206
- cpe:2.3:a:oracle:hyperion:11.1.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:hyperion:11.1.2.2:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2014-4206
0.09%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 40 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2014-4206
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
3.3
|
LOW | AV:L/AC:M/Au:N/C:N/I:P/A:P |
3.4
|
4.9
|
NIST |
References for CVE-2014-4206
-
http://www.vmware.com/security/advisories/VMSA-2014-0012.html
VMSA-2014-0012.1
-
http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
Oracle Critical Patch Update - July 2014Vendor Advisory
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/94568
Oracle Hyperion Enterprise Performance Management Architect Data Synchronizer unspecified CVE-2014-4206 Vulnerability Report
-
http://seclists.org/fulldisclosure/2014/Dec/23
Full Disclosure: NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities
-
http://www.securityfocus.com/bid/68582
Oracle Hyperion Enterprise Performance Management Architect Local Security Vulnerability
-
http://www.securityfocus.com/archive/1/534161/100/0/threaded
SecurityFocus
-
http://www.securitytracker.com/id/1030579
Oracle Hyperion Bugs Let Remote and Local Users Partially Access and Modify Data and Partially Deny Service - SecurityTracker
Jump to