CNNVD-202601-3138 Information
CNNVD ID
CNNVD-202601-3138
Related CVE
- CNNVD Published: 2026-01-20
Description (Chinese)
Oracle Hyperion是美国甲骨文(Oracle)公司的一套财务建模应用软件。该软件提供财务结算、报表制作等功能。 Oracle Hyperion的Oracle Planning and Budgeting Cloud Service 25.04.07版本存在安全漏洞,该漏洞源于高权限攻击者可通过登录基础设施进行攻击,可能导致对关键数据或所有可访问数据进行未经授权的创建、删除或修改。
Description (English)
Oracle Hyperion is a financial modelling application for Oracle. The software provides functionality such as financial closure, report production, etc. The Oracle Planning and Building Cloud Service 25.04.07 version of Oracle Hyperion has a security loophole, which stems from the fact that high-authority attackers can attack through log-in infrastructure and may lead to unauthorized creation, deletion or modification of key data or all accessible data.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
甲骨文
Published
2026-01-20
Last Modified
2026-02-24
References
https://www.oracle.com/security-alerts/cpujan2026.html https://access.redhat.com/security/cve/cve-2026-21922
Patch
https://www.oracle.com/security-alerts/cpujan2026.html
Share on: