Cybersecurity Alerts

Actively Exploited Vulnerabilities

← Back to Cybersecurity Alerts

CVE-2020-14864

Oracle | Intelligence Enterprise EditionAdded 2022-01-18Remediation Deadline 2022-07-18

Oracle Business Intelligence Enterprise Edition Path Transversal

Path traversal vulnerability, where an attacker can target the preview FilePath parameter of the getPreviewImage function to get access to arbitrary system file.

Required Action

Apply updates per vendor instructions.

Weakness Classification

CWE-22

References