How severe is CVE-2024-21257?

This vulnerability has a severity rating of LOW with a CVSS score of 3 out of 10.

What type of vulnerability is CVE-2024-21257?

This is classified as NVD-CWE-Other, which is a common weakness in software security.

CVE-2024-21257 - LOW Severity | CVSS 3

Vulnerability Description

Vulnerability in the Oracle Hyperion BI+ product of Oracle Hyperion (component: UI and Visualization). The supported version that is affected is 11.2.18.0.000. Easily exploitable vulnerability allows low privileged attacker with access to the physical communication segment attached to the hardware where the Oracle Hyperion BI+ executes to compromise Oracle Hyperion BI+. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Hyperion BI+ accessible data. CVSS 3.1 Base Score 3.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N).

Related Vulnerabilities

CVE-2016-3490

LOW

CVSS:3.0(Low)

Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 6.3.0, 6.3.1, 6.3.2, 6.3.3, 6.3.4, 6.3.5, 6.3.6, 6.3.7, 6.4.0, and 6.4.1 allows remote...

NVD-CWE-Other2016

CVE-2020-14818

LOW

CVSS:3.0(Low)

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Utility). The supported version that is affected is 11. Difficult to exploit vulnerability allows low privileged attacker with...

NVD-CWE-Other2020

CVE-2022-22460

LOW

CVSS:3.0(Low)

IBM Security Verify Identity Manager 10.0 contains sensitive information in the source code repository that could be used in further attacks against the system. IBM X-Force ID: 225013.

NVD-CWE-Other2022

CVE-2024-20910

LOW

CVSS:3.0(Low)

Vulnerability in Oracle Audit Vault and Database Firewall (component: Firewall). Supported versions that are affected are 20.1-20.9. Difficult to exploit vulnerability allows high privileged attacker ...

NVD-CWE-Other2024

CVE-2025-31363

LOW

CVSS:3.0(Low)

Mattermost versions 10.4.x <= 10.4.2, 10.5.x <= 10.5.0, 9.11.x <= 9.11.9 fail to restrict domains the LLM can request to contact upstream which allows an authenticated user to exfiltrate data from an ...

NVD-CWE-Other2025

CVE-2016-3426

LOW

CVSS:3.1(Low)

Unspecified vulnerability in Oracle Java SE 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality via vectors related to JCE.

NVD-CWE-Other2016