Oracle Endeca Information Discovery Studio CVE-2015-2603 Authentication Bypass Vulnerability

Oracle Endeca Information Discovery Studio is prone to an authentication-bypass vulnerability.

The vulnerability can be exploited over the 'HTTP' protocol. The 'Integrator' sub component is affected.

An attacker can exploit this issue to bypass the authentication mechanism and perform unauthorized actions. This may aid in further attacks.

Note: This issue was previously titled 'Oracle Endeca Information Discovery Studio CVE-2015-2603 Remote Security Vulnerability'. The title has been changed to better reflect the underlying component affected.

This vulnerability affects the following supported versions:
2.2.2, 2.3, 2.4, 3.0, 3.1


 

Privacy Statement
Copyright 2010, SecurityFocus