{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-01T20:33:34.093","vulnerabilities":[{"cve":{"id":"CVE-2021-35654","sourceIdentifier":"secalert_us@oracle.com","published":"2021-10-20T11:17:20.023","lastModified":"2024-11-21T06:12:44.997","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Essbase Administration Services product of Oracle Essbase (component: EAS Console). The supported versions that are affected are Prior to 11.1.2.4.046 and Prior to 21.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Essbase Administration Services. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Essbase Administration Services. CVSS 3.1 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)."},{"lang":"es","value":"Vulnerabilidad en el producto Essbase Administration Services de Oracle Essbase (componente: EAS Console). Las versiones soportadas que están afectadas son las anteriores a la 11.1.2.4.046 y la 21.3. La vulnerabilidad, fácilmente explotable, permite a un atacante no autentificado con acceso a la red a través de HTTP comprometer los Servicios de Administración de Essbase. Los ataques exitosos de esta vulnerabilidad pueden dar como resultado la capacidad no autorizada de causar un cuelgue o una caída frecuentemente repetida (DOS completo) de los Servicios de Administración de Essbase. Puntuación de base CVSS 3.1 7,5 (impactos en la disponibilidad). Vector CVSS: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)"}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:P","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:essbase_administration_services:*:*:*:*:*:*:*:*","versionEndExcluding":"11.1.2.4.046","matchCriteriaId":"5238067B-CF0C-4785-B765-DFE6AD0F817F"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:essbase_administration_services:*:*:*:*:*:*:*:*","versionStartIncluding":"21.0","versionEndExcluding":"21.3","matchCriteriaId":"7707FA40-3592-4BB7-9D6E-4DCF6F84729A"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cpuoct2021.html","source":"secalert_us@oracle.com","tags":["Patch","Vendor Advisory"]},{"url":"https://www.oracle.com/security-alerts/cpuoct2021.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}}]}