← ExploitWatch
HomeExploited Vulnerabilities

CVE-2020-14864 — Actively Exploited: Intelligence Enterprise Edition (Oracle)

Path traversal vulnerability, where an attacker can target the preview FilePath parameter of the getPreviewImage function to get access to arbitrary system file.

CVE IDCVE-2020-14864
VendorOracle
ProductIntelligence Enterprise Edition
Vulnerability nameOracle Business Intelligence Enterprise Edition Path Transversal
Date added2022-01-18
Remediation due2022-07-18
Known ransomware useUnknown
Required actionApply updates per vendor instructions.
DescriptionPath traversal vulnerability, where an attacker can target the preview FilePath parameter of the getPreviewImage function to get access to arbitrary system file.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →