CVE-2019-2616
Oracle BI Publisher Unauthorized Access Vulnerability
CVSS
—
No CVSS
EPSS
92.2%
p100
KEV
YES
Mar 25, 2022
Exploit Today
80
0-100
Published: — · Last modified: —
92.2%EPSS · 30 days92.2%
2026-06-302026-07-16
Product
Oracle / BI Publisher (Formerly XML Publisher)
Vulnerability
Oracle BI Publisher Unauthorized Access Vulnerability
Added to KEV
Mar 25, 2022
Remediate by
Apr 15, 2022
Known ransomware use
No
Summary description
Oracle BI Publisher, formerly XML Publisher, contains an unspecified vulnerability that allows for various unauthorized actions. Open-source reporting attributes this vulnerability to allowing for authentication bypass.
Required action
Apply updates per vendor instructions.
Notes
https://nvd.nist.gov/vuln/detail/CVE-2019-2616
No related CVEs by CWE or product.