CVE-2020-14864
Oracle Business Intelligence Enterprise Edition Path Transversal
CVSS
—
No CVSS
EPSS
97.2%
p100
KEV
YES
Jan 18, 2022
Exploit Today
80
0-100
Published: — · Last modified: —
97.2%EPSS · 30 days97.2%
2026-06-302026-07-16
Product
Oracle / Intelligence Enterprise Edition
Vulnerability
Oracle Business Intelligence Enterprise Edition Path Transversal
Added to KEV
Jan 18, 2022
Remediate by
Jul 18, 2022
Known ransomware use
No
Summary description
Path traversal vulnerability, where an attacker can target the preview FilePath parameter of the getPreviewImage function to get access to arbitrary system file.
Required action
Apply updates per vendor instructions.
Notes
https://nvd.nist.gov/vuln/detail/CVE-2020-14864
No related CVEs by CWE or product.