CVE-2019-2616

Oracle BI Publisher, formerly XML Publisher, contains an unspecified vulnerability that allows for various unauthorized actions. Open-source reporting attributes this vulnerability to allowing for authentication bypass. Vendor/Product: Oracle BI Publisher (Formerly XML Publisher). Added to CISA KEV 2022-03-25; required action: Apply updates per vendor instructions.