Security for everyone

CVE-2019-2767 Scanner

Detects 'XML External Entity (XXE)' vulnerability in Oracle Corporation BI Publisher (formerly XML Publisher) affects v., and


Short Info



Single Scan

Single Scan

Can be used by

Asset Owner

Estimated Time

15 sec

Scan only one

Domain, Ipv4



Oracle Corporation's BI Publisher (formerly XML Publisher) is a powerful tool used for creating and managing business intelligence documents, such as reports, invoices, and statements. It is commonly utilized by businesses and organizations around the world to manage and streamline their financial and operational processes. With the ability to integrate with various data sources and output formats, BI Publisher allows users to easily generate and distribute custom reports and documents according to their specific needs.

However, a recently discovered vulnerability, CVE-2019-2767, has been detected in BI Publisher that may compromise the security of sensitive business data. This vulnerability can be easily exploited by an unauthenticated attacker with network access via HTTP, allowing them to gain unauthorized access to BI Publisher's accessible data. The vulnerability affects versions,, and of BI Publisher.

If exploited, the CVE-2019-2767 vulnerability can lead to unauthorized update, insert, or delete access to BI Publisher's accessible data, as well as unauthorized read access to a subset of its data. This means that sensitive financial and operational information may be compromised, leading to severe consequences for businesses and organizations that rely on BI Publisher for their reporting needs. The CVSS 3.0 Base Score for this vulnerability is 7.2, with impacts on confidentiality and integrity.

Thanks to the pro features of the platform, businesses and organizations can easily stay informed of vulnerabilities in their digital assets. The platform provides comprehensive vulnerability scanning and threat intelligence services, allowing users to detect and mitigate security risks before they can cause serious harm. By taking advantage of this powerful tool, businesses and organizations can ensure the safety and security of their critical data.



cyber security services for everyone one. Free security tools, continuous vulnerability scanning and many more.
Try it yourself,
control security posture