CVE-2025-30751
BaseFortify
Publication date: 2025-07-15
Last updated on: 2025-07-29
Assigner: Oracle
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| oracle | database_server | From 19.3 (inc) to 19.27 (inc) |
| oracle | database_server | From 23.4 (inc) to 23.8 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-863 | The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the Oracle Database component of Oracle Database Server versions 19.3-19.27 and 23.4-23.8. It allows a low privileged attacker who has Create Session and Create Procedure privileges and network access via Oracle Net to exploit the vulnerability easily. Successful exploitation can lead to a complete takeover of the Oracle Database.
How can this vulnerability impact me? :
The impact of this vulnerability is severe, as it can result in the attacker gaining full control over the Oracle Database. This compromises confidentiality, integrity, and availability of the database, potentially leading to data breaches, unauthorized data modification, and denial of service.