CVE-2025-53031
BaseFortify
Publication date: 2025-07-15
Last updated on: 2025-07-24
Assigner: Oracle
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| oracle | financial_services_analytical_applications_infrastructure | 8.0.7.8 |
| oracle | financial_services_analytical_applications_infrastructure | 8.0.8.5 |
| oracle | financial_services_analytical_applications_infrastructure | 8.0.8.6 |
| oracle | financial_services_analytical_applications_infrastructure | 8.1.1.4 |
| oracle | financial_services_analytical_applications_infrastructure | 8.1.2.5 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-497 | The product does not properly prevent sensitive system-level information from being accessed by unauthorized actors who do not have the same level of access to the underlying system as the product does. |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability impact me? :
The impact of this vulnerability is unauthorized disclosure of some data within the Oracle Financial Services Analytical Applications Infrastructure. An attacker could read sensitive information without authentication, potentially leading to data exposure.
Can you explain this vulnerability to me?
This vulnerability exists in the Oracle Financial Services Analytical Applications Infrastructure product. It allows an unauthenticated attacker with network access via HTTP to exploit the system easily and gain unauthorized read access to some of the data accessible within the application infrastructure.