CVE-2025-62288
BaseFortify
Publication date: 2025-10-21
Last updated on: 2025-10-24
Assigner: Oracle
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| oracle | health_sciences_data_management_workbench | 3.4.0.1.3 |
| oracle | health_sciences_data_management_workbench | 3.4.1.0.10 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-267 | A particular privilege, role, capability, or right can be used to perform unsafe actions that were not intended, even when it is assigned to the correct entity. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the Oracle Health Sciences Data Management Workbench product, specifically in the Logger component. It affects versions 3.4.0.1.3 and 3.4.1.0.10. The flaw allows a highly privileged attacker with network access via HTTP to exploit the system easily, potentially compromising the Workbench. Successful exploitation can lead to unauthorized access to critical or all accessible data within the product.
How can this vulnerability impact me? :
If exploited, this vulnerability can allow an attacker with high privileges and network access to gain unauthorized access to critical data or even all data accessible through the Oracle Health Sciences Data Management Workbench. This could lead to data breaches or exposure of sensitive information.