Vulnerability-Lookup

CVE-2025-53031 (GCVE-0-2025-53031)

Vulnerability from cvelistv5 – Published: 2025-07-15 19:27 – Updated: 2025-07-15 20:25

Summary

Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Platform). Supported versions that are affected are 8.0.7.8, 8.0.8.5, 8.0.8.6, 8.1.1.4 and 8.1.2.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Financial Services Analytical Applications Infrastructure. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Financial Services Analytical Applications Infrastructure accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).

Severity

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

SSVC

Exploitation: none Automatable: yes Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Financial Services Analytical Applications Infrastructure. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Financial Services Analytical Applications Infrastructure accessible data.
CWE-497 - Exposure of Sensitive System Information to an Unauthorized Control Sphere

Assigner

oracle

References

1 reference

URL	Tags
https://www.oracle.com/security-alerts/cpujul2025.html	vendor-advisory

Impacted products

1 product

Vendor	Product	Version
Oracle Corporation	Oracle Financial Services Analytical Applications Infrastructure	Affected: 8.0.7.8 (semver) Affected: 8.0.8.5 (semver) Affected: 8.0.8.6 (semver) Affected: 8.1.1.4 (semver) Affected: 8.1.2.5 (semver)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-53031",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-15T20:24:44.199916Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-497",
                "description": "CWE-497 Exposure of Sensitive System Information to an Unauthorized Control Sphere",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-15T20:25:41.193Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Oracle Financial Services Analytical Applications Infrastructure",
          "vendor": "Oracle Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "8.0.7.8",
              "versionType": "semver"
            },
            {
              "status": "affected",
              "version": "8.0.8.5",
              "versionType": "semver"
            },
            {
              "status": "affected",
              "version": "8.0.8.6",
              "versionType": "semver"
            },
            {
              "status": "affected",
              "version": "8.1.1.4",
              "versionType": "semver"
            },
            {
              "status": "affected",
              "version": "8.1.2.5",
              "versionType": "semver"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.8:*:*:*:*:*:*:*",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8.5:*:*:*:*:*:*:*",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8.6:*:*:*:*:*:*:*",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1.4:*:*:*:*:*:*:*",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.5:*:*:*:*:*:*:*",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en-US",
          "value": "Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Platform).  Supported versions that are affected are 8.0.7.8, 8.0.8.5, 8.0.8.6, 8.1.1.4 and  8.1.2.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Financial Services Analytical Applications Infrastructure.  Successful attacks of this vulnerability can result in  unauthorized read access to a subset of Oracle Financial Services Analytical Applications Infrastructure accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Financial Services Analytical Applications Infrastructure.  Successful attacks of this vulnerability can result in  unauthorized read access to a subset of Oracle Financial Services Analytical Applications Infrastructure accessible data.",
              "lang": "en-US"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-15T19:27:55.986Z",
        "orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
        "shortName": "oracle"
      },
      "references": [
        {
          "name": "Oracle Advisory",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.oracle.com/security-alerts/cpujul2025.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
    "assignerShortName": "oracle",
    "cveId": "CVE-2025-53031",
    "datePublished": "2025-07-15T19:27:55.986Z",
    "dateReserved": "2025-06-24T16:45:19.419Z",
    "dateUpdated": "2025-07-15T20:25:41.193Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2025-53031",
      "date": "2026-06-17",
      "epss": "0.00262",
      "percentile": "0.17305"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-53031\",\"sourceIdentifier\":\"secalert_us@oracle.com\",\"published\":\"2025-07-15T20:15:49.317\",\"lastModified\":\"2025-07-24T20:34:58.503\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Platform).  Supported versions that are affected are 8.0.7.8, 8.0.8.5, 8.0.8.6, 8.1.1.4 and  8.1.2.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Financial Services Analytical Applications Infrastructure.  Successful attacks of this vulnerability can result in  unauthorized read access to a subset of Oracle Financial Services Analytical Applications Infrastructure accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad en el producto Oracle Financial Services Analytical Applications Infrastructure de Oracle Financial Services Applications (componente: Plataforma). Las versiones compatibles afectadas son 8.0.7.8, 8.0.8.5, 8.0.8.6, 8.1.1.4 y 8.1.2.5. Esta vulnerabilidad, f\u00e1cilmente explotable, permite a un atacante no autenticado con acceso a la red a trav\u00e9s de HTTP comprometer Oracle Financial Services Analytical Applications Infrastructure. Los ataques con \u00e9xito de esta vulnerabilidad pueden resultar en acceso de lectura no autorizado a un subconjunto de datos accesibles de Oracle Financial Services Analytical Applications Infrastructure. Puntuaci\u00f3n base de CVSS 3.1: 5.3 (Afecta a la confidencialidad). Vector CVSS: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secalert_us@oracle.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4}]},\"weaknesses\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-497\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4628D619-56EE-49FB-842F-CC561898EBE9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D85C8E58-900A-4FA1-A527-ACD493388E1F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"66BB4677-4CE7-46FD-975E-B6837ECDF1D4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"714809AA-AE84-43CB-AD4F-4BFA6CC25CD2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D89566EB-244E-4302-BEEE-C3380AEF576D\"}]}]}],\"references\":[{\"url\":\"https://www.oracle.com/security-alerts/cpujul2025.html\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-53031\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-07-15T20:24:44.199916Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-497\", \"description\": \"CWE-497 Exposure of Sensitive System Information to an Unauthorized Control Sphere\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-07-15T20:25:33.181Z\"}}], \"cna\": {\"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"LOW\"}}], \"affected\": [{\"vendor\": \"Oracle Corporation\", \"product\": \"Oracle Financial Services Analytical Applications Infrastructure\", \"versions\": [{\"status\": \"affected\", \"version\": \"8.0.7.8\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"8.0.8.5\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"8.0.8.6\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"8.1.1.4\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"8.1.2.5\", \"versionType\": \"semver\"}]}], \"references\": [{\"url\": \"https://www.oracle.com/security-alerts/cpujul2025.html\", \"name\": \"Oracle Advisory\", \"tags\": [\"vendor-advisory\"]}], \"descriptions\": [{\"lang\": \"en-US\", \"value\": \"Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Platform).  Supported versions that are affected are 8.0.7.8, 8.0.8.5, 8.0.8.6, 8.1.1.4 and  8.1.2.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Financial Services Analytical Applications Infrastructure.  Successful attacks of this vulnerability can result in  unauthorized read access to a subset of Oracle Financial Services Analytical Applications Infrastructure accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en-US\", \"description\": \"Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Financial Services Analytical Applications Infrastructure.  Successful attacks of this vulnerability can result in  unauthorized read access to a subset of Oracle Financial Services Analytical Applications Infrastructure accessible data.\"}]}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.8:*:*:*:*:*:*:*\", \"vulnerable\": true}, {\"criteria\": \"cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8.5:*:*:*:*:*:*:*\", \"vulnerable\": true}, {\"criteria\": \"cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8.6:*:*:*:*:*:*:*\", \"vulnerable\": true}, {\"criteria\": \"cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1.4:*:*:*:*:*:*:*\", \"vulnerable\": true}, {\"criteria\": \"cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.5:*:*:*:*:*:*:*\", \"vulnerable\": true}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"43595867-4340-4103-b7a2-9a5208d29a85\", \"shortName\": \"oracle\", \"dateUpdated\": \"2025-07-15T19:27:55.986Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-53031\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-07-15T20:25:41.193Z\", \"dateReserved\": \"2025-06-24T16:45:19.419Z\", \"assignerOrgId\": \"43595867-4340-4103-b7a2-9a5208d29a85\", \"datePublished\": \"2025-07-15T19:27:55.986Z\", \"assignerShortName\": \"oracle\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

BDU:2025-09974

Vulnerability from fstec - Published: 15.07.2025

Title

Уязвимость платформы для аналитики и управления данными Oracle Financial Services Analytical Applications Infrastructure, связанная с раскрытием системных данных неавторизованной для контролируемой области, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации

Description

Уязвимость платформы для аналитики и управления данными Oracle Financial Services Analytical Applications Infrastructure связана с раскрытием системных данных неавторизованной для контролируемой области. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, получить несанкционированный доступ к защищаемой информации

Severity


                    
                      AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Vendor

Oracle Corp.

Software Name

Oracle Financial Services Analytical Applications Infrastructure

Software Version

8.0.7.8 (Oracle Financial Services Analytical Applications Infrastructure), 8.0.8.5 (Oracle Financial Services Analytical Applications Infrastructure), 8.0.8.6 (Oracle Financial Services Analytical Applications Infrastructure), 8.1.1.4 (Oracle Financial Services Analytical Applications Infrastructure), 8.1.2.5 (Oracle Financial Services Analytical Applications Infrastructure)

Possible Mitigations

Использование рекомендаций: https://www.oracle.com/security-alerts/cpujul2025.html

Reference

https://www.oracle.com/security-alerts/cpujul2025.html

CWE

CWE-497

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
  "CVSS 3.0": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Oracle Corp.",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "8.0.7.8 (Oracle Financial Services Analytical Applications Infrastructure), 8.0.8.5 (Oracle Financial Services Analytical Applications Infrastructure), 8.0.8.6 (Oracle Financial Services Analytical Applications Infrastructure), 8.1.1.4 (Oracle Financial Services Analytical Applications Infrastructure), 8.1.2.5 (Oracle Financial Services Analytical Applications Infrastructure)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\nhttps://www.oracle.com/security-alerts/cpujul2025.html",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "15.07.2025",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "18.08.2025",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "18.08.2025",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2025-09974",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2025-53031",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Oracle Financial Services Analytical Applications Infrastructure",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": null,
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b \u0434\u043b\u044f \u0430\u043d\u0430\u043b\u0438\u0442\u0438\u043a\u0438 \u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u0430\u043d\u043d\u044b\u043c\u0438 Oracle Financial Services Analytical Applications Infrastructure, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0435\u043c \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u0434\u043b\u044f \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0438\u0440\u0443\u0435\u043c\u043e\u0439 \u043e\u0431\u043b\u0430\u0441\u0442\u0438, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0420\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u0434\u043b\u044f \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0438\u0440\u0443\u0435\u043c\u043e\u0439 \u043e\u0431\u043b\u0430\u0441\u0442\u0438 (CWE-497)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b \u0434\u043b\u044f \u0430\u043d\u0430\u043b\u0438\u0442\u0438\u043a\u0438 \u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u0430\u043d\u043d\u044b\u043c\u0438 Oracle Financial Services Analytical Applications Infrastructure \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0435\u043c \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u0434\u043b\u044f \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0438\u0440\u0443\u0435\u043c\u043e\u0439 \u043e\u0431\u043b\u0430\u0441\u0442\u0438. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u0435 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://www.oracle.com/security-alerts/cpujul2025.html",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-497",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.1 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5,3)"
}

FKIE_CVE-2025-53031

Vulnerability from fkie_nvd - Published: 2025-07-15 20:15 - Updated: 2025-07-24 20:34

Severity

5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Summary

References

	URL	Tags
	secalert_us@oracle.com	https://www.oracle.com/security-alerts/cpujul2025.html	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
oracle	financial_services_analytical_applications_infrastructure	8.0.7.8
oracle	financial_services_analytical_applications_infrastructure	8.0.8.5
oracle	financial_services_analytical_applications_infrastructure	8.0.8.6
oracle	financial_services_analytical_applications_infrastructure	8.1.1.4
oracle	financial_services_analytical_applications_infrastructure	8.1.2.5

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "4628D619-56EE-49FB-842F-CC561898EBE9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D85C8E58-900A-4FA1-A527-ACD493388E1F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "66BB4677-4CE7-46FD-975E-B6837ECDF1D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "714809AA-AE84-43CB-AD4F-4BFA6CC25CD2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D89566EB-244E-4302-BEEE-C3380AEF576D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Platform).  Supported versions that are affected are 8.0.7.8, 8.0.8.5, 8.0.8.6, 8.1.1.4 and  8.1.2.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Financial Services Analytical Applications Infrastructure.  Successful attacks of this vulnerability can result in  unauthorized read access to a subset of Oracle Financial Services Analytical Applications Infrastructure accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad en el producto Oracle Financial Services Analytical Applications Infrastructure de Oracle Financial Services Applications (componente: Plataforma). Las versiones compatibles afectadas son 8.0.7.8, 8.0.8.5, 8.0.8.6, 8.1.1.4 y 8.1.2.5. Esta vulnerabilidad, f\u00e1cilmente explotable, permite a un atacante no autenticado con acceso a la red a trav\u00e9s de HTTP comprometer Oracle Financial Services Analytical Applications Infrastructure. Los ataques con \u00e9xito de esta vulnerabilidad pueden resultar en acceso de lectura no autorizado a un subconjunto de datos accesibles de Oracle Financial Services Analytical Applications Infrastructure. Puntuaci\u00f3n base de CVSS 3.1: 5.3 (Afecta a la confidencialidad). Vector CVSS: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)."
    }
  ],
  "id": "CVE-2025-53031",
  "lastModified": "2025-07-24T20:34:58.503",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "secalert_us@oracle.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-07-15T20:15:49.317",
  "references": [
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpujul2025.html"
    }
  ],
  "sourceIdentifier": "secalert_us@oracle.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-497"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

GHSA-73PC-MCJP-MVX4

Vulnerability from github – Published: 2025-07-15 21:31 – Updated: 2025-07-15 21:31

Details

Severity

5.3 (Medium)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2025-53031"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-497"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-07-15T20:15:49Z",
    "severity": "MODERATE"
  },
  "details": "Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Platform).  Supported versions that are affected are 8.0.7.8, 8.0.8.5, 8.0.8.6, 8.1.1.4 and  8.1.2.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Financial Services Analytical Applications Infrastructure.  Successful attacks of this vulnerability can result in  unauthorized read access to a subset of Oracle Financial Services Analytical Applications Infrastructure accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).",
  "id": "GHSA-73pc-mcjp-mvx4",
  "modified": "2025-07-15T21:31:44Z",
  "published": "2025-07-15T21:31:44Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-53031"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/security-alerts/cpujul2025.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

WID-SEC-W-2025-1555

Vulnerability from csaf_certbund - Published: 2025-07-15 22:00 - Updated: 2025-07-15 22:00

Summary

Oracle Financial Services Applications: Mehrere Schwachstellen

Severity

Hoch

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: Oracle Financial Services ist eine Zusammenstellung von Anwendungen für den Finanzsektor und eine Technologiebasis zur Erfüllung von IT- und Geschäftsanforderungen.

Angriff: Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Financial Services Applications ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.

Betroffene Betriebssysteme: - Linux - UNIX - Windows

CVE-2024-38356

Affected products

Known affected 10 products

Product	Identifier	Version
Oracle Financial Services Applications 8.0.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8`	8.0.8
Oracle Financial Services Applications 8.0.8.1 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.1`	8.0.8.1
Oracle Financial Services Applications 8.1.2.5 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.5`	8.1.2.5
Oracle Financial Services Applications 8.1.2.7 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.7`	8.1.2.7
Oracle Financial Services Applications 8.1.2.9 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.9`	8.1.2.9
Oracle Financial Services Applications 8.1.2.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.8`	8.1.2.8
Oracle Financial Services Applications 8.0.8.5 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.5`	8.0.8.5
Oracle Financial Services Applications 8.0.8.6 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.6`	8.0.8.6
Oracle Financial Services Applications 8.0.7.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.7.8`	8.0.7.8
Oracle Financial Services Applications 8.1.1.4 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.1.4`	8.1.1.4

Last affected 1 product

Product	Identifier	Version	Remediation
Oracle Financial Services Applications <=14.7.0.0.0 Oracle / Financial Services Applications		<=14.7.0.0.0

CVE-2024-56128

Affected products

Known affected 10 products

Product	Identifier	Version
Oracle Financial Services Applications 8.0.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8`	8.0.8
Oracle Financial Services Applications 8.0.8.1 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.1`	8.0.8.1
Oracle Financial Services Applications 8.1.2.5 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.5`	8.1.2.5
Oracle Financial Services Applications 8.1.2.7 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.7`	8.1.2.7
Oracle Financial Services Applications 8.1.2.9 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.9`	8.1.2.9
Oracle Financial Services Applications 8.1.2.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.8`	8.1.2.8
Oracle Financial Services Applications 8.0.8.5 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.5`	8.0.8.5
Oracle Financial Services Applications 8.0.8.6 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.6`	8.0.8.6
Oracle Financial Services Applications 8.0.7.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.7.8`	8.0.7.8
Oracle Financial Services Applications 8.1.1.4 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.1.4`	8.1.1.4

Last affected 1 product

Product	Identifier	Version	Remediation
Oracle Financial Services Applications <=14.7.0.0.0 Oracle / Financial Services Applications		<=14.7.0.0.0

CVE-2024-57699

Affected products

Known affected 10 products

Product	Identifier	Version
Oracle Financial Services Applications 8.0.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8`	8.0.8
Oracle Financial Services Applications 8.0.8.1 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.1`	8.0.8.1
Oracle Financial Services Applications 8.1.2.5 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.5`	8.1.2.5
Oracle Financial Services Applications 8.1.2.7 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.7`	8.1.2.7
Oracle Financial Services Applications 8.1.2.9 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.9`	8.1.2.9
Oracle Financial Services Applications 8.1.2.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.8`	8.1.2.8
Oracle Financial Services Applications 8.0.8.5 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.5`	8.0.8.5
Oracle Financial Services Applications 8.0.8.6 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.6`	8.0.8.6
Oracle Financial Services Applications 8.0.7.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.7.8`	8.0.7.8
Oracle Financial Services Applications 8.1.1.4 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.1.4`	8.1.1.4

Last affected 1 product

Product	Identifier	Version	Remediation
Oracle Financial Services Applications <=14.7.0.0.0 Oracle / Financial Services Applications		<=14.7.0.0.0

CVE-2024-7254

Affected products

Known affected 10 products

Product	Identifier	Version
Oracle Financial Services Applications 8.0.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8`	8.0.8
Oracle Financial Services Applications 8.0.8.1 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.1`	8.0.8.1
Oracle Financial Services Applications 8.1.2.5 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.5`	8.1.2.5
Oracle Financial Services Applications 8.1.2.7 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.7`	8.1.2.7
Oracle Financial Services Applications 8.1.2.9 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.9`	8.1.2.9
Oracle Financial Services Applications 8.1.2.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.8`	8.1.2.8
Oracle Financial Services Applications 8.0.8.5 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.5`	8.0.8.5
Oracle Financial Services Applications 8.0.8.6 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.6`	8.0.8.6
Oracle Financial Services Applications 8.0.7.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.7.8`	8.0.7.8
Oracle Financial Services Applications 8.1.1.4 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.1.4`	8.1.1.4

Last affected 1 product

Product	Identifier	Version	Remediation
Oracle Financial Services Applications <=14.7.0.0.0 Oracle / Financial Services Applications		<=14.7.0.0.0

CVE-2024-8176

Affected products

Known affected 10 products

Product	Identifier	Version
Oracle Financial Services Applications 8.0.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8`	8.0.8
Oracle Financial Services Applications 8.0.8.1 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.1`	8.0.8.1
Oracle Financial Services Applications 8.1.2.5 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.5`	8.1.2.5
Oracle Financial Services Applications 8.1.2.7 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.7`	8.1.2.7
Oracle Financial Services Applications 8.1.2.9 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.9`	8.1.2.9
Oracle Financial Services Applications 8.1.2.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.8`	8.1.2.8
Oracle Financial Services Applications 8.0.8.5 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.5`	8.0.8.5
Oracle Financial Services Applications 8.0.8.6 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.6`	8.0.8.6
Oracle Financial Services Applications 8.0.7.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.7.8`	8.0.7.8
Oracle Financial Services Applications 8.1.1.4 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.1.4`	8.1.1.4

Last affected 1 product

Product	Identifier	Version	Remediation
Oracle Financial Services Applications <=14.7.0.0.0 Oracle / Financial Services Applications		<=14.7.0.0.0

CVE-2025-23184

Affected products

Known affected 10 products

Product	Identifier	Version
Oracle Financial Services Applications 8.0.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8`	8.0.8
Oracle Financial Services Applications 8.0.8.1 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.1`	8.0.8.1
Oracle Financial Services Applications 8.1.2.5 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.5`	8.1.2.5
Oracle Financial Services Applications 8.1.2.7 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.7`	8.1.2.7
Oracle Financial Services Applications 8.1.2.9 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.9`	8.1.2.9
Oracle Financial Services Applications 8.1.2.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.8`	8.1.2.8
Oracle Financial Services Applications 8.0.8.5 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.5`	8.0.8.5
Oracle Financial Services Applications 8.0.8.6 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.6`	8.0.8.6
Oracle Financial Services Applications 8.0.7.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.7.8`	8.0.7.8
Oracle Financial Services Applications 8.1.1.4 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.1.4`	8.1.1.4

Last affected 1 product

Product	Identifier	Version	Remediation
Oracle Financial Services Applications <=14.7.0.0.0 Oracle / Financial Services Applications		<=14.7.0.0.0

CVE-2025-24970

Affected products

Known affected 10 products

Product	Identifier	Version
Oracle Financial Services Applications 8.0.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8`	8.0.8
Oracle Financial Services Applications 8.0.8.1 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.1`	8.0.8.1
Oracle Financial Services Applications 8.1.2.5 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.5`	8.1.2.5
Oracle Financial Services Applications 8.1.2.7 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.7`	8.1.2.7
Oracle Financial Services Applications 8.1.2.9 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.9`	8.1.2.9
Oracle Financial Services Applications 8.1.2.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.8`	8.1.2.8
Oracle Financial Services Applications 8.0.8.5 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.5`	8.0.8.5
Oracle Financial Services Applications 8.0.8.6 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.6`	8.0.8.6
Oracle Financial Services Applications 8.0.7.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.7.8`	8.0.7.8
Oracle Financial Services Applications 8.1.1.4 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.1.4`	8.1.1.4

Last affected 1 product

Product	Identifier	Version	Remediation
Oracle Financial Services Applications <=14.7.0.0.0 Oracle / Financial Services Applications		<=14.7.0.0.0

CVE-2025-27533

Affected products

Known affected 10 products

Product	Identifier	Version
Oracle Financial Services Applications 8.0.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8`	8.0.8
Oracle Financial Services Applications 8.0.8.1 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.1`	8.0.8.1
Oracle Financial Services Applications 8.1.2.5 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.5`	8.1.2.5
Oracle Financial Services Applications 8.1.2.7 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.7`	8.1.2.7
Oracle Financial Services Applications 8.1.2.9 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.9`	8.1.2.9
Oracle Financial Services Applications 8.1.2.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.8`	8.1.2.8
Oracle Financial Services Applications 8.0.8.5 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.5`	8.0.8.5
Oracle Financial Services Applications 8.0.8.6 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.6`	8.0.8.6
Oracle Financial Services Applications 8.0.7.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.7.8`	8.0.7.8
Oracle Financial Services Applications 8.1.1.4 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.1.4`	8.1.1.4

Last affected 1 product

Product	Identifier	Version	Remediation
Oracle Financial Services Applications <=14.7.0.0.0 Oracle / Financial Services Applications		<=14.7.0.0.0

CVE-2025-27636

Affected products

Known affected 10 products

Product	Identifier	Version
Oracle Financial Services Applications 8.0.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8`	8.0.8
Oracle Financial Services Applications 8.0.8.1 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.1`	8.0.8.1
Oracle Financial Services Applications 8.1.2.5 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.5`	8.1.2.5
Oracle Financial Services Applications 8.1.2.7 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.7`	8.1.2.7
Oracle Financial Services Applications 8.1.2.9 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.9`	8.1.2.9
Oracle Financial Services Applications 8.1.2.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.8`	8.1.2.8
Oracle Financial Services Applications 8.0.8.5 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.5`	8.0.8.5
Oracle Financial Services Applications 8.0.8.6 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.6`	8.0.8.6
Oracle Financial Services Applications 8.0.7.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.7.8`	8.0.7.8
Oracle Financial Services Applications 8.1.1.4 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.1.4`	8.1.1.4

Last affected 1 product

Product	Identifier	Version	Remediation
Oracle Financial Services Applications <=14.7.0.0.0 Oracle / Financial Services Applications		<=14.7.0.0.0

CVE-2025-27817

Affected products

Known affected 10 products

Product	Identifier	Version
Oracle Financial Services Applications 8.0.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8`	8.0.8
Oracle Financial Services Applications 8.0.8.1 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.1`	8.0.8.1
Oracle Financial Services Applications 8.1.2.5 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.5`	8.1.2.5
Oracle Financial Services Applications 8.1.2.7 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.7`	8.1.2.7
Oracle Financial Services Applications 8.1.2.9 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.9`	8.1.2.9
Oracle Financial Services Applications 8.1.2.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.8`	8.1.2.8
Oracle Financial Services Applications 8.0.8.5 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.5`	8.0.8.5
Oracle Financial Services Applications 8.0.8.6 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.6`	8.0.8.6
Oracle Financial Services Applications 8.0.7.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.7.8`	8.0.7.8
Oracle Financial Services Applications 8.1.1.4 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.1.4`	8.1.1.4

Last affected 1 product

Product	Identifier	Version	Remediation
Oracle Financial Services Applications <=14.7.0.0.0 Oracle / Financial Services Applications		<=14.7.0.0.0

CVE-2025-48734

Affected products

Known affected 10 products

Product	Identifier	Version
Oracle Financial Services Applications 8.0.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8`	8.0.8
Oracle Financial Services Applications 8.0.8.1 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.1`	8.0.8.1
Oracle Financial Services Applications 8.1.2.5 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.5`	8.1.2.5
Oracle Financial Services Applications 8.1.2.7 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.7`	8.1.2.7
Oracle Financial Services Applications 8.1.2.9 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.9`	8.1.2.9
Oracle Financial Services Applications 8.1.2.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.8`	8.1.2.8
Oracle Financial Services Applications 8.0.8.5 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.5`	8.0.8.5
Oracle Financial Services Applications 8.0.8.6 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.6`	8.0.8.6
Oracle Financial Services Applications 8.0.7.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.7.8`	8.0.7.8
Oracle Financial Services Applications 8.1.1.4 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.1.4`	8.1.1.4

Last affected 1 product

Product	Identifier	Version	Remediation
Oracle Financial Services Applications <=14.7.0.0.0 Oracle / Financial Services Applications		<=14.7.0.0.0

CVE-2025-53031

Affected products

Known affected 10 products

Product	Identifier	Version
Oracle Financial Services Applications 8.0.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8`	8.0.8
Oracle Financial Services Applications 8.0.8.1 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.1`	8.0.8.1
Oracle Financial Services Applications 8.1.2.5 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.5`	8.1.2.5
Oracle Financial Services Applications 8.1.2.7 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.7`	8.1.2.7
Oracle Financial Services Applications 8.1.2.9 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.9`	8.1.2.9
Oracle Financial Services Applications 8.1.2.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.8`	8.1.2.8
Oracle Financial Services Applications 8.0.8.5 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.5`	8.0.8.5
Oracle Financial Services Applications 8.0.8.6 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.6`	8.0.8.6
Oracle Financial Services Applications 8.0.7.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.7.8`	8.0.7.8
Oracle Financial Services Applications 8.1.1.4 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.1.4`	8.1.1.4

Last affected 1 product

Product	Identifier	Version	Remediation
Oracle Financial Services Applications <=14.7.0.0.0 Oracle / Financial Services Applications		<=14.7.0.0.0

References

3 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://www.oracle.com/security-alerts/cpujul2025…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Oracle Financial Services ist eine Zusammenstellung  von Anwendungen f\u00fcr den Finanzsektor und eine Technologiebasis zur Erf\u00fcllung von IT- und Gesch\u00e4ftsanforderungen.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Financial Services Applications ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux\n- UNIX\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2025-1555 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-1555.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2025-1555 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1555"
      },
      {
        "category": "external",
        "summary": "Oracle Critical Patch Update Advisory - July 2025 - Appendix Oracle Financial Services Applications vom 2025-07-15",
        "url": "https://www.oracle.com/security-alerts/cpujul2025.html#AppendixIFLX"
      }
    ],
    "source_lang": "en-US",
    "title": "Oracle Financial Services Applications: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2025-07-15T22:00:00.000+00:00",
      "generator": {
        "date": "2025-07-16T08:26:52.542+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.4.0"
        }
      },
      "id": "WID-SEC-W-2025-1555",
      "initial_release_date": "2025-07-15T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2025-07-15T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "8.0.8",
                "product": {
                  "name": "Oracle Financial Services Applications 8.0.8",
                  "product_id": "T021677",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:8.0.8"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.0.8.1",
                "product": {
                  "name": "Oracle Financial Services Applications 8.0.8.1",
                  "product_id": "T022844",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:8.0.8.1"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=14.7.0.0.0",
                "product": {
                  "name": "Oracle Financial Services Applications \u003c=14.7.0.0.0",
                  "product_id": "T028702"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=14.7.0.0.0",
                "product": {
                  "name": "Oracle Financial Services Applications \u003c=14.7.0.0.0",
                  "product_id": "T028702-fixed"
                }
              },
              {
                "category": "product_version",
                "name": "8.1.2.5",
                "product": {
                  "name": "Oracle Financial Services Applications 8.1.2.5",
                  "product_id": "T028706",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:8.1.2.5"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.1.2.7",
                "product": {
                  "name": "Oracle Financial Services Applications 8.1.2.7",
                  "product_id": "T036217",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:8.1.2.7"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.1.2.8",
                "product": {
                  "name": "Oracle Financial Services Applications 8.1.2.8",
                  "product_id": "T038392",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:8.1.2.8"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.0.7.8",
                "product": {
                  "name": "Oracle Financial Services Applications 8.0.7.8",
                  "product_id": "T040464",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:8.0.7.8"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.0.8.6",
                "product": {
                  "name": "Oracle Financial Services Applications 8.0.8.6",
                  "product_id": "T040465",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:8.0.8.6"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.1.1.4",
                "product": {
                  "name": "Oracle Financial Services Applications 8.1.1.4",
                  "product_id": "T042809",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:8.1.1.4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.1.2.9",
                "product": {
                  "name": "Oracle Financial Services Applications 8.1.2.9",
                  "product_id": "T042811",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:8.1.2.9"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.0.8.5",
                "product": {
                  "name": "Oracle Financial Services Applications 8.0.8.5",
                  "product_id": "T045382",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:8.0.8.5"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Financial Services Applications"
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-38356",
      "product_status": {
        "known_affected": [
          "T021677",
          "T022844",
          "T028706",
          "T036217",
          "T042811",
          "T038392",
          "T045382",
          "T040465",
          "T040464",
          "T042809"
        ],
        "last_affected": [
          "T028702"
        ]
      },
      "release_date": "2025-07-15T22:00:00.000+00:00",
      "title": "CVE-2024-38356"
    },
    {
      "cve": "CVE-2024-56128",
      "product_status": {
        "known_affected": [
          "T021677",
          "T022844",
          "T028706",
          "T036217",
          "T042811",
          "T038392",
          "T045382",
          "T040465",
          "T040464",
          "T042809"
        ],
        "last_affected": [
          "T028702"
        ]
      },
      "release_date": "2025-07-15T22:00:00.000+00:00",
      "title": "CVE-2024-56128"
    },
    {
      "cve": "CVE-2024-57699",
      "product_status": {
        "known_affected": [
          "T021677",
          "T022844",
          "T028706",
          "T036217",
          "T042811",
          "T038392",
          "T045382",
          "T040465",
          "T040464",
          "T042809"
        ],
        "last_affected": [
          "T028702"
        ]
      },
      "release_date": "2025-07-15T22:00:00.000+00:00",
      "title": "CVE-2024-57699"
    },
    {
      "cve": "CVE-2024-7254",
      "product_status": {
        "known_affected": [
          "T021677",
          "T022844",
          "T028706",
          "T036217",
          "T042811",
          "T038392",
          "T045382",
          "T040465",
          "T040464",
          "T042809"
        ],
        "last_affected": [
          "T028702"
        ]
      },
      "release_date": "2025-07-15T22:00:00.000+00:00",
      "title": "CVE-2024-7254"
    },
    {
      "cve": "CVE-2024-8176",
      "product_status": {
        "known_affected": [
          "T021677",
          "T022844",
          "T028706",
          "T036217",
          "T042811",
          "T038392",
          "T045382",
          "T040465",
          "T040464",
          "T042809"
        ],
        "last_affected": [
          "T028702"
        ]
      },
      "release_date": "2025-07-15T22:00:00.000+00:00",
      "title": "CVE-2024-8176"
    },
    {
      "cve": "CVE-2025-23184",
      "product_status": {
        "known_affected": [
          "T021677",
          "T022844",
          "T028706",
          "T036217",
          "T042811",
          "T038392",
          "T045382",
          "T040465",
          "T040464",
          "T042809"
        ],
        "last_affected": [
          "T028702"
        ]
      },
      "release_date": "2025-07-15T22:00:00.000+00:00",
      "title": "CVE-2025-23184"
    },
    {
      "cve": "CVE-2025-24970",
      "product_status": {
        "known_affected": [
          "T021677",
          "T022844",
          "T028706",
          "T036217",
          "T042811",
          "T038392",
          "T045382",
          "T040465",
          "T040464",
          "T042809"
        ],
        "last_affected": [
          "T028702"
        ]
      },
      "release_date": "2025-07-15T22:00:00.000+00:00",
      "title": "CVE-2025-24970"
    },
    {
      "cve": "CVE-2025-27533",
      "product_status": {
        "known_affected": [
          "T021677",
          "T022844",
          "T028706",
          "T036217",
          "T042811",
          "T038392",
          "T045382",
          "T040465",
          "T040464",
          "T042809"
        ],
        "last_affected": [
          "T028702"
        ]
      },
      "release_date": "2025-07-15T22:00:00.000+00:00",
      "title": "CVE-2025-27533"
    },
    {
      "cve": "CVE-2025-27636",
      "product_status": {
        "known_affected": [
          "T021677",
          "T022844",
          "T028706",
          "T036217",
          "T042811",
          "T038392",
          "T045382",
          "T040465",
          "T040464",
          "T042809"
        ],
        "last_affected": [
          "T028702"
        ]
      },
      "release_date": "2025-07-15T22:00:00.000+00:00",
      "title": "CVE-2025-27636"
    },
    {
      "cve": "CVE-2025-27817",
      "product_status": {
        "known_affected": [
          "T021677",
          "T022844",
          "T028706",
          "T036217",
          "T042811",
          "T038392",
          "T045382",
          "T040465",
          "T040464",
          "T042809"
        ],
        "last_affected": [
          "T028702"
        ]
      },
      "release_date": "2025-07-15T22:00:00.000+00:00",
      "title": "CVE-2025-27817"
    },
    {
      "cve": "CVE-2025-48734",
      "product_status": {
        "known_affected": [
          "T021677",
          "T022844",
          "T028706",
          "T036217",
          "T042811",
          "T038392",
          "T045382",
          "T040465",
          "T040464",
          "T042809"
        ],
        "last_affected": [
          "T028702"
        ]
      },
      "release_date": "2025-07-15T22:00:00.000+00:00",
      "title": "CVE-2025-48734"
    },
    {
      "cve": "CVE-2025-53031",
      "product_status": {
        "known_affected": [
          "T021677",
          "T022844",
          "T028706",
          "T036217",
          "T042811",
          "T038392",
          "T045382",
          "T040465",
          "T040464",
          "T042809"
        ],
        "last_affected": [
          "T028702"
        ]
      },
      "release_date": "2025-07-15T22:00:00.000+00:00",
      "title": "CVE-2025-53031"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2025-53031 (GCVE-0-2025-53031)

BDU:2025-09974

FKIE_CVE-2025-53031

GHSA-73PC-MCJP-MVX4

WID-SEC-W-2025-1555

Tags

Sightings

Nomenclature