VDB

CVE-2025-21532

CVE-2025-21532 PUBLISHED CVSS 7.800000190734863 HIGH

Vulnerability in the Oracle Analytics Desktop product of Oracle Analytics (component: Install). Supported versions that are affected are Prior to 8.1.0. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Analytics Desktop executes to compromise Oracle Analytics Desktop. Successful attacks of this vulnerability can result in takeover of Oracle Analytics Desktop. CVSS 3.1 Base Score 7.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).

EPSS 0.17% · 38.5th percentile

Risk Scores

CVSS 3.1
7.800000190734863
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
0.17%
38.5th percentile

Affected Products

VendorProductVersions
oracleanalytics_desktop0
Oracle CorporationOracle Analytics Desktop*

Exploit Intelligence

Timeline

  • Jan 21, 2025 CVE Published
  • Jan 21, 2025 PoC Published
  • Jan 21, 2025 CVE Updated
  • Jan 22, 2025 EPSS Score
  • Feb 6, 2025 EPSS Score
  • Feb 9, 2025 Coalition ESS Score
  • Feb 18, 2025 Coalition ESS Score
  • Feb 22, 2025 EPSS Score
  • Feb 25, 2025 PoC Published
  • Mar 9, 2025 EPSS Score
  • Mar 18, 2025 Coalition ESS Score
  • Mar 24, 2025 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›