VDB
CVE-2025-30723
CVE-2025-30723
PUBLISHED
CVSS 5.400000095367432 MEDIUM
Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: XML Services). Supported versions that are affected are 7.6.0.0.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle BI Publisher. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle BI Publisher accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle BI Publisher. CVSS 3.1 Base Score 5.4 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L).
EPSS 0.14% · 34.2th percentile
Risk Scores
CVSS 3.1
5.400000095367432
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
EPSS Score
0.14%
34.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| oracle | bi_publisher | 7.6.0.0.0, 12.2.1.4.0 |
| Oracle Corporation | Oracle BI Publisher | 12.2.1.4.0, 7.6.0.0.0 |
Exploit Intelligence
- Oracle Advisory (circl)
Timeline
- CVE Published
- Apr 16, 2025 EPSS Score
- Apr 28, 2025 EPSS Score
- May 11, 2025 EPSS Score
- May 12, 2025 Coalition ESS Score
- May 23, 2025 EPSS Score
- Jun 5, 2025 EPSS Score
- Jun 16, 2025 Coalition ESS Score
- Jun 17, 2025 EPSS Score
- Jun 29, 2025 EPSS Score
- Jul 12, 2025 EPSS Score
- Jul 24, 2025 EPSS Score
References
- Oracle Advisory vendor-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2025-30723 advisory