CVE-2025-50074 — Vulnetix

Try Vulnetix Request Demo

CVE-2025-50074 PUBLISHED CVSS 4.900000095367432 MEDIUM

Vulnerability in the Oracle Financial Services Revenue Management and Billing product of Oracle Financial Services Applications (component: Security Management System). Supported versions that are affected are 2.9.0.0.0-7.2.0.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Financial Services Revenue Management and Billing. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Financial Services Revenue Management and Billing accessible data. CVSS 3.1 Base Score 4.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N).

EPSS 0.04% · 11.4th percentile

Risk Scores

CVSS v3.1

4.900000095367432

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

EPSS Score

0.04%

11.4th percentile

Affected Products

Vendor	Product	Versions
oracle	financial_services_revenue_management_and_billing	2.9.0.0.0, 2.9.0.0.0
Oracle Corporation	Oracle Financial Services Revenue Management and Billing	2.9.0.0.0

Timeline

Oct 21, 2025 Coalition ESS Score
Oct 21, 2025 CVE Published
Oct 22, 2025 EPSS Score
Oct 22, 2025 CVE Updated
Oct 27, 2025 EPSS Score
Nov 2, 2025 EPSS Score
Nov 7, 2025 EPSS Score
Nov 10, 2025 Coalition ESS Score
Nov 12, 2025 EPSS Score
Nov 18, 2025 EPSS Score
Nov 23, 2025 EPSS Score
Nov 27, 2025 Coalition ESS Score

References

Oracle Advisory vendor-advisory
https://nvd.nist.gov/vuln/detail/CVE-2025-50074 advisory

Open in Interactive Console →