VDB
CVE-2025-50074
CVE-2025-50074
PUBLISHED
CVSS 4.900000095367432 MEDIUM
Vulnerability in the Oracle Financial Services Revenue Management and Billing product of Oracle Financial Services Applications (component: Security Management System). Supported versions that are affected are 2.9.0.0.0-7.2.0.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Financial Services Revenue Management and Billing. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Financial Services Revenue Management and Billing accessible data. CVSS 3.1 Base Score 4.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N).
EPSS 0.05% · 15.6th percentile
Risk Scores
CVSS 3.1
4.900000095367432
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
EPSS Score
0.05%
15.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| oracle | financial_services_revenue_management_and_billing | 2.9.0.0.0, 2.9.0.0.0 |
| Oracle Corporation | Oracle Financial Services Revenue Management and Billing | 2.9.0.0.0 |
Exploit Intelligence
- Oracle Advisory (circl)
Timeline
- Oct 21, 2025 Coalition ESS Score
- Oct 21, 2025 CVE Published
- Oct 22, 2025 EPSS Score
- Oct 22, 2025 CVE Updated
- Oct 28, 2025 EPSS Score
- Nov 3, 2025 EPSS Score
- Nov 9, 2025 EPSS Score
- Nov 10, 2025 Coalition ESS Score
- Nov 14, 2025 EPSS Score
- Nov 20, 2025 EPSS Score
- Nov 26, 2025 EPSS Score
- Nov 27, 2025 Coalition ESS Score
References
- Oracle Advisory vendor-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2025-50074 advisory