VDB

CVE-2025-53049

CVE-2025-53049 PUBLISHED CVSS 8.399999618530273 HIGH

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics (component: Analytics Web Administration). Supported versions that are affected are 7.6.0.0.0 and 8.2.0.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Business Intelligence Enterprise Edition. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Business Intelligence Enterprise Edition, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle Business Intelligence Enterprise Edition. CVSS 3.1 Base Score 8.4 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H).

EPSS 0.08% · 23.7th percentile

Risk Scores

CVSS 3.1
8.399999618530273
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H
EPSS Score
0.08%
23.7th percentile

Affected Products

VendorProductVersions
oraclebusiness_intelligence7.6.0.0.0, 8.2.0.0.0
Oracle CorporationOracle Business Intelligence Enterprise Edition7.6.0.0.0, 8.2.0.0.0

Timeline

  • Oct 21, 2025 Coalition ESS Score
  • Oct 21, 2025 CVE Published
  • Oct 22, 2025 EPSS Score
  • Oct 28, 2025 EPSS Score
  • Nov 3, 2025 EPSS Score
  • Nov 9, 2025 EPSS Score
  • Nov 14, 2025 EPSS Score
  • Nov 17, 2025 Coalition ESS Score
  • Nov 20, 2025 EPSS Score
  • Nov 26, 2025 EPSS Score
  • Dec 2, 2025 EPSS Score
  • Dec 4, 2025 Coalition ESS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›