OSA-38040768
Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Security Framework (jackson-databind)). Supported versions that are affected are 13.5 and 24.1. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Enterprise Manager Base Platform executes to compromise Enterprise Manager Base Platform. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Enterprise Manager Base Platform accessible data. CVSS 3.1 Base Score 4.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).
Risk Scores
Timeline
- Oct 20, 2025 CVE Published