CVE-2025-21569
CVE-2025-21569
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 6.6EPSS 0.5%KEV nãoPoC —Nuclei —Metasploit —Patch referenciado
Lifecycle
21 Jan 2025Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Vulnerability in the Oracle Hyperion Data Relationship Management product of Oracle Hyperion (component: Web Services). The supported version that is affected is 11.2.19.0.000. Difficult to exploit vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Hyperion Data Relationship Management. Successful attacks of this vulnerability can result in takeover of Oracle Hyperion Data Relationship Management. CVSS 3.1 Base Score 6.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H).
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Affected products
Oracle Corporation · Oracle Hyperion Data Relationship ManagementWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →