Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2025-30733

Опубликовано: 15 апр. 2025
Источник: nvd
CVSS3: 6.5
EPSS Низкий

Описание

Vulnerability in the RDBMS Listener component of Oracle Database Server. Supported versions that are affected are 19.3-19.26, 21.3-21.17 and 23.4-23.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via Oracle Net to compromise RDBMS Listener. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all RDBMS Listener accessible data. CVSS 3.1 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N).

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:oracle:rdbms_listener:*:*:*:*:*:*:*:*
Версия от 19.3 (включая) до 19.26 (включая)
cpe:2.3:a:oracle:rdbms_listener:*:*:*:*:*:*:*:*
Версия от 21.3 (включая) до 21.17 (включая)
cpe:2.3:a:oracle:rdbms_listener:*:*:*:*:*:*:*:*
Версия от 23.4 (включая) до 23.7 (включая)

EPSS

Процентиль: 25%
0.00089
Низкий

6.5 Medium

CVSS3

Дефекты

CWE-287

Связанные уязвимости

github логотип

GHSA-gcm6-cm5p-jg47

CVSS3: 6.5
github
10 месяцев назад

Vulnerability in the RDBMS Listener component of Oracle Database Server. Supported versions that are affected are 19.3-19.26, 21.3-21.17 and 23.4-23.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via Oracle Net to compromise RDBMS Listener. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all RDBMS Listener accessible data. CVSS 3.1 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N).

EPSS

Процентиль: 25%
0.00089
Низкий

6.5 Medium

CVSS3

Дефекты

CWE-287