Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-21568

Vulnerability in the Oracle Hyperion Data Relationship Management product of Oracle Hyperion (component: Access and Security). The supported version that is affected is 11.2.19.0.000. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Hyperion Data Relationship Management. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hyperion Data Relationship Management accessible data. CVSS 3.1 Base Score 4.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N).

Published

2025-01-21T21:15:23.843

Last Modified

2025-06-23T18:01:43.933

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 4.5 (MEDIUM)

Weaknesses

Type: Secondary
CWE-863

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	oracle	hyperion_data_relationship_management	11.2.19.0.000	Yes

References

https://www.oracle.com/security-alerts/cpujan2025.html Vendor Advisory ([email protected])