Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-53035

Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Platform). Supported versions that are affected are 8.0.7.9, 8.0.8.7 and 8.1.2.5. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Financial Services Analytical Applications Infrastructure. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Financial Services Analytical Applications Infrastructure accessible data. CVSS 3.1 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).

Published

2025-10-21T20:20:40.650

Last Modified

2025-10-23T16:08:56.020

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 6.5 (MEDIUM)

Weaknesses

Type: Secondary
CWE-284

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	oracle	financial_services_analytical_applications_infrastructure	8.0.7.9.0	Yes
Application	oracle	financial_services_analytical_applications_infrastructure	8.0.8.7.0	Yes
Application	oracle	financial_services_analytical_applications_infrastructure	8.1.2.5.0	Yes

References

https://www.oracle.com/security-alerts/cpuoct2025.html Vendor Advisory ([email protected])