CVE-2025-21570

CWE-863Incorrect Authorization4 documents4 sources
Severity
6.1MEDIUM
EPSS
0.3%
top 50.00%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Oracle Corporation Oracle Life Sciences Argus SafetyOracle Argus Safety
Timeline
PublishedJan 21

Description

Vulnerability in the Oracle Life Sciences Argus Safety product of Oracle Health Sciences Applications (component: Login). The supported version that is affected is 8.2.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Life Sciences Argus Safety. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Life Sciences Argus Safety, attacks may significantly impact a

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

Affected Packages2 packages

🔴Vulnerability Details

2
GHSA
GHSA-h52p-q8h5-pvqj: Vulnerability in the Oracle Life Sciences Argus Safety product of Oracle Health Sciences Applications (component: Login)2025-01-21
CVEList
CVE-2025-21570: Vulnerability in the Oracle Life Sciences Argus Safety product of Oracle Health Sciences Applications (component: Login)2025-01-21

📋Vendor Advisories

1
Oracle
Oracle Oracle Health Sciences Applications Risk Matrix: Login — CVE-2025-215702025-01-15
CVE-2025-21570 (MEDIUM CVSS 6.1) | Vulnerability in the Oracle Life Sc | cvebase.io