CVE-2025-30750

CWE-863Incorrect Authorization4 documents4 sources
Severity
2.4LOW
EPSS
0.0%
top 85.89%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Oracle Corporation Oracle Database ServerOracle Database Server
Timeline
PublishedJul 15

Description

Vulnerability in the Unified Audit component of Oracle Database Server. Supported versions that are affected are 19.3-19.27, 21.3-21.18 and 23.4-23.8. Easily exploitable vulnerability allows high privileged attacker having Create User privilege with network access via Oracle Net to compromise Unified Audit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:NExploitability: 0.9 | Impact: 1.4

Affected Packages2 packages

NVDoracle/database_server19.319.27+2
CVEListV5oracle_corporation/oracle_database_server19.319.27+2

Patches

Patch: www.oracle.com

🔴Vulnerability Details

2
CVEList
CVE-2025-30750: Vulnerability in the Unified Audit component of Oracle Database Server2025-07-15
GHSA
GHSA-5x29-9rqx-55m2: Vulnerability in the Unified Audit component of Oracle Database Server2025-07-15

📋Vendor Advisories

1
Oracle
Oracle Oracle Database Server Risk Matrix: Unified Audit — CVE-2025-307502025-07-15
CVE-2025-30750 (LOW CVSS 2.4) | Vulnerability in the Unified Audit | cvebase.io