CVE-2025-53047

CWE-200Information ExposureCWE-6675 documents5 sources
Severity
5.8MEDIUM
EPSS
0.0%
top 89.92%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Oracle Corporation Oracle Database ServerOracle Database Server
Timeline
PublishedOct 21

Description

Vulnerability in the Portable Clusterware component of Oracle Database Server. Supported versions that are affected are 19.3-19.28, 21.3-21.19 and 23.4-23.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via Bonjour to compromise Portable Clusterware. While the vulnerability is in Portable Clusterware, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized read access to a sub

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages2 packages

NVDoracle/database_server19.319.28+2
CVEListV5oracle_corporation/oracle_database_server19.319.28+2

🔴Vulnerability Details

2
GHSA
GHSA-mv63-mx7f-3x7p: Vulnerability in the Portable Clusterware component of Oracle Database Server2025-10-21
CVEList
CVE-2025-53047: Vulnerability in the Portable Clusterware component of Oracle Database Server2025-10-21

📋Vendor Advisories

2
Oracle
Oracle Oracle Database Server Risk Matrix: Portable Clusterware — CVE-2025-530472025-10-15
Microsoft
mptcp: init: protect sched with rcu_read_lock2024-11-12
CVE-2025-53047 (MEDIUM CVSS 5.8) | Vulnerability in the Portable Clust | cvebase.io