CVE-2025-50060 – Oracle BI Publisher Unauthenticated HTTP Web Server Remote Code Execution and Data Access Vulnerability

July 16, 2025

CVE ID : CVE-2025-50060

Published : July 15, 2025, 8:15 p.m. | 6 hours, 44 minutes ago

Description : Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Web Server). Supported versions that are affected are 7.6.0.0.0, 8.2.0.0.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle BI Publisher. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle BI Publisher accessible data as well as unauthorized access to critical data or complete access to all Oracle BI Publisher accessible data. CVSS 3.1 Base Score 8.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N).

Severity: 8.1 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-50062 – Oracle PeopleSoft Global Payroll Core HTTP Low Privilege Remote Unauthorized Access and Data Modification Vulnerability

Next Article CVE-2025-50059 – Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition Network Authentication Bypass

Why Non-Native Content Designers Improve Global UX

DevOps won’t scale without platform engineering and here’s why your teams are still stuck

This week in AI dev tools: Slack’s enterprise search, Claude Code’s analytics dashboard, and more (July 18, 2025)

Report: 71% of tech leaders won’t hire devs without AI skills

Could OpenAI’s rumored browser be a Chrome-killer? Here’s what I’m expecting

My favorite lens and screen-cleaning kit keeps my tech spotless, and it only costs $8

AI’s biggest impact on your workforce is still to come – 3 ways to avoid getting left behind

Remedy offers update on ‘FBC: Firebreak,’ details coming improvements — “We’ve seen many players come into the game and leave within the first hour.”

The details of TC39’s last meeting

The details of TC39’s last meeting

Online Examination System using PHP and MySQL

A tricky, educational quiz: it’s about time..

CAD Sketcher – constraint-based geometry sketcher

CAD Sketcher – constraint-based geometry sketcher

7 Best Free and Open Source Linux FTP Servers

Best Free and Open Source Alternatives to Autodesk FBX Review

CVE-2025-50060 – Oracle BI Publisher Unauthenticated HTTP Web Server Remote Code Execution and Data Access Vulnerability

Critical mcp-remote Vulnerability Enables Remote Code Execution, Impacting 437,000+ Downloads

CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprises

CVE-2025-6129 – TOTOLINK EX1200T HTTP POST Request Handler Buffer Overflow

CVE-2025-5436 – Multilaser Sirius RE016 Information Disclosure Remote Vulnerability

For OpenAI to win, Google must lose Chrome — making ChatGPT “a better product with a really incredible experience”

All known AMD Ryzen Z2 Series gaming handheld chips and how they are rumored to compare

I’ve enjoyed FBC: Firebreak in preview, and I’m looking forward to more sticky notes, leeches, and showers this summer

We are truly in the Hackathon Era – Namanh Kapur interview [Podcast #180]

How to watch Microsoft’s special 50th anniversary Copilot event

Google’s Jules AI coding agent built a new feature I could actually ship – while I made coffee

CVE-2025-50060 – Oracle BI Publisher Unauthenticated HTTP Web Server Remote Code Execution and Data Access Vulnerability

Related Posts