Vulnerability in Oracle Smart View for Office by Oracle
CVE-2025-30737

5.7MEDIUM

Key Information:

Vendor: Oracle
Status: Oracle Smart View For Office
Vendor: CVE Published:; 15 April 2025

What is CVE-2025-30737?

A vulnerability exists in Oracle Smart View for Office, specifically impacting the 24.200 version of Oracle Hyperion's Core Smart View component. This flaw permits an attacker with high privileges and network access via HTTP to compromise the application. Exploitation of this vulnerability requires human interaction from a user other than the attacker, leading to severe risks. Successful attacks may enable unauthorized creation, deletion, or modification of critical data, granting attackers access to all data accessible through Oracle Smart View for Office. The potential consequences underscore the need for immediate attention to bolster security measures.

Affected Version(s)

Oracle Smart View for Office 24.200

References

https://www.oracle.com/security-alerts/cpuapr2025.html

vendor-advisory

CVSS V3.1

Score:

5.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

High

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 15, 2025
Vulnerability Reserved
Mar 25, 2025