Oracle Database Server Vulnerability in Unified Audit Component
CVE-2025-30750

2.4LOW

Key Information:

Vendor: Oracle
Status: Oracle Database Server
Vendor: CVE Published:; 15 July 2025

What is CVE-2025-30750?

A vulnerability exists in the Unified Audit component of Oracle Database Server, which could allow an attacker with elevated privileges, specifically the Create User privilege, to exploit the system through network access. This flaw can lead to unauthorized modifications to audit-related data. Successful exploitation requires human interaction from a third party, enhancing the complexity of the attack. It poses a risk to the integrity of data accessible through Unified Audit, emphasizing the need for prompt mitigation strategies.

Affected Version(s)

Oracle Database Server 19.3 <= 19.27

Oracle Database Server 21.3 <= 21.18

Oracle Database Server 23.4 <= 23.8

References

https://www.oracle.com/security-alerts/cpujul2025.html

vendor-advisory

CVSS V3.1

Score:

2.4

Severity:

LOW

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 15, 2025
Vulnerability Reserved
Mar 26, 2025