Unauthenticated Network Access Vulnerability in Oracle Financial Services Applications
CVE-2025-53034

5.4MEDIUM

Key Information:

Vendor: Oracle
Status: Oracle Financial Services Analytical Applications Infrastructure
Vendor: CVE Published:; 21 October 2025

What is CVE-2025-53034?

A vulnerability exists within the Oracle Financial Services Analytical Applications Infrastructure that could be exploited by an unauthenticated attacker with network access via HTTP. The attacker could gain unauthorized access to sensitive data and perform unauthorized operations without needing direct authentication. This security flaw requires user interaction to exploit but poses a serious risk by allowing attackers to potentially read, update, insert, or delete critical information stored in the application. Affected versions include 8.0.7.9, 8.0.8.7, and 8.1.2.5.

Affected Version(s)

Oracle Financial Services Analytical Applications Infrastructure 8.0.7.9

Oracle Financial Services Analytical Applications Infrastructure 8.0.8.7

Oracle Financial Services Analytical Applications Infrastructure 8.1.2.5

References

https://www.oracle.com/security-alerts/cpuoct2025.html

vendor-advisory

CVSS V3.1

Score:

5.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 21, 2025
Vulnerability Reserved
Jun 24, 2025

JSON