Oracle Database Server Vulnerability in RDBMS Functional Index Component
CVE-2025-53051

2.7LOW

Key Information:

Vendor: Oracle
Status: Oracle Database Server
Vendor: CVE Published:; 21 October 2025

What is CVE-2025-53051?

An exploitable flaw exists in the RDBMS Functional Index component of Oracle Database Server versions 23.4 to 23.9. This vulnerability allows an attacker with SYSDBA privilege and network access through Oracle Net to potentially compromise the RDBMS Functional Index. Successful exploitation can permit unauthorized read access to certain sensitive data within the RDBMS Functional Index, creating significant security risks. Administrators are strongly advised to review and update their systems in accordance with Oracle's security advisories.

Affected Version(s)

Oracle Database Server 23.4 <= 23.9

References

https://www.oracle.com/security-alerts/cpuoct2025.html

vendor-advisory

CVSS V3.1

Score:

2.7

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 21, 2025
Vulnerability Reserved
Jun 24, 2025

JSON