PT-2025-29603 · Oracle · Oracle Database Server+1

Published

2025-07-15

Updated

2025-07-16

CVE-2025-30751

CVSS v2.0

9.0

High

Vector

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Oracle Database versions 19.3 through 19.27 Oracle Database versions 23.4 through 23.8

Description This issue affects the Oracle Database component of Oracle Database Server. A low-privileged attacker with Create Session and Create Procedure privileges, having network access via Oracle Net, can compromise the Oracle Database. Successful exploitation can lead to a takeover of the Oracle Database.

Recommendations Update Oracle Database versions prior to 19.3 or after 19.27. Update Oracle Database versions prior to 23.4 or after 23.8.

Fix

Incorrect Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-863

Related Identifiers

BDU:2025-08640

CVE-2025-30751

Affected Products

Oracle Database

Oracle Database Server

PT-2025-29603 · Oracle · Oracle Database Server+1

CVE-2025-30751

Weakness Enumeration

Related Identifiers

Affected Products

References · 6