PT-2025-29621 · Oracle · Oracle Database 21.18+8
Emad Al-Mousa
·
Published
2025-07-15
·
Updated
2025-07-24
·
CVE-2025-50066
CVSS v2.0
4.0
Medium
| Vector | AV:N/AC:L/Au:S/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
Oracle Database versions 19.3 through 19.27
Oracle Database versions 21.3 through 21.18
Oracle Database versions 23.4 through 23.8
Description
This issue affects the Oracle Database Materialized View component. A highly privileged attacker with Execute on DBMS REDEFINITION privilege and network access via Oracle Net can compromise Oracle Database Materialized View. Successful exploitation may lead to unauthorized modification, insertion, or deletion of data within accessible Materialized Views.
Recommendations
Oracle Database versions 19.3 through 19.27: At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Oracle Database versions 21.3 through 21.18: At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Oracle Database versions 23.4 through 23.8: At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Improper Privilege Management
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Dbms Redefinition
Oracle Database
Oracle Database 19.27
Oracle Database 19.3
Oracle Database 21.18
Oracle Database 21.3
Oracle Database 23.4
Oracle Database 23.8
Oracle Net