CVE-2025-50070

Name of the Vulnerable Software and Affected Versions Oracle Database Server versions 23.4 through 23.8

Description A vulnerability exists within the JDBC component of Oracle Database Server. This difficult-to-exploit issue allows a low-privileged attacker with authenticated OS user privileges to compromise JDBC. Successful exploitation requires human interaction from a person other than the attacker. While the vulnerability resides in JDBC, attacks may impact additional products. Successful attacks can lead to unauthorized access to critical data or complete access to all JDBC accessible data.

Recommendations Versions prior to 23.4 and after 23.8 are not affected. At the moment, there is no information about a newer version that contains a fix for this vulnerability.