PT-2025-42932 · Oracle · Oracle Financial Services Revenue Management/Billing

Published

2025-10-21

Updated

2025-10-21

CVE-2025-50075

CVSS v2.0

6.8

Medium

Vector

AV:N/AC:L/Au:S/C:C/I:N/A:N

Name of the Vulnerable Software and Affected Versions Oracle Financial Services Revenue Management and Billing versions 2.9.0.0.0 through 7.2.0.0.0

Description A security issue exists in the Oracle Financial Services Revenue Management and Billing product, specifically within the Security Management System component. A low-privileged attacker with network access via HTTP can exploit this issue. Successful exploitation may lead to unauthorized access to critical data or complete access to all accessible data within Oracle Financial Services Revenue Management and Billing.

Recommendations Update to a version later than 7.2.0.0.0.

Fix

Improper Access Control

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-284

Related Identifiers

BDU:2025-13379

CVE-2025-50075

Affected Products

Oracle Financial Services Revenue Management/Billing

PT-2025-42932 · Oracle · Oracle Financial Services Revenue Management/Billing

CVE-2025-50075

Weakness Enumeration

Related Identifiers

Affected Products

References · 5