Oracle REST Data Services General Vulnerability Allowing Unauthorized Data Access and Modification

Vulnerability

A vulnerability exists in Oracle REST Data Services version 24.2.0, allowing an unauthenticated attacker with network access via HTTP to compromise the application. This vulnerability requires human interaction from a third party and may have a broader impact on additional products. Exploitation of this vulnerability could lead to unauthorized read access to certain data and allow for unauthorized updates, inserts, or deletions of accessible data within Oracle REST Data Services.

Impact

Exploitation of this vulnerability could result in unauthorized access to read, update, insert, or delete data within Oracle REST Data Services.

Added: Jul 15, 2025, 11:09 PM

Updated: Jul 15, 2025, 11:09 PM

Vulnerability Rating

Custom Algorithm

spread

5.0

impact

1.3

exploitability

6.4

remediation

0.0

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.0

impact

1.3

exploitability

6.4

remediation

0.0

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Oracle REST Data Services General Vulnerability Allowing Unauthorized Data Access and Modification

Vulnerability

Impact

Affected Products

Oracle REST Data Services

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating