Oracle Application Express Strategic Planner Starter App Takeover Vulnerability

Vulnerability

A vulnerability allowing for the takeover of Oracle Application Express has been identified in the Strategic Planner Starter App component. This issue affects versions 24.2.4 and 24.2.5. The vulnerability is easily exploitable by a low-privileged attacker with network access via HTTP. However, successful exploitation requires human interaction from someone other than the attacker. While the vulnerability resides within Oracle Application Express, its successful exploitation could significantly impact additional products.

Impact

Exploitation of this vulnerability can lead to a complete takeover of Oracle Application Express.

Added: Jul 15, 2025, 10:32 PM

Updated: Jul 15, 2025, 10:32 PM

Vulnerability Rating

Custom Algorithm

spread

6.2

impact

7.5

exploitability

5.0

remediation

0.0

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.2

impact

7.5

exploitability

5.0

remediation

0.0

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Oracle Application Express Strategic Planner Starter App Takeover Vulnerability

Vulnerability

Impact

Affected Products

Oracle Application Express

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating