Oracle Database Server Unified Audit Component Vulnerability Allowing Unauthorized Data Modification

Vulnerability

A vulnerability has been identified in the Unified Audit component of Oracle Database Server, specifically in versions 23.4 through 23.9. This easily exploitable issue allows a high-privileged attacker with DBA rights and network access via Oracle Net to compromise Unified Audit. Successful exploitation could lead to unauthorized updates, inserts, or deletions of certain Unified Audit data.

Impact

Exploitation of this vulnerability could result in unauthorized modifications to Unified Audit data.

Added: Oct 21, 2025, 9:24 PM

Updated: Oct 21, 2025, 9:24 PM

Vulnerability Rating

Custom Algorithm

spread

7.3

impact

0.6

exploitability

4.8

remediation

0.0

relevance

0.7

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.3

impact

0.6

exploitability

4.8

remediation

0.0

relevance

0.7

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Oracle Database Server Unified Audit Component Vulnerability Allowing Unauthorized Data Modification

Vulnerability

Impact

Affected Products

Oracle Database Server

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating