Oracle Life Sciences InForm Web Server Unauthenticated Data Access and Modification Vulnerability

Vulnerability

A vulnerability has been identified in Oracle Life Sciences InForm version 7.0.1.0, within the Web Server component. This easily exploitable issue allows an unauthenticated attacker with network access via HTTP to compromise the application. Successful exploitation requires human interaction from a third party. While the vulnerability resides in Oracle Life Sciences InForm, its impact may extend to other products, leading to a scope change. Exploitation of this vulnerability could result in unauthorized access to, and modification of, certain accessible data within Oracle Life Sciences InForm.

Impact

Exploitation of this vulnerability could allow for unauthorized read, update, insert, or delete access to some data accessible through Oracle Life Sciences InForm.

Added: Oct 21, 2025, 9:03 PM

Updated: Oct 21, 2025, 10:13 PM

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

5.0

exploitability

6.0

remediation

0.0

relevance

0.8

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

5.0

exploitability

6.0

remediation

0.0

relevance

0.8

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Oracle Life Sciences InForm Web Server Unauthenticated Data Access and Modification Vulnerability

Vulnerability

Impact

Affected Products

Oracle Life Sciences InForm

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating