Oracle Zero Data Loss Recovery Appliance Software Security Vulnerability Allowing Unauthorized Read Access

Vulnerability

A vulnerability has been identified in the Oracle Zero Data Loss Recovery Appliance Software, specifically in the Security component. This issue affects versions 23.1.0 through 23.1.202509. The vulnerability is difficult to exploit and allows an unauthenticated attacker with network access via Oracle Net to compromise the software. Successful exploitation, which requires human interaction from a third party, can lead to unauthorized read access to a subset of data within the Oracle Zero Data Loss Recovery Appliance Software.

Impact

Exploitation of this vulnerability could result in unauthorized read access to certain data within the Oracle Zero Data Loss Recovery Appliance Software.

Added: Jan 20, 2026, 10:36 PM

Updated: Jan 20, 2026, 10:36 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

5.8

remediation

0.0

relevance

2.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

5.8

remediation

0.0

relevance

2.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Oracle Zero Data Loss Recovery Appliance Software Security Vulnerability Allowing Unauthorized Read Access

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating