CVE-2025-50108

MEDIUM 5.4

CVSS Score

5.4

EPSS Score

0.0%

EPSS Percentile

0th

Vulnerability in the Oracle Hyperion Financial Reporting product of Oracle Hyperion (component: Workspace). The supported version that is affected is 11.2.20.0.000. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hyperion Financial Reporting. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Hyperion Financial Reporting, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Hyperion Financial Reporting accessible data as well as unauthorized read access to a subset of Oracle Hyperion Financial Reporting accessible data. CVSS 3.1 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N).

Vendor	oracle corporation
Product	oracle hyperion financial reporting
Published	Jul 15, 2025
Last Updated	Feb 26, 2026

Stay Ahead of the Next One

Get instant alerts for oracle corporation oracle hyperion financial reporting

Be the first to know when new medium vulnerabilities affecting oracle corporation oracle hyperion financial reporting are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

Required

Scope

Changed

Confidentiality

Low

Integrity

Low

Availability

None

Affected Versions

Oracle Corporation / Oracle Hyperion Financial Reporting

11.2.20.0.000

References

NVD ↗ CVE.org ↗ EPSS Data ↗

oracle.com: https://www.oracle.com/security-alerts/cpujul2025.html