{"id":59554,"date":"2025-07-22T04:31:10","date_gmt":"2025-07-22T04:31:10","guid":{"rendered":""},"modified":"2025-08-30T09:25:36","modified_gmt":"2025-08-30T15:25:36","slug":"cve-2025-50060-critical-data-access-vulnerability-in-oracle-bi-publisher","status":"publish","type":"post","link":"https:\/\/www.ameeba.com\/blog\/cve-2025-50060-critical-data-access-vulnerability-in-oracle-bi-publisher\/","title":{"rendered":"CVE-2025-50060: Critical Data Access Vulnerability in Oracle BI Publisher<\/strong>"},"content":{"rendered":"

Overview<\/strong><\/p>\n

A serious vulnerability has been identified in the Oracle BI Publisher product, affecting versions 7.6.0.0.0, 8.2.0.0.0, and 12.2.1.4.0. This vulnerability, identified as CVE-2025-50060, enables attackers with low-level privileges and network access via HTTP to compromise the entire Oracle BI Publisher software. This blog post will provide a deep dive into this vulnerability<\/a>, its potential impact, and the steps needed to mitigate its risk.
\nThe impact of this vulnerability can be severe, potentially leading to unauthorized<\/a> access, creation, deletion, or modification of critical data within the Oracle BI Publisher. This is particularly concerning for organizations using Oracle Analytics, as a successful exploit could compromise their entire system or result in substantial data leakage<\/a>.<\/p>\n

Vulnerability Summary<\/strong><\/p>\n

CVE ID: CVE-2025-50060
\nSeverity: High (8.1 CVSS Severity Score)
\nAttack Vector: Network
\nPrivileges Required: Low
\nUser Interaction: None
\nImpact: Unauthorized access, creation, deletion, or modification of critical data; potential system compromise or data<\/a> leakage.<\/p>\n

Affected Products<\/strong><\/p>

\r\n

\r\n \r\n \"Ameeba\r\n <\/a>\r\n A new way to communicate\r\n <\/h2>\r\n\r\n

\r\n Ameeba Chat is built on encrypted identity, not personal profiles.\r\n <\/p>\r\n\r\n

\r\n Message, call, share files, and coordinate with identities kept separate.\r\n <\/p>\r\n\r\n