Vulnerability in the Oracle Analytics Desktop product of Oracle Analytics (component: Install).  Supported versions that are affected are Prior to 8.1.0. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Analytics Desktop executes to compromise Oracle Analytics Desktop.  Successful attacks of this vulnerability can result in takeover of Oracle Analytics Desktop. CVSS 3.1 Base Score 7.8 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
                
            Metrics
Affected Vendors & Products
References
        | Link | Providers | 
|---|---|
| https://www.oracle.com/security-alerts/cpujan2025.html |     | 
History
                    Wed, 02 Jul 2025 17:00:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| CPEs | cpe:2.3:a:oracle:analytics_desktop:*:*:*:*:*:*:*:* | 
Tue, 18 Mar 2025 20:15:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| Weaknesses | CWE-276 | 
Tue, 18 Feb 2025 21:45:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| Weaknesses | CWE-863 | 
Wed, 22 Jan 2025 18:15:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| Weaknesses | CWE-863 | |
| Metrics | ssvc 
 | 
Tue, 21 Jan 2025 21:00:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| Description | Vulnerability in the Oracle Analytics Desktop product of Oracle Analytics (component: Install). Supported versions that are affected are Prior to 8.1.0. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Analytics Desktop executes to compromise Oracle Analytics Desktop. Successful attacks of this vulnerability can result in takeover of Oracle Analytics Desktop. CVSS 3.1 Base Score 7.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H). | |
| First Time appeared | Oracle Oracle analytics Desktop | |
| CPEs | cpe:2.3:a:oracle:analytics_desktop:prior_to_8.1.0:*:*:*:*:*:*:* | |
| Vendors & Products | Oracle Oracle analytics Desktop | |
| References |  | |
| Metrics | cvssV3_1 
 | 
 MITRE
                        MITRE
                    Status: PUBLISHED
Assigner: oracle
Published: 2025-01-21T20:53:09.111Z
Updated: 2025-03-18T19:36:23.849Z
Reserved: 2024-12-24T23:18:54.771Z
Link: CVE-2025-21532
 Vulnrichment
                        Vulnrichment
                    Updated: 2025-01-22T18:06:10.440Z
 NVD
                        NVD
                    Status : Analyzed
Published: 2025-01-21T21:15:19.107
Modified: 2025-07-02T16:33:48.573
Link: CVE-2025-21532
 Redhat
                        Redhat
                    No data.