CVE-2025-30759 in Business Intelligence Enterprise Edition
Summary
by MITRE • 07/15/2025
Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics (component: Platform Security). Supported versions that are affected are 7.6.0.0.0, 8.2.0.0.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Business Intelligence Enterprise Edition. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Business Intelligence Enterprise Edition, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Business Intelligence Enterprise Edition accessible data as well as unauthorized read access to a subset of Oracle Business Intelligence Enterprise Edition accessible data. CVSS 3.1 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).
If you want to get the best quality for vulnerability data then you always have to consider VulDB.
Analysis
by VulDB Data Team • 07/30/2025
The vulnerability identified as CVE-2025-30759 resides within Oracle Business Intelligence Enterprise Edition's Platform Security component, specifically affecting versions 7.6.0.0.0, 8.2.0.0.0, and 12.2.1.4.0. This security flaw represents a critical concern for organizations utilizing Oracle's analytics platform, as it operates as an easily exploitable vulnerability that does not require authentication for initial access. The vulnerability's attack vector is through HTTP network connections, making it accessible to any attacker with network connectivity to the target system, which significantly broadens the potential threat surface and aligns with the Common Weakness Enumeration category CWE-284 for improper access control.
The technical nature of this vulnerability allows for unauthorized modification of data within the affected Oracle Business Intelligence platform, specifically enabling unauthorized update, insert, or delete operations against certain accessible data sets. Additionally, the flaw permits unauthorized read access to a subset of data that the platform can access, creating a dual impact on both data integrity and confidentiality. The CVSS 3.1 base score of 6.1 indicates a medium severity threat, though the scope change aspect of this vulnerability means that successful exploitation could potentially impact additional products beyond the directly targeted Oracle Business Intelligence Enterprise Edition, making the overall impact more extensive than initially apparent.
The operational impact of this vulnerability extends beyond simple data compromise, as it represents a significant risk to the integrity of business intelligence systems that often contain sensitive organizational data, financial reports, and strategic analytics. The requirement for human interaction from someone other than the attacker suggests that this vulnerability might be exploited through social engineering or user interaction scenarios, potentially involving phishing attacks or other methods that trick users into initiating malicious actions. This characteristic places the vulnerability in the ATT&CK framework category of Initial Access through user interaction, making it particularly dangerous in environments where users may not be adequately trained in security awareness. Organizations relying on Oracle Business Intelligence for critical decision-making processes face substantial risk of data manipulation and unauthorized access to sensitive business intelligence.
Mitigation strategies for CVE-2025-30759 should prioritize immediate patching of affected systems, as this vulnerability affects multiple versions of the Oracle Business Intelligence platform and represents a significant security risk. Network segmentation and access controls should be implemented to limit exposure to only authorized users, while monitoring systems should be enhanced to detect unusual access patterns or attempts to exploit this vulnerability. Security teams should also implement network intrusion detection systems to monitor for HTTP traffic patterns that might indicate exploitation attempts. The vulnerability's classification as requiring human interaction suggests that comprehensive security awareness training for end users becomes critical, as this represents a potential attack vector that could be exploited through social engineering rather than purely technical means. Additionally, organizations should consider implementing additional authentication layers and access controls beyond the default configuration to reduce the attack surface and limit the potential impact of successful exploitation attempts.