Vulnerability in the Oracle Health Sciences Data Management Workbench product of Oracle Health Sciences Applications (component: Logger). Supported versions that are affected are 3.4.0.1.3 and 3.4.1.0.10. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Health Sciences Data Management Workbench. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Health Sciences Data Management Workbench accessible data. CVSS 3.1 Base Score 4.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N).
References
| Link | Resource |
|---|---|
| https://www.oracle.com/security-alerts/cpuoct2025.html | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
24 Oct 2025, 13:19
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
Oracle health Sciences Data Management Workbench
Oracle |
|
| CPE | cpe:2.3:a:oracle:health_sciences_data_management_workbench:3.4.0.1.3:*:*:*:*:*:*:* cpe:2.3:a:oracle:health_sciences_data_management_workbench:3.4.1.0.10:*:*:*:*:*:*:* |
|
| References | () https://www.oracle.com/security-alerts/cpuoct2025.html - Vendor Advisory |
21 Oct 2025, 21:15
| Type | Values Removed | Values Added |
|---|---|---|
| CWE | CWE-267 |
21 Oct 2025, 20:20
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2025-10-21 20:20
Updated : 2025-10-24 13:19
NVD link : CVE-2025-62288
Mitre link : CVE-2025-62288
CVE.ORG link : CVE-2025-62288
JSON object : View
Products Affected
oracle
- health_sciences_data_management_workbench
CWE
CWE-267
Privilege Defined With Unsafe Actions