CNNVD-202507-2068 Information

CNNVD ID

CNNVD-202507-2068

Related CVE

CVE-2025-30756

• CNNVD Published: 2025-07-15

Description (Chinese)

Oracle REST Data Services是美国甲骨文（Oracle）公司的一种用于将Oracle数据库功能通过RESTful API暴露给应用程序的中间件工具。 Oracle REST Data Services 24.2.0版本存在安全漏洞，该漏洞源于未经验证的攻击者可通过HTTP网络访问进行攻击，可能导致数据未授权访问和修改。

Description (English)

Oracle REST Data Services is an intermediate tool used by Oracle to expose the Oracle database function to applications via RESTful API. Oracle REST Data Services, version 24.2.0, contains a security loophole, which stems from uncertified attackers’ access to the HTTP network, which may lead to unauthorized data access and modification.

Hazard Level

High

Vulnerability Type

跨站请求伪造

Affected Vendor

OrangeHRM

Published

2025-07-15

Last Modified

2026-02-24

References

https://www.oracle.com/security-alerts/cpujul2025.html https://nvd.nist.gov/vuln/detail/CVE-2025-30756

Patch

https://www.oracle.com/security-alerts/cpujul2025.html