CVE-2025-21554

🗓️ 21 Jan 2025 20:53:17Reported by oracleType

CVE-2025-21554 is a documented security vulnerability needing attention.

Reporter	Title	Published	Views	Family All 11
BDU FSTEC	The vulnerability of the Security component of the Oracle Communications Order and Service Management system allows a perpetrator to disclose protected information.	11 Feb 202500:00	–	bdu_fstec
Circl	CVE-2025-21554	21 Jan 202521:01	–	circl
CNNVD	Oracle Communications Order and Service Management 安全漏洞	21 Jan 202500:00	–	cnnvd
Cvelist	CVE-2025-21554	21 Jan 202520:53	–	cvelist
EUVD	EUVD-2025-2543	3 Oct 202520:07	–	euvd
NCSC	Vulnerabilities fixed in Oracle Communications	22 Jan 202513:30	–	ncsc
NVD	CVE-2025-21554	21 Jan 202521:15	–	nvd
Oracle	Oracle Critical Patch Update Advisory - January 2025	21 Jan 202500:00	–	oracle
Positive Technologies	PT-2025-4276 · Oracle · Oracle Communications Order/Service Management	21 Jan 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-21554	23 May 202512:02	–	redhatcve

NVD

Vulners

Node

oracle communications_order_and_service_managementMatch7.4.0

oracle communications_order_and_service_managementMatch7.4.1

oracle communications_order_and_service_managementMatch7.5.0

[
  {
    "vendor": "Oracle Corporation",
    "product": "Oracle Communications Order and Service Management",
    "cpes": [
      "cpe:2.3:a:oracle:communications_order_and_service_management:7.4.0:*:*:*:*:*:*:*",
      "cpe:2.3:a:oracle:communications_order_and_service_management:7.4.1:*:*:*:*:*:*:*",
      "cpe:2.3:a:oracle:communications_order_and_service_management:7.5.0:*:*:*:*:*:*:*"
    ],
    "versions": [
      {
        "version": "7.4.0",
        "status": "affected"
      },
      {
        "version": "7.4.1",
        "status": "affected"
      },
      {
        "version": "7.5.0",
        "status": "affected"
      }
    ]
  }
]

Source	Link
oracle	www.oracle.com/security-alerts/cpujan2025.html

20 Jun 2025 16:58Current

4.2Medium risk

Vulners AI Score4.2

CVSS 3.15.3

EPSS0.00371

SSVC

CWE-863