Oracle Coherence (April 2025 CPU)

🗓️ 17 Apr 2025 00:00:00Reported by TenableType

Oracle Coherence has vulnerabilities allowing DOS attacks on specified versions, requires patching.

Reporter	Title	Published	Views	Family All 313
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities have been identified in IBM Db2 shipped with IBM WebSphere Remote Server	7 Aug 202515:41	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in IBM API Connect	15 Mar 202500:18	–	ibm
IBM Security Bulletins	Security Bulletin: IBM WebSphere Application Server Liberty, which is bundled with IBM Enterprise Application Runtimes, is vulnerable to a denial of service due to Netty (CVE-2025-25193)	26 Mar 202516:26	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities affect IBM Db2® on Cloud Pak for Data, and Db2 Warehouse on Cloud Pak for Data	12 Jun 202515:38	–	ibm
IBM Security Bulletins	Security Bulletin: There are multiple vulnerabilities in IBM DB2 bundled with IBM Application Performance Management products.	8 Aug 202509:58	–	ibm
IBM Security Bulletins	Security Bulletin: IBM SPSS Modeler is affected by vulnerabilities in Netty	16 Jun 202616:26	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM® Db2® affect IBM® Db2® Big SQL.	23 Jan 202611:02	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in Netty affects IBM watsonx Orchestrate with watsonx Assistant Cartridge	7 Aug 202500:27	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Datapower Operations Dashboard could cause a native crash CVE-2025-24970	26 Aug 202519:06	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities disclosed in Netty affect IBM SPSS Analytic Server	2 Apr 202515:53	–	ibm

Source	Link
oracle	www.oracle.com/docs/tech/security-alerts/cpuapr2025csaf.json
oracle	www.oracle.com/security-alerts/cpuapr2025.html
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(234552);
  script_version("1.3");
  script_set_attribute(attribute:"plugin_modification_date", value:"2025/07/14");

  script_cve_id("CVE-2025-24970", "CVE-2025-25193");
  script_xref(name:"IAVA", value:"2025-A-0268");

  script_name(english:"Oracle Coherence (April 2025 CPU)");

  script_set_attribute(attribute:"synopsis", value:
"The remote host is affected by a vulnerability");
  script_set_attribute(attribute:"description", value:
"The version of Coherence installed on the remote host is affected by a vulnerability as referenced in the April 2025
CPU advisory.

  - Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Third Party
    (Netty)). Supported versions that are affected are 12.2.1.4.0, 14.1.1.0.0 and 14.1.2.0.0. Easily
    exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise
    Oracle Coherence. Successful attacks of this vulnerability can result in unauthorized ability to cause
    a hang or frequently repeatable crash (complete DOS) of Oracle Coherence. (CVE-2025-24970, CVE-2025-25193)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://www.oracle.com/docs/tech/security-alerts/cpuapr2025csaf.json");
  script_set_attribute(attribute:"see_also", value:"https://www.oracle.com/security-alerts/cpuapr2025.html");
  script_set_attribute(attribute:"solution", value:
"Apply the appropriate patch according to the April 2025 Oracle Critical Patch Update advisory.");
  script_set_attribute(attribute:"agent", value:"all");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2025-24970");

  script_set_attribute(attribute:"vuln_publication_date", value:"2025/04/15");
  script_set_attribute(attribute:"patch_publication_date", value:"2025/04/15");
  script_set_attribute(attribute:"plugin_publication_date", value:"2025/04/17");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:fusion_middleware");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:coherence");
  script_set_attribute(attribute:"stig_severity", value:"I");
  script_set_attribute(attribute:"thorough_tests", value:"true");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Misc.");

  script_copyright(english:"This script is Copyright (C) 2025 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("oracle_coherence_installed.nbin");
  script_require_keys("installed_sw/Oracle Coherence");

  exit(0);
}

include('vcf.inc');

var app_info = vcf::get_app_info(app:'Oracle Coherence');

var constraints = [
  { 'min_version' : '12.2.1.4.0', 'fixed_version' : '12.2.1.4.25' },
  { 'min_version' : '14.1.1.0.0', 'fixed_version' : '14.1.1.0.21' },
  { 'min_version' : '14.1.2.0.0', 'fixed_version' : '14.1.2.0.2'  }
];

vcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);

14 Jul 2025 00:00Current

6.4Medium risk

Vulners AI Score6.4

CVSS 3.15.5 - 7.5

EPSS0.01966

SSVC