Oracle HTTP Server (July 2025 CPU)

🗓️ 17 Jul 2025 00:00:00Reported by TenableType

Oracle HTTP Server has vulnerabilities that can lead to unauthorized data access and denial of service.

Reporter	Title	Published	Views	Family All 1080
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Rapid Infrastructure Automation	28 May 202514:39	–	ibm
IBM Security Bulletins	Security Bulletin: A vulnerability in Watson NLP affects IBM Robotic Process Automation (CVE-2024-56171).	13 Jun 202501:58	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in libxml2 library (CVE-2024-56171, CVE-2025-24928) affect Power HMC.	7 Jul 202505:41	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in IBM CloudPak for AIOps	25 Jun 202513:52	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Automation Decision Services for October 2025 - Multiple CVEs addressed	3 Dec 202506:06	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a stack overflow vulnerability in libexpat library [CVE-2024-8176]	13 Jun 202516:26	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a' use after free' condition in libxml2 [CVE-2024-56171]	13 Jun 202516:07	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to multiple Base OS issues	28 Aug 202521:17	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in libxml2 library (CVE-2025-32415) affects Power HMC.	19 Nov 202508:45	–	ibm
IBM Security Bulletins	Security Bulletin: Oracle Outside In Technology (OIT) v8.5.7 BP7 vulnerabilities CVE-2025-29482 (vulnerable), CVE-2024-8176 (not vulnerable) in FileNet Content Manager (FNCM) Content Based Retrieval (CBR) content indexing	30 Mar 202609:37	–	ibm

Source	Link
oracle	www.oracle.com/docs/tech/security-alerts/cpujul2025csaf.json
oracle	www.oracle.com/security-alerts/cpujul2025.html
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(242271);
  script_version("1.4");
  script_set_attribute(attribute:"plugin_modification_date", value:"2026/01/21");

  script_cve_id(
    "CVE-2024-8176",
    "CVE-2024-56171",
    "CVE-2025-0725",
    "CVE-2025-24928",
    "CVE-2025-27113",
    "CVE-2025-32415"
  );
  script_xref(name:"IAVA", value:"2025-A-0515-S");

  script_name(english:"Oracle HTTP Server (July 2025 CPU)");

  script_set_attribute(attribute:"synopsis", value:
"The remote host is affected by multiple vulnerabilities");
  script_set_attribute(attribute:"description", value:
"The versions of HTTP Server installed on the remote host are affected by multiple vulnerabilities as referenced in the
July 2025 CPU advisory.

  - In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-
    based buffer under-read. To exploit this, a crafted XML document must be validated against an XML schema
    with certain identity constraints, or a crafted XML schema must be used. (CVE-2025-32415)

  - Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where 
    Oracle HTTP Server executes to compromise Oracle HTTP Server. While the vulnerability is in Oracle HTTP 
    Server, attacks may significantly impact additional products (scope change). Successful attacks of this 
    vulnerability can result in unauthorized creation, deletion or modification access to critical data or 
    all Oracle HTTP Server accessible data as well as unauthorized access to critical data or complete access 
    to all Oracle HTTP Server accessible data. (CVE-2024-56171)

  - Easily exploitable vulnerability allows unauthenticated attacker with network access via TLS to compromise 
    Oracle HTTP Server. Successful attacks of this vulnerability can result in unauthorized update, insert or 
    delete access to some of Oracle HTTP Server accessible data as well as unauthorized read access to a subset 
    of Oracle HTTP Server accessible data and unauthorized ability to cause a partial denial of service (partial 
    DOS) of Oracle HTTP Server. (CVE-2025-0725)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://www.oracle.com/docs/tech/security-alerts/cpujul2025csaf.json");
  script_set_attribute(attribute:"see_also", value:"https://www.oracle.com/security-alerts/cpujul2025.html");
  script_set_attribute(attribute:"solution", value:
"Apply the appropriate patch according to the July 2025 Oracle Critical Patch Update advisory.");
  script_set_attribute(attribute:"agent", value:"all");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2024-56171");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2025/07/15");
  script_set_attribute(attribute:"patch_publication_date", value:"2025/07/15");
  script_set_attribute(attribute:"plugin_publication_date", value:"2025/07/17");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:fusion_middleware");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:http_server");
  script_set_attribute(attribute:"stig_severity", value:"I");
  script_set_attribute(attribute:"thorough_tests", value:"true");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Web Servers");

  script_copyright(english:"This script is Copyright (C) 2025-2026 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("oracle_http_server_installed.nbin");
  script_require_keys("Oracle/OHS/Installed");

  exit(0);
}

include('oracle_http_server_patch_func.inc');

get_kb_item_or_exit('Oracle/OHS/Installed');
var install_list = get_kb_list_or_exit('Oracle/OHS/*/EffectiveVersion');

var install = branch(install_list, key:TRUE, value:TRUE);

var patches = make_array();
patches['14.1.2.0'] = make_array('fix_ver', '14.1.2.0.250707', 'patch', '38158105');

oracle_http_server_check_vuln(
  install : install,
  min_patches : patches,
  severity : SECURITY_HOLE
);

21 Jan 2026 00:00Current

7High risk

Vulners AI Score7

CVSS 3.17.8 - 9.8

EPSS0.00803

SSVC