Lucene search
K

Oracle Business Intelligence Enterprise Edition (OAS 7.6) (October 2025 CPU)

🗓️ 24 Oct 2025 00:00:00Reported by TenableType 
nessus
 nessus
🔗 www.tenable.com👁 8 Views

BI Enterprise Edition 7.6.0.0.0 exposed by October 2025 CPU; remote takeover via HTTP and MITM risk with raw keys.

Related
Refs
Code
ReporterTitlePublishedViews
Family
IBM Security Bulletins
Security Bulletin: IBM Maximo Application Suite Ai-Service Component uses uthentication Bypass Using an Alternate Path or Channel vulnerability in Apache Tomcat.
9 Jul 202507:25
ibm
IBM Security Bulletins
Security Bulletin: Multiple Vulnerabilities in IBM Application Performance Management
9 Jan 202510:41
ibm
IBM Security Bulletins
Security Bulletin: IBM WebSphere Application Server, which is bundled with IBM WebSphere Hybrid Edition, is affected by a denial of service due to Apache Commons FileUpload (CVE-2025-48976)
3 Sep 202518:09
ibm
IBM Security Bulletins
Security Bulletin: Vulnerability has been identified in WebSphere Application Server shipped with WebSphere Service Registry and Repository (CVE-2025-48976)
15 Aug 202509:21
ibm
IBM Security Bulletins
Security Bulletin: Vulnerability in Apache Commons IO affects IBM watsonx Assistant for IBM Cloud Pak for Data
5 Feb 202520:46
ibm
IBM Security Bulletins
Security Bulletin: Denial of Service vulnerability in Apache Commons IO affects IBM Business Automation Workflow - CVE-2024-47554
7 Feb 202516:25
ibm
IBM Security Bulletins
Security Bulletin: IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) is susceptible to multiple Apache Tomcat vulnerabilities (CVE-2025-48976, CVE-2025-48988)
17 Jul 202518:27
ibm
IBM Security Bulletins
Security Bulletin: IBM SPSS Analytic Server is affected by a Denial of Service (DoS) vulnerability in Apache Commons FileUpload.
20 Sep 202500:54
ibm
IBM Security Bulletins
Security Bulletin: IBM Engineering Lifecycle Optimization - Engineering Publishing Apache Commons IO is vulnerable to a denial of service, caused by an uncontrolled resource consumption flaw in the org.apache.commons.io.input.XmlStreamReader class.
3 Jan 202511:04
ibm
IBM Security Bulletins
Security Bulletin: Multiple Vulnerabilities in IBM API Connect
15 Mar 202500:18
ibm
Rows per page
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(271383);
  script_version("1.2");
  script_set_attribute(attribute:"plugin_modification_date", value:"2026/02/24");

  script_cve_id(
    "CVE-2024-7254",
    "CVE-2024-12797",
    "CVE-2024-47554",
    "CVE-2025-25193",
    "CVE-2025-48795",
    "CVE-2025-48976",
    "CVE-2025-53049",
    "CVE-2025-61754"
  );
  script_xref(name:"IAVA", value:"2025-A-0790-S");

  script_name(english:"Oracle Business Intelligence Enterprise Edition (OAS 7.6) (October 2025 CPU)");

  script_set_attribute(attribute:"synopsis", value:
"The remote host is affected by multiple vulnerabilities");
  script_set_attribute(attribute:"description", value:
"The version of Oracle Business Intelligence Enterprise Edition (OAS) 7.6.0.0.0 installed on the remote host is affected
by multiple vulnerabilities as referenced in the October 2025 CPU advisory.

  - Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics
    (component: Analytics Web Administration). Supported versions that are affected are 7.6.0.0.0 and
    8.2.0.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP
    to compromise Oracle Business Intelligence Enterprise Edition. Successful attacks require human
    interaction from a person other than the attacker and while the vulnerability is in Oracle Business
    Intelligence Enterprise Edition, attacks may significantly impact additional products (scope change).
    Successful attacks of this vulnerability can result in takeover of Oracle Business Intelligence Enterprise
    Edition. (CVE-2025-53049)

  - Issue summary: Clients using RFC7250 Raw Public Keys (RPKs) to authenticate a server may fail to notice
    that the server was not authenticated, because handshakes don't abort as expected when the SSL_VERIFY_PEER
    verification mode is set. Impact summary: TLS and DTLS connections using raw public keys may be vulnerable
    to man-in-middle attacks when server authentication failure is not detected by clients. RPKs are disabled
    by default in both TLS clients and TLS servers. The issue only arises when TLS clients explicitly enable
    RPK use by the server, and the server, likewise, enables sending of an RPK instead of an X.509 certificate
    chain. The affected clients are those that then rely on the handshake to fail when the server's RPK fails
    to match one of the expected public keys, by setting the verification mode to SSL_VERIFY_PEER. Clients
    that enable server-side raw public keys can still find out that raw public key verification failed by
    calling SSL_get_verify_result(), and those that do, and take appropriate action, are not affected. This
    issue was introduced in the initial implementation of RPK support in OpenSSL 3.2. The FIPS modules in 3.4,
    3.3, 3.2, 3.1 and 3.0 are not affected by this issue. (CVE-2024-12797)

  - Uncontrolled Resource Consumption vulnerability in Apache Commons IO. The
    org.apache.commons.io.input.XmlStreamReader class may excessively consume CPU resources when processing
    maliciously crafted input. This issue affects Apache Commons IO: from 2.0 before 2.14.0. Users are
    recommended to upgrade to version 2.14.0 or later, which fixes the issue. (CVE-2024-47554)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://www.oracle.com/docs/tech/security-alerts/cpuoct2025csaf.json");
  script_set_attribute(attribute:"see_also", value:"https://www.oracle.com/security-alerts/cpuoct2025.html");
  script_set_attribute(attribute:"solution", value:
"Apply the appropriate patch according to the October 2025 Oracle Critical Patch Update advisory.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2025-53049");
  script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2025-53049");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2025/10/21");
  script_set_attribute(attribute:"patch_publication_date", value:"2025/10/21");
  script_set_attribute(attribute:"plugin_publication_date", value:"2025/10/24");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:business_intelligence");
  script_set_attribute(attribute:"stig_severity", value:"I");
  script_set_attribute(attribute:"thorough_tests", value:"true");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Misc.");

  script_copyright(english:"This script is Copyright (C) 2025-2026 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("oracle_analytics_server_installed.nbin");
  script_require_keys("installed_sw/Oracle Analytics Server");

  exit(0);
}

include('vdf.inc');

# @tvdl-content
var vuln_data = {
  'metadata': {'spec_version': '1.0'},
  'checks': [
    {
      'product': {'name': 'Oracle Analytics Server', 'type': 'app'},
      'check_algorithm': 'default',
      'constraints': [
        { 'min_version' : '7.6.0.0.0', 'fixed_version' : '7.6.0.0.250905', 'fixed_display' : '7.6.0.0.250905 patch: 38396889' }
      ]
    }
  ]
};

var result = vdf::check_and_report(vuln_data:vuln_data, severity:SECURITY_HOLE);
vdf::handle_check_and_report_errors(vdf_result:result);

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

24 Feb 2026 00:00Current
7.5High risk
Vulners AI Score7.5
CVSS 3.17.5 - 8.4
CVSS 48.7
EPSS0.64718
SSVC
8