{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-15T11:27:15.932","vulnerabilities":[{"cve":{"id":"CVE-2025-21568","sourceIdentifier":"secalert_us@oracle.com","published":"2025-01-21T21:15:23.843","lastModified":"2025-06-23T18:01:43.933","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle Hyperion Data Relationship Management product of Oracle Hyperion (component: Access and Security).   The supported version that is affected is 11.2.19.0.000. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Hyperion Data Relationship Management.  Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in  unauthorized access to critical data or complete access to all Oracle Hyperion Data Relationship Management accessible data. CVSS 3.1 Base Score 4.5 (Confidentiality impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N)."},{"lang":"es","value":"Vulnerabilidad en el producto Oracle Hyperion Data Relationship Management de Oracle Hyperion (componente: Access and Security). La versión compatible afectada es la 11.2.19.0.000. Esta vulnerabilidad, que se puede explotar fácilmente, permite que un atacante con privilegios elevados y acceso a la red a través de HTTP ponga en peligro Oracle Hyperion Data Relationship Management. Los ataques exitosos requieren la interacción humana de una persona distinta del atacante. Los ataques exitosos de esta vulnerabilidad pueden dar como resultado el acceso no autorizado a datos críticos o el acceso completo a todos los datos accesibles de Oracle Hyperion Data Relationship Management. Puntuación base de CVSS 3.1: 4,5 (impactos de confidencialidad). Vector CVSS: (CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N)."}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N","baseScore":4.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":0.9,"impactScore":3.6}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-863"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:hyperion_data_relationship_management:11.2.19.0.000:*:*:*:*:*:*:*","matchCriteriaId":"44D01719-77F9-4776-814D-B26C2C98988A"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cpujan2025.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}}]}