{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-06T01:45:17.464","vulnerabilities":[{"cve":{"id":"CVE-2025-30727","sourceIdentifier":"secalert_us@oracle.com","published":"2025-04-15T21:16:02.457","lastModified":"2025-04-28T16:39:27.290","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle Scripting product of Oracle E-Business Suite (component: iSurvey Module).  Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Scripting.  Successful attacks of this vulnerability can result in takeover of Oracle Scripting. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)."},{"lang":"es","value":"Vulnerabilidad en el producto Oracle Scripting de Oracle E-Business Suite (componente: Módulo iSurvey). Las versiones compatibles afectadas son 12.2.3-12.2.14. Esta vulnerabilidad, fácilmente explotable, permite a un atacante no autenticado con acceso a la red vía HTTP comprometer Oracle Scripting. Los ataques con éxito a esta vulnerabilidad pueden resultar en la toma de control de Oracle Scripting. Puntuación base de CVSS 3.1: 9.8 (impactos en confidencialidad, integridad y disponibilidad). Vector CVSS: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)."}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-306"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:e-business_suite:*:*:*:*:*:*:*:*","versionStartIncluding":"12.2.3","versionEndIncluding":"12.2.14","matchCriteriaId":"63FD7F81-3E53-4FB7-8862-0FF52001C7B6"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cpuapr2025.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}}]}