CVE-2025-21573

CVSS 3.1 Score 6 of 10 (medium)

Details

Published Apr 15, 2025

Updated: Apr 17, 2025

CWE ID 284

Summary

CVE-2025-21573 is a vulnerability affecting versions 5.1.0.0.0, 6.1.0.0.0, and 7.0.0.0.0 of Oracle Financial Services Revenue Management and Billing's Chatbot component. This issue allows high-privileged attackers with network access to compromise the system via HTTP. Successful attacks require human interaction, enabling unauthorized creation, deletion, or modification of critical data, as well as complete access to all data and partial denial of service. The CVSS Base Score is 6.0, with high levels of impact on Confidentiality, Integrity, and Availability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Oracle

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/5QcvxF
https://www.cve.org/CVERecord?id=CVE-2025-21573
https://nvd.nist.gov/vuln/detail/CVE-2025-21573

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Threats to the 2025 NATO Summit

Artificial Eyes: Generative AI in China’s Military Intelligence

GrayAlpha Uses Diverse Infection Vectors to Deploy PowerNet Loader and NetSupport RAT

Know What Matters

For Customers

For Partners

CVE-2025-21573

CVSS 3.1 Score 6 of 10 (medium)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations