CVE-2025-30737

Summary

CVE-2025-30737 is a vulnerability affecting Oracle Smart View for Office, a component of Oracle Hyperion's version 24.200. This issue allows high-privileged attackers with network access via HTTP to compromise the product, which may result in unauthorized creation, deletion, or modification of critical data for all Oracle Smart View for Office accessible data. Successful exploitation necessitates human interaction and can lead to complete access to all Oracle Smart View for Office data as well as unauthorized access to critical data. The Base Score according to the Common Vulnerability Scoring System (CVSS) 3.1 is 5.7, with impacts on both confidentiality and integrity. The attack vector is network (AV:N), the attack complexity is high (AC:H), the privileges required are high (PR:H), the user interaction is required (UI:R), the scope is unchanged (S:U), the confidentiality impact is high (C:H), and the integrity impact is high (I:H).

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.