CVE-2025-62481

📊 9.8 CRITICAL⚡ 0.1%🎯 0 exploits

📅 Published Oct 21, 2025

📋 Status: Analyzed

Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Marketing Administration). Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Marketing. Successful attacks of this vulnerability can result in takeover of Oracle Marketing. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

CVSS v3.1 • [email protected]

🎯 Affected Products & Systems

1 product configurations affected

Filter by type:

Type	Vendor	Product	Version Range	Status	CPE String
📱App	oracle	marketing	≥ 12.2.3 ∧ ≤ 12.2.14	Vulnerable	cpe:2.3:a:oracle:marketing::::::::

📱

oracle / marketing

Application

Vulnerable

Version: ≥ 12.2.3 ∧ ≤ 12.2.14

CPE:

cpe:2.3:a:oracle:marketing:*:*:*:*:*:*:*:*

Metrics

9.8 CRITICALCVSS v3.1[email protected]

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector:

NETWORK

Complexity:

LOW

Privileges:

NONE

User Interaction:

NONE

Confidentiality:

HIGH

Integrity:

HIGH

Availability:

HIGH

Scope:

UNCHANGED

🔍 Technical Details

Analysis Status

Analyzed

CVSS Details

9.8 (CRITICAL)v3.1

Source: [email protected]

EPSS Details

0.1% (Minimal)30.9th percentile

Last updated: Oct 30, 2025

Exploitation probability within 30 days

Published Date

Oct 21, 2025 (10 days ago)

Last Modified

Oct 24, 2025 (8 days ago)

Security Weaknesses1

CWE-306

References2

NVDgeneral