Oracle E-Business Suite Oracle Applications Framework Attachments File Upload Vulnerability

Vulnerability

A vulnerability exists in the Oracle Applications Framework component of Oracle E-Business Suite, specifically in versions 12.2.3 through 12.2.14. This vulnerability allows a low-privileged attacker with network access via HTTP to compromise the Oracle Applications Framework. Exploitation of this vulnerability could lead to unauthorized access to update, insert, or delete certain data within the Oracle Applications Framework, as well as unauthorized read access to a subset of accessible data.

Impact

Exploitation of this vulnerability could result in unauthorized modification or deletion of data, as well as unauthorized access to read certain data within the Oracle Applications Framework.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

1.3

exploitability

4.9

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

1.3

exploitability

4.9

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Oracle E-Business Suite Oracle Applications Framework Attachments File Upload Vulnerability

Vulnerability

Impact

Affected Products

Oracle Applications Framework

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating