Oracle E-Business Suite Web Utilities Component Oracle Applications Framework Vulnerability Allowing Unauthorized Data Access and Modification

Vulnerability

A vulnerability has been identified in the Oracle Applications Framework component of Oracle E-Business Suite, specifically in versions 12.2.3 through 12.2.14. This vulnerability allows a low-privileged attacker with network access via HTTP to compromise the Oracle Applications Framework. Although the vulnerability resides within the framework, successful exploitation could significantly impact additional products, leading to a scope change. The vulnerability allows unauthorized users to read, update, insert, or delete certain data accessible through the Oracle Applications Framework.

Impact

Exploitation of this vulnerability could result in unauthorized access to read, update, insert, or delete data within the Oracle Applications Framework.

Added: Jul 15, 2025, 10:23 PM

Updated: Jul 15, 2025, 10:23 PM

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

5.0

exploitability

4.9

remediation

0.0

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

5.0

exploitability

4.9

remediation

0.0

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Oracle E-Business Suite Web Utilities Component Oracle Applications Framework Vulnerability Allowing Unauthorized Data Access and Modification

Vulnerability

Impact

Affected Products

Oracle Applications Framework

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating