Oracle E-Business Suite Product Hub Item Catalog Vulnerability Allowing Unauthorized Data Access and Modification

Vulnerability

A vulnerability exists in the Oracle Product Hub component of Oracle E-Business Suite, specifically in versions 12.2.3 through 12.2.14. This easily exploitable vulnerability allows a low-privileged attacker with network access via HTTP to compromise Oracle Product Hub. Successful exploitation can lead to unauthorized creation, deletion, or modification of critical data, as well as unauthorized access to all data accessible through Oracle Product Hub.

Impact

Exploitation of this vulnerability allows for unauthorized access to critical data and the ability to create, delete, or modify data within Oracle Product Hub.

Added: Oct 21, 2025, 8:27 PM

Updated: Oct 21, 2025, 8:27 PM

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

5.0

exploitability

4.9

remediation

0.0

relevance

0.8

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

5.0

exploitability

4.9

remediation

0.0

relevance

0.8

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Oracle E-Business Suite Product Hub Item Catalog Vulnerability Allowing Unauthorized Data Access and Modification

Vulnerability

Impact

Affected Products

Oracle Product Hub

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating