CVE-2023-22009

Name of the Vulnerable Software and Affected Versions Oracle E-Business Suite versions 12.2.3 through 12.2.12

Description The issue is related to insufficient input validation in the Workforce Management component of Oracle E-Business Suite, allowing a remote attacker to gain unauthorized access to protected information. Successful attacks can result in unauthorized read access to a subset of accessible data.

Recommendations For versions 12.2.3 through 12.2.12, update to a version that includes the fix for this issue to prevent unauthorized access. As a temporary workaround, consider restricting access to the Workforce Management component until a patch is available.