PT-2025-29594 · Oracle · Oracle E-Business Suite+1
Published
2025-07-15
·
Updated
2025-07-29
·
CVE-2025-30739
CVSS v2.0
5.5
Medium
| Vector | AV:N/AC:L/Au:S/C:P/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
Oracle CRM Technical Foundation versions 12.2.11 through 12.2.13
Description
An easily exploitable issue exists in the Oracle CRM Technical Foundation component (Preferences) of Oracle E-Business Suite. A high-privileged attacker with network access via HTTP can compromise the system. Successful exploitation may lead to unauthorized data modification, insertion, or deletion, as well as unauthorized read access to data within Oracle CRM Technical Foundation. Attacks may significantly impact additional products.
Recommendations
Update Oracle CRM Technical Foundation to a version prior to 12.2.11 or after 12.2.13.
Fix
Incorrect Authorization
Improper Access Control
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Oracle Crm Technical Foundation
Oracle E-Business Suite