PT-2025-29595 · Oracle · Oracle E-Business Suite+1
Published
2025-07-15
·
Updated
2025-10-04
·
CVE-2025-30743
CVSS v2.0
8.5
High
| Vector | AV:N/AC:L/Au:S/C:C/I:C/A:N |
Name of the Vulnerable Software and Affected Versions
Oracle Lease and Finance Management version 12.2.13
Description
An easily exploitable issue exists in the Oracle Lease and Finance Management product of Oracle E-Business Suite (component: Internal Operations). A low-privileged attacker with network access via HTTP can compromise the system. Successful attacks can result in unauthorized creation, deletion, or modification of critical data, as well as complete access to all accessible data.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Incorrect Authorization
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Oracle E-Business Suite
Oracle Lease/Finance Management