CVE-2025-50071

Name of the Vulnerable Software and Affected Versions Oracle E-Business Suite versions 12.2.3 through 12.2.14

Description A vulnerability exists in the Oracle Applications Framework component (Web Utilities) of Oracle E-Business Suite. A low-privileged attacker with network access via HTTP can compromise the application. Successful exploitation may lead to unauthorized data modification, insertion, deletion, and read access to Oracle Applications Framework data. Attacks may significantly impact additional products.

Recommendations Versions prior to 12.2.3 should be considered for upgrade. Versions 12.2.3 through 12.2.14 should be updated.