PT-2025-29658 · Oracle · Oracle E-Business Suite+1
Published
2025-07-15
·
Updated
2025-07-24
·
CVE-2025-50105
CVSS v2.0
8.5
High
| Vector | AV:N/AC:L/Au:S/C:C/I:C/A:N |
Name of the Vulnerable Software and Affected Versions
Oracle Universal Work Queue versions 12.2.3 through 12.2.14
Description
An easily exploitable issue exists in the Oracle Universal Work Queue component of Oracle E-Business Suite. A low-privileged attacker with network access via HTTP can compromise the system. Successful exploitation may lead to unauthorized creation, deletion, or modification of critical data, as well as complete access to all Oracle Universal Work Queue accessible data.
Recommendations
Update to a version beyond 12.2.14.
Fix
Improper Access Control
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Oracle E-Business Suite
Oracle Universal Work Queue