CVE-2025-50107

Name of the Vulnerable Software and Affected Versions Oracle Universal Work Queue versions 12.2.5 through 12.2.14

Description This issue relates to flaws in access control within the request handling component of Oracle Universal Work Queue. Successful exploitation allows an unauthenticated remote attacker, with network access via HTTP, to compromise the Oracle Universal Work Queue. Attacks require human interaction from someone other than the attacker. While the issue is within Oracle Universal Work Queue, attacks may impact other products. Successful attacks can lead to unauthorized modification, insertion, or deletion of data accessible by Oracle Universal Work Queue, as well as unauthorized read access to a subset of that data. The affected component is request handling.

Recommendations For versions 12.2.5 through 12.2.14, at the moment, there is no information about a newer version that contains a fix for this vulnerability.