Oracle E-Business Suite Unauthorized Access Vulnerability (CNVD-2021-54731)

Oracle E-Business Suite is an extension of the original Application (ERP) and includes a collection of ERP (Enterprise Resource Planning Management), HR (Human Resource Management), CRM (Customer Relationship Management) and other applications that are seamlessly integrated into one management suite. A security vulnerability exists in the Workflow Notification Mailer component of Oracle Workflow in Oracle E-Business Suite versions 12.1.3, 12.2.3 - 12.2.10. An attacker could use this vulnerability to potentially cause unauthorized creation, deletion, or modification of access to critical data or all Oracle Web Applications Desktop Integrator accessible data, as well as unauthorized access to critical data or full access to all Oracle Web Applications Desktop Integrator-accessible data.