Oracle E-Business Suite Unauthorized Access Vulnerability (CNVD-2022-02349)

Oracle E-Business Suite is an extension of the original Application (ERP) and includes a collection of ERP (Enterprise Resource Planning Management), HR (Human Resource Management), CRM (Customer Relationship Management) and other applications that are seamlessly integrated into one management suite. Oracle Universal Work Queue is one of the flexible work presentation and access tools that provides a centralized view and access to work. A security vulnerability exists in the Site Level Administration component. An attacker could exploit this vulnerability to cause unauthorized creation, deletion, or modification of access to critical data or all Oracle Universal Work Queue accessible data, as well as unauthorized access to critical data or full access to all Oracle Universal Work Queue accessible data.