Oracle E-Business Suite Unauthorized Access Vulnerability (CNVD-2022-02351)

Oracle E-Business Suite is an extension of the original Application (ERP) and includes a collection of ERP (Enterprise Resource Planning Management), HR (Human Resource Management), CRM (Customer Relationship Management) and other applications that are seamlessly integrated into one management suite. Compensation is one of the global variable compensation applications that automates the design, management and analysis of incentive-based compensation plans for employees and partners to effectively contribute to the achievement of corporate goals. A security vulnerability exists in the User Interface component of Compensation. An attacker could use this vulnerability to create, delete, or modify access without authorization, as well as gain unauthorized access to critical data or full access to all Oracle Incentive Compensation accessible data.