7 matches found
CVE-2022-21500
CVE-2022-21500 affects Oracle E-Business Suite, specifically the Manage Proxies component, with the vulnerable line item in 12.2 (12.1 is not impacted). The issue enables an attacker to access or potentially take over data in the Oracle E-Business Suite via HTTP over the network, with CVSSv3.1 ba...
CVE-2023-21997
The CVE-2023-21997 entry concerns Oracle E-Business Suite, specifically the Oracle User Management component’s Proxy User Delegation. Affected versions are 12.2.3–12.2.12. The vulnerability is described as allowing a low-privilege, unauthenticated or HTTP-network-access attacker to read a subset ...
CVE-2021-2017
CVE-2021-2017 is a vulnerability in Oracle E-Business Suite’s Oracle User Management component (Proxy User Delegation). Affected are version 12.1.3 and 12.2.3–12.2.10. The issue allows a low-privileged, network-accessible attacker over HTTP to read a subset of data in Oracle User Management. CVSS...
CVE-2025-30708
Oracle E-Business Suite vulnerability CVE-2025-30708 affects Oracle User Management (component: Search and Register Users) in 12.2.4–12.2.14. Multiple sources in connected documents confirm an unauthenticated, network-accessible exposure via HTTP that can lead to unauthorized access to sensitive ...
CVE-2018-3236
CVE-2018-3236 affects Oracle E-Business Suite User Management (Reports) and is confirmed in connected sources as Vulnerability in Oracle User Management component. Affected are E-Business Suite versions 12.1.3, 12.2.3–12.2.7. The flaw permits a high-privilege attacker who can reach the applicatio...
CVE-2018-2691
The CVE-2018-2691 entry concerns Oracle E-Business Suite’s Oracle User Management component (subcomponent: Proxy User Delegation). Affected versions are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, and 12.2.7. The vulnerability allows a low-privilege attacker with network access via HTTP to compromise...
CVE-2026-22014
CVE-2026-22014 affects Oracle E-Business Suite, specifically the Oracle User Management component (Workflow and Business Events) in versions 12.2.7–12.2.15. A high-privilege attacker with network access via HTTP can compromise Oracle User Management, potentially gaining unauthorized update/insert...