Lucene search
K
OracleUser Management

7 matches found

CVE
CVE
added 2022/05/19 11:55 p.m.181 views

CVE-2022-21500

CVE-2022-21500 affects Oracle E-Business Suite, specifically the Manage Proxies component, with the vulnerable line item in 12.2 (12.1 is not impacted). The issue enables an attacker to access or potentially take over data in the Oracle E-Business Suite via HTTP over the network, with CVSSv3.1 ba...

7.5CVSS7.6AI score0.70589EPSS
In wild
CVE
CVE
added 2023/04/18 7:54 p.m.64 views

CVE-2023-21997

The CVE-2023-21997 entry concerns Oracle E-Business Suite, specifically the Oracle User Management component’s Proxy User Delegation. Affected versions are 12.2.3–12.2.12. The vulnerability is described as allowing a low-privilege, unauthenticated or HTTP-network-access attacker to read a subset ...

4.3CVSS3.4AI score0.00481EPSS
CVE
CVE
added 2021/01/20 2:50 p.m.60 views

CVE-2021-2017

CVE-2021-2017 is a vulnerability in Oracle E-Business Suite’s Oracle User Management component (Proxy User Delegation). Affected are version 12.1.3 and 12.2.3–12.2.10. The issue allows a low-privileged, network-accessible attacker over HTTP to read a subset of data in Oracle User Management. CVSS...

4.3CVSS4.3AI score0.00912EPSS
CVE
CVE
added 2025/04/15 8:31 p.m.60 views

CVE-2025-30708

Oracle E-Business Suite vulnerability CVE-2025-30708 affects Oracle User Management (component: Search and Register Users) in 12.2.4–12.2.14. Multiple sources in connected documents confirm an unauthenticated, network-accessible exposure via HTTP that can lead to unauthorized access to sensitive ...

7.5CVSS7.1AI score0.00549EPSS
CVE
CVE
added 2018/10/17 1:0 a.m.47 views

CVE-2018-3236

CVE-2018-3236 affects Oracle E-Business Suite User Management (Reports) and is confirmed in connected sources as Vulnerability in Oracle User Management component. Affected are E-Business Suite versions 12.1.3, 12.2.3–12.2.7. The flaw permits a high-privilege attacker who can reach the applicatio...

6.5CVSS6.3AI score0.02025EPSS
CVE
CVE
added 2018/01/18 2:0 a.m.43 views

CVE-2018-2691

The CVE-2018-2691 entry concerns Oracle E-Business Suite’s Oracle User Management component (subcomponent: Proxy User Delegation). Affected versions are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, and 12.2.7. The vulnerability allows a low-privilege attacker with network access via HTTP to compromise...

5.5CVSS4.7AI score0.00889EPSS
CVE
CVE
added 2026/04/21 8:35 p.m.15 views

CVE-2026-22014

CVE-2026-22014 affects Oracle E-Business Suite, specifically the Oracle User Management component (Workflow and Business Events) in versions 12.2.7–12.2.15. A high-privilege attacker with network access via HTTP can compromise Oracle User Management, potentially gaining unauthorized update/insert...

3.8CVSS5.7AI score0.00193EPSS