CNNVD-202507-1995 Information

CNNVD ID

CNNVD-202507-1995

Related CVE

CVE-2025-30739

• CNNVD Published: 2025-07-15

Description (Chinese)

Oracle E-Business Suite是美国甲骨文（Oracle）公司的一套全面集成式的全球业务管理软件。该软件提供了客户关系管理、服务管理、财务管理等功能。 Oracle E-Business Suite的Oracle CRM Technical Foundation 12.2.11至12.2.13版本存在安全漏洞，该漏洞源于组件Preferences存在访问控制不当，可能导致数据未授权访问。

Description (English)

Oracle E-Business Suite is a fully integrated global business management software package for Oracle. The software provides functions such as customer relationship management, service management and financial management. There is a security loophole in Oracle CRM Technical Foundation 12.2.11 to 12.2.13 in Oracle E-Business Suite, which stems from the inappropriate access controls of the component Preferences, which may lead to unauthorized data access.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

OrangeHRM

Published

2025-07-15

Last Modified

2026-02-24

References

https://www.oracle.com/security-alerts/cpujul2025.html https://nvd.nist.gov/vuln/detail/CVE-2025-30739

Patch

https://www.oracle.com/security-alerts/cpujul2025.html