CNNVD-202507-1997 Information

CNNVD ID

CNNVD-202507-1997

Related CVE

CVE-2025-30745

• CNNVD Published: 2025-07-15

Description (Chinese)

Oracle E-Business Suite是美国甲骨文（Oracle）公司的一套全面集成式的全球业务管理软件。该软件提供了客户关系管理、服务管理、财务管理等功能。 Oracle E-Business Suite的Oracle MES for Process Manufacturing 12.2.12至12.2.13版本存在安全漏洞，该漏洞源于组件Device Integration存在访问控制不当，可能导致数据未授权访问。

Description (English)

Oracle E-Business Suite is a fully integrated global business management software package for Oracle. The software provides functions such as customer relationship management, service management and financial management. There is a security gap in Oracle MES for Production Manufacturing 12.2.12-12.13, which stems from the inappropriate access controls of the component Device Information, which may lead to unauthorized data access.

Hazard Level

High

Vulnerability Type

跨站请求伪造

Affected Vendor

OrangeHRM

Published

2025-07-15

Last Modified

2026-02-24

References

https://www.oracle.com/security-alerts/cpujul2025.html https://nvd.nist.gov/vuln/detail/CVE-2025-30745

Patch

https://www.oracle.com/security-alerts/cpujul2025.html