CNNVD-202510-1617 Information

Oct 12, 2025 cve

CNNVD ID

CNNVD-202510-1617

CVE-2025-61884

  • CNNVD Published: 2025-10-12

Description (Chinese)

Oracle E-Business Suite是美国甲骨文(Oracle)公司的一套全面集成式的全球业务管理软件。该软件提供了客户关系管理、服务管理、财务管理等功能。 Oracle E-Business Suite的Oracle Configurator 12.2.3版本至12.2.14版本存在安全漏洞,该漏洞源于未经验证的攻击者可通过HTTP网络访问进行攻击,可能导致未经授权访问关键数据或完全访问所有Oracle Configurator可访问数据。

Description (English)

Oracle E-Business Suite is a fully integrated global business management software package for Oracle. The software provides functions such as customer relationship management, service management and financial management. There is a security loophole in Oracle E-Businness Suite, versions 12.2.3 to 12.2.14, which stems from uncertified attackers ’ access to the HTTP network, which may result in unauthorized access to key data or full access to all Oracle Configurator.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

甲骨文

Published

2025-10-12

Last Modified

2026-02-24

References

https://www.oracle.com/security-alerts/alert-cve-2025-61884.html

Patch

https://www.oracle.com/security-alerts/alert-cve-2025-61884.html

Share on: