CNNVD-202510-2708 Information
CNNVD ID
CNNVD-202510-2708
Related CVE
- CNNVD Published: 2025-10-21
Description (Chinese)
Oracle E-Business Suite是美国甲骨文(Oracle)公司的一套全面集成式的全球业务管理软件。该软件提供了客户关系管理、服务管理、财务管理等功能。Marketing是其中的一个基于互联网的营销管理组件。 Oracle E-Business Suite的Oracle Marketing 12.2.3版本至12.2.14版本存在安全漏洞,该漏洞源于未经验证的攻击者可通过HTTP网络访问进行攻击,可能导致Oracle Marketing被接管。
Description (English)
Oracle E-Business Suite is a fully integrated global business management software package for Oracle. The software provides functions such as customer relationship management, service management and financial management. Marketing is an Internet-based marketing management component. There is a security loophole in Oracle E-Business Suite, versions 12.2.3 to 12.2.14, which stems from the fact that uncertified attackers can attack through the HTTP network, which could lead to Oracle Marketing being taken over.
Hazard Level
Low
Vulnerability Type
其他
Affected Vendor
甲骨文
Published
2025-10-21
Last Modified
2026-02-24
References
https://www.oracle.com/security-alerts/cpuoct2025.html https://access.redhat.com/security/cve/cve-2025-53072
Patch
https://www.oracle.com/security-alerts/cpuoct2025.html
Share on: