CNNVD-202510-2710 Information
CNNVD ID
CNNVD-202510-2710
Related CVE
- CNNVD Published: 2025-10-21
Description (Chinese)
Oracle E-Business Suite是美国甲骨文(Oracle)公司的一套全面集成式的全球业务管理软件。该软件提供了客户关系管理、服务管理、财务管理等功能。 Oracle E-Business Suite的Oracle Product Hub 12.2.3版本至12.2.14版本存在安全漏洞,该漏洞源于低权限攻击者可通过HTTP网络访问进行攻击,可能导致未经授权的关键数据创建、删除或修改。
Description (English)
Oracle E-Business Suite is a fully integrated global business management software package for Oracle. The software provides functions such as customer relationship management, service management and financial management. There is a security loophole in Oracle E-Business Suite, versions 12.2.3 to 12.2.14, which originates from the low-authority attacker ’ s access to the HTTP network, which may lead to unauthorized creation, deletion or modification of critical data.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
甲骨文
Published
2025-10-21
Last Modified
2026-02-24
References
https://www.oracle.com/security-alerts/cpuoct2025.html https://access.redhat.com/security/cve/cve-2025-53043
Patch
https://www.oracle.com/security-alerts/cpuoct2025.html
Share on: