CNNVD-202510-745 Information

CNNVD ID

CNNVD-202510-745

Related CVE

CVE-2025-61882

• CNNVD Published: 2025-10-05

Description (Chinese)

Oracle E-Business Suite是美国甲骨文（Oracle）公司的一套全面集成式的全球业务管理软件。该软件提供了客户关系管理、服务管理、财务管理等功能。 Oracle E-Business Suite 12.2.3版本至12.2.14版本存在安全漏洞，该漏洞源于未经验证的攻击者可通过HTTP网络访问进行攻击，可能导致组件接管。

Description (English)

Oracle E-Business Suite is a fully integrated global business management software package for Oracle. The software provides functions such as customer relationship management, service management and financial management. There is a security gap between Oracle E-Business Suite 12.2.3 and 12.2.14, which stems from the fact that uncertified assailants can attack through the HTTP network, which may lead to the taking over of components.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

甲骨文

Published

2025-10-05

Last Modified

2026-02-24

References

https://www.oracle.com/security-alerts/alert-cve-2025-61882.html https://blogs.oracle.com/security/post/apply-july-2025-cpu https://labs.watchtowr.com/well-well-well-its-another-day-oracle-e-business-suite-pre-auth-rce-chain-cve-2025-61882well-well-well-its-another-day-oracle-e-business-suite-pre-auth-rce-chain-cve-2025-61882/

Patch

https://www.oracle.com/security-alerts/alert-cve-2025-61882.html