Vulnerability in Oracle E-Business Suite Work in Process Component
CVE-2019-2633
9.9CRITICAL
Summary
This vulnerability exists in the Oracle Work in Process component of Oracle E-Business Suite, allowing attackers with low privileges and network access to exploit it via HTTP. Successful exploitation can lead to unauthorized creation, deletion, or modification of critical data within the Oracle Work in Process, while attackers may gain complete access to sensitive information. It is imperative for organizations using affected versions to implement necessary security measures to mitigate potential risks.
Affected Version(s)
Work in Process 12.1.1
Work in Process 12.1.2
Work in Process 12.1.3
References
CVSS V3.1
Score:
9.9
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved