Vulnerability in Oracle E-Business Suite Preferences Component
CVE-2025-30739

5.5MEDIUM

Key Information:

Vendor: Oracle
Status: Oracle Crm Technical Foundation
Vendor: CVE Published:; 15 July 2025

What is CVE-2025-30739?

A vulnerability exists in the Preferences component of Oracle CRM Technical Foundation within the Oracle E-Business Suite. This flaw allows an attacker with high privileges and network access via HTTP to compromise the integrity of Oracle CRM Technical Foundation. While the vulnerability specifically resides in the Preferences component, its exploitation could significantly affect other interconnected products. Successful exploitation may lead to unauthorized updates, insertions, or deletions of accessible data, along with unauthorized read access to certain data within Oracle CRM Technical Foundation. Organizations should ensure they apply best practices for securing their systems and consult the latest vendor advisories to mitigate potential security risks.

Affected Version(s)

Oracle CRM Technical Foundation 12.2.11 <= 12.2.13

References

https://www.oracle.com/security-alerts/cpujul2025.html

vendor-advisory

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 15, 2025
Vulnerability Reserved
Mar 25, 2025