Severity by source
AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
HTTP-reachable EBS module so AV:N/AC:L/UI:N; requires high-privileged EBS account so PR:H; full iSupport takeover with impact on other modules gives S:C and C:H/I:H/A:H.
Primary rating from Vendor (oracle).
CVSS VectorVendor: oracle
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionCVE.org
Vulnerability in the Oracle iSupport product of Oracle E-Business Suite (component: Internal Operations). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle iSupport. While the vulnerability is in Oracle iSupport, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle iSupport. CVSS 3.1 Base Score 9.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).
AnalysisAI
Full takeover of Oracle iSupport (component: Internal Operations) in Oracle E-Business Suite versions 12.2.3 through 12.2.15 is achievable by an authenticated high-privileged attacker over HTTP, with a scope change that lets the attack significantly impact additional products beyond iSupport itself. The flaw carries a CVSS 3.1 base score of 9.1 with confidentiality, integrity, and availability all rated High, and no public exploit identified at time of analysis. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires the attacker to already hold a high-privileged authenticated account in Oracle E-Business Suite / iSupport (CVSS PR:H), and network HTTP reachability to the iSupport web tier on a running EBS 12.2.3-12.2.15 instance with the Internal Operations component deployed. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | Signals are mixed. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker who has obtained or been granted a high-privileged Oracle EBS account (for example a compromised administrator, an over-privileged integration user, or a malicious insider) issues crafted HTTP requests to the iSupport Internal Operations endpoints from anywhere they can reach the EBS web tier. The vulnerable code executes the operation without sufficient isolation, giving full takeover of iSupport and - due to scope change - the ability to affect other Oracle EBS modules sharing the same application context. … |
| Remediation | Patch available per vendor advisory: apply the fixes bundled in the Oracle Critical Patch Update of June 2026 (https://www.oracle.com/security-alerts/cspujun2026.html) to all Oracle E-Business Suite 12.2.3-12.2.15 environments running iSupport; specific patch numbers are listed inside the CPU patch availability matrix and should be selected per EBS release level. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Inventory Oracle E-Business Suite versions 12.2.3-12.2.15 across all environments and identify high-privileged iSupport users; escalate to Oracle Support for interim guidance. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
More in Oracle Isupport
View allTakeover of Oracle iSupport in Oracle E-Business Suite versions 12.2.3 through 12.2.15 is achievable by an authenticated
Privileged remote takeover of Oracle iSupport (Oracle E-Business Suite, Internal Operations component) affects versions
Same weakness CWE-284 – Improper Access Control
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-37257