Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Network-reachable EBS HTTP endpoint, low complexity, requires an authenticated low-privileged EBS account (PR:L), no user interaction, and full component takeover yields C:H/I:H/A:H with scope unchanged.
Primary rating from Vendor (oracle).
CVSS VectorVendor: oracle
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionCVE.org
Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite (component: Work Provider Site Level Administration). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Universal Work Queue. Successful attacks of this vulnerability can result in takeover of Oracle Universal Work Queue. CVSS 3.1 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
AnalysisAI
Account takeover in Oracle Universal Work Queue (Oracle E-Business Suite 12.2.3 through 12.2.15) allows a low-privileged attacker with HTTP network access to fully compromise the Work Provider Site Level Administration component. Oracle rates this as easily exploitable with full confidentiality, integrity, and availability impact (CVSS 3.1 base 8.8), though no public exploit identified at time of analysis and it is not currently listed in CISA KEV.
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Attacker must have a valid low-privileged Oracle E-Business Suite account (PR:L) and network reachability to the EBS HTTP/HTTPS front-end hosting the Oracle Universal Work Queue module; the EBS instance must be running version 12.2.3 through 12.2.15 with the UWQ component deployed and its Work Provider Site Level Administration functionality reachable. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The signals are largely concordant on elevated risk: AV:N/AC:L/PR:L/UI:N with C:H/I:H/A:H means any holder of a low-privileged EBS account reachable over HTTP can take over the UWQ component with no user interaction and low attack complexity, which is operationally significant in environments where self-service or low-tier accounts exist. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker who has obtained or been issued any low-privileged Oracle E-Business Suite account (for example a service-desk agent, contractor, or self-registered user) authenticates to the EBS HTTP interface and sends crafted requests to the Work Provider Site Level Administration endpoints of Universal Work Queue, abusing missing authorization checks to reconfigure or take over the UWQ component. The result is full read, modify, and disrupt control over work-queue routing - allowing the attacker to reroute, suppress, or tamper with work items distributed to operational users. … |
| Remediation | Patch available per vendor advisory: apply the fixes bundled in the Oracle Critical Patch Update of June 2026 (https://www.oracle.com/security-alerts/cspujun2026.html) for Oracle E-Business Suite 12.2.3-12.2.15; exact patch numbers are listed in the CPU advisory matrix for the Universal Work Queue component and should be applied via Oracle's standard EBS patching workflow (adop / adpatch) after a test-environment cycle. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
24 hours: Conduct inventory of all Oracle E-Business Suite deployments; identify systems running versions 12.2.3 through 12.2.15 and document current low-privilege user access. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
More in Oracle Universal Work Queue
View allPrivilege escalation and full takeover of Oracle Universal Work Queue (component: Work Provider Site Level Administratio
Account takeover in Oracle Universal Work Queue (Oracle E-Business Suite 12.2.3 through 12.2.15) allows a low-privileged
Takeover of Oracle Universal Work Queue is possible in Oracle E-Business Suite versions 12.2.3 through 12.2.15 via the W
Same technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-37276