Severity by source
AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
HTTP-reachable EBS endpoint (AV:N/AC:L), requires high-privileged Financials for EMEA account (PR:H), no user interaction, results in full module takeover (C:H/I:H/A:H), no scope change.
Primary rating from Vendor (oracle).
CVSS VectorVendor: oracle
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionCVE.org
Vulnerability in the Oracle Financials for EMEA product of Oracle E-Business Suite (component: Internal Operations). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Financials for EMEA. Successful attacks of this vulnerability can result in takeover of Oracle Financials for EMEA. CVSS 3.1 Base Score 7.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).
AnalysisAI
Privileged takeover of Oracle Financials for EMEA (component: Internal Operations) in Oracle E-Business Suite versions 12.2.3 through 12.2.15 allows an authenticated high-privileged attacker with HTTP network access to fully compromise confidentiality, integrity, and availability of the module. The CVSS 3.1 base score is 7.2 with vector AV:N/AC:L/PR:H/UI:N, and there is no public exploit identified at time of analysis.
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires (1) network HTTP reachability to the Oracle E-Business Suite application tier hosting the Oracle Financials for EMEA Internal Operations component, and (2) a valid high-privileged account within Oracle Financials for EMEA (PR:H in the CVSS vector) - typically a functional administrator or equivalent role with access to Internal Operations responsibilities. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 3.1 vector AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H yields 7.2 (High), driven by full CIA impact but tempered by the PR:H requirement - the attacker must already hold high privileges within Oracle Financials for EMEA, which significantly narrows the realistic threat population to insiders or attackers who have already chained another flaw to obtain a privileged EBS account. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker who has obtained or been granted a high-privileged Oracle Financials for EMEA account - for example a malicious insider, a contractor whose access was not revoked, or an external attacker who first phished a finance administrator - sends crafted HTTP requests to the Internal Operations component of the EBS application tier. Successful exploitation results in full takeover of the Financials for EMEA module, allowing the attacker to read, alter, or destroy financial records and supporting operational data. … |
| Remediation | Apply the fixes delivered in the Oracle June 2026 Critical Patch Update as documented at https://www.oracle.com/security-alerts/cspujun2026.html - Patch available per vendor advisory; a specific patched build number was not provided in the supplied intelligence, so consult the CPU matrix for the exact patch ID matching your 12.2.x release. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Audit all high-privilege user accounts with access to Oracle E-Business Suite 12.2.3-12.2.15 and review administrative activity logs for anomalies. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
Same weakness CWE-284 – Improper Access Control
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-37279