Skip to main content

Oracle Hrms Uk

1 CVEs product

Monthly

CVE-2026-46953 HIGH This Week

Full takeover of Oracle HRMS (UK) - the UK Payroll component of Oracle E-Business Suite versions 12.2.3 through 12.2.15 - is possible by an already-authenticated, highly privileged attacker over HTTP, leading to complete loss of confidentiality, integrity, and availability of the HRMS application. Oracle classifies the issue as easily exploitable but the PR:H requirement narrows the realistic attacker pool to insiders and compromised admin accounts. No public exploit identified at time of analysis and the issue is not listed in CISA KEV.

Oracle Oracle Hrms Uk Privilege Escalation
NVD
CVSS 3.1
7.2
EPSS
0.5%
EPSS 0% CVSS 7.2
HIGH This Week

Full takeover of Oracle HRMS (UK) - the UK Payroll component of Oracle E-Business Suite versions 12.2.3 through 12.2.15 - is possible by an already-authenticated, highly privileged attacker over HTTP, leading to complete loss of confidentiality, integrity, and availability of the HRMS application. Oracle classifies the issue as easily exploitable but the PR:H requirement narrows the realistic attacker pool to insiders and compromised admin accounts. No public exploit identified at time of analysis and the issue is not listed in CISA KEV.

Oracle Oracle Hrms Uk Privilege Escalation
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy