Oracle Process Manufacturing Process Planning
Monthly
Takeover of Oracle Process Manufacturing Process Planning (versions 12.2.3 through 12.2.15) is achievable by a low-privileged remote attacker over HTTP through the Internal Operations component of Oracle E-Business Suite. The flaw carries a CVSS 3.1 base score of 8.8 with full confidentiality, integrity, and availability impact, and Oracle has classified it as easily exploitable. There is no public exploit identified at time of analysis, but the low complexity and minimal authentication threshold make it a high-priority patching target for any EBS deployment.
Takeover of Oracle Process Manufacturing Process Planning (versions 12.2.3 through 12.2.15) is achievable by a low-privileged remote attacker over HTTP through the Internal Operations component of Oracle E-Business Suite. The flaw carries a CVSS 3.1 base score of 8.8 with full confidentiality, integrity, and availability impact, and Oracle has classified it as easily exploitable. There is no public exploit identified at time of analysis, but the low complexity and minimal authentication threshold make it a high-priority patching target for any EBS deployment.