Oracle Property Manager
Monthly
Takeover of Oracle Property Manager (component: Internal Operations) in Oracle E-Business Suite versions 12.2.3 through 12.2.15 is achievable by a high-privileged attacker with HTTP network access, with no public exploit identified at time of analysis. Oracle rates the issue easily exploitable with full confidentiality, integrity, and availability impact, but the PR:H requirement narrows the practical attacker pool to those already holding elevated EBS application privileges. The flaw is disclosed in the Oracle Critical Patch Update of June 2026 and tagged as Information Disclosure / Oracle Property Manager.
Takeover of Oracle Property Manager (component: Internal Operations) in Oracle E-Business Suite versions 12.2.3 through 12.2.15 is achievable by a high-privileged attacker with HTTP network access, with no public exploit identified at time of analysis. Oracle rates the issue easily exploitable with full confidentiality, integrity, and availability impact, but the PR:H requirement narrows the practical attacker pool to those already holding elevated EBS application privileges. The flaw is disclosed in the Oracle Critical Patch Update of June 2026 and tagged as Information Disclosure / Oracle Property Manager.