New Oracle E-Business Suite Bug Could Let Hackers Access Data Without Login
Oracle warns of CVE-2025-61884 flaw in E-Business Suite enabling unauthorized data access.
Oracle issued a security alert warning of a fresh security flaw impacting its E-Business Suite that could allow unauthorized access to sensitive data.
The vulnerability, tracked as CVE-2025-61884, carries a CVSS score of 7.5, indicating high severity. It affects versions from 12.2.3 through 12.2.14.
"Easily exploitable vulnerability allows an unauthenticated attacker with network access via HTTP to compromise Oracle Configurator,"
according to a description of the flaw in the NIST's National Vulnerability Database (NVD). Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Configurator accessible data.
In a standalone alert, Oracle said the flaw is remotely exploitable without requiring any authentication, making it crucial that users apply the update as soon as possible.
Author's summary: Oracle E-Business Suite bug allows unauthorized data access.
More News
- TVA faces nuclear outage crisis - Nuclear Engineering International
- Johns Hopkins leaders strike hopeful notes for region's future
- Hamad Port achieves new Guinness World Records for world's largest mangrove relocation project
- Robert Irwin breaks down after 'DWTS' dance dedication to mom Terri: "A weight lifted"
- Local family-friendly Halloween events through Oct. 31
- Soma Sando, the Japanese sandwich restaurant Paris 6th arrondissement
- Eight boujee venues in Canberra to book for your next birthday celebration | HerCanberra
- Photo of person taped to bin is performance art, and nothing to do with ‘Antifa’ – Full Fact
- Brendan Gallagher: Furious little bull who was as hard as nails
- Bob Ross paintings to hit auction block as fundraiser for APT’s Create