Shortly after the proof-of-concept (PoC) code was published, Exploitation attempts targeting a critical-severity Oracle E-Business Suite vulnerability have been observed.
The E-Business Suite, one of the main Oracle product lines, is a collection of business applications that assist organizations in automating tasks like customer relationship management (CRM), enterprise resource planning (ERP), and supply chain management (CRM). The exploited vulnerability was discovered in Oracle’s enterprise product’s Web Applications Desktop Integrator and fixed as part of the company’s October 2022 Critical Patch Update under the tracking number CVE-2022-21587 (CVSS score of 9.8).
A NIST advisory states that unauthenticated attackers with network access via HTTP can quickly take advantage of the security flaw to infiltrate and take control of the Web Applications Desktop Integrator.
Read More: Exploitation of Oracle E-Business Suite Vulnerability Starts After PoC Publication
For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.