CVE-2023-22106

Summary

CVE-2023-22106 is a newly identified vulnerability affecting Oracle E-Business Suite's Enterprise Command Center Framework (component: API). This issue, with a base score of 6.5 (Confidentiality impacts), targets low privileged attackers with network access via HTTP. successful exploitation can grant unauthorized access to critical data or complete access to all Oracle Enterprise Command Center Framework accessible data. Oracle ECC versions 8, 9, and 10 are confirmed to be vulnerable. Attackers can leverage this easily exploitable weakness to compromise the system, posing a significant risk to organizational security.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.