A vulnerability exists in the Oracle Configurator product of Oracle E-Business Suite (component: Runtime UI). Supported versions affected are 12.2.3-12.2.14. This easily exploitable vulnerability allows an unauthenticated attacker with network access via HTTP to compromise Oracle Configurator, potentially resulting in unauthorized access to critical data or complete access to all available data. For more information, visit [NIST NVD](https://nvd.nist.gov/vuln/detail/CVE-2025-61884) and [MITRE CVE](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61884).
CVE-2025-61884
🟠High
CVE-2025-61884: Vulnerability in Oracle Configurator
CVE-2025-61884 is a vulnerability in Oracle Configurator affecting versions 12.2.3-12.2.14, allowing unauthorized access to data. CVSS 7.5.
CVE ID
CVE-2025-61884
CVSS Score
7.5
Vendor
unknown
Published
Oct 12
Vulnerability Details
- CVE ID
- CVE-2025-61884
- Severity
- High
- CVSS v3 Score
- 7.5 / 10.0
- Affected Vendor
- unknown
- Publication Date
- October 12, 2025
External Resources
Need Help?
Protect your infrastructure with our comprehensive security scanning tools.
Explore Security Scanners