N/A

Vulnerability in the Oracle iRecruitment component of Oracle E-Business Suite (subcomponent: Password Reset). Supported versions that are affected are 12.1.1 - 12.1.3 and 12.2.3 - 12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iRecruitment. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle iRecruitment. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).

N/A

N/A

Oracle E-Business Suite iRecruitment组件访问控制错误漏洞

Oracle E-Business Suite（电子商务套件）是美国甲骨文（Oracle）公司的一套全面集成式的全球业务管理软件。该软件提供了客户关系管理、服务管理、财务管理等功能。iRecruitment是其中的一个全周期招聘解决方案组件。 Oracle E-Business Suite 12.1.1版本至12.1.3版本和12.2.3版本至12.2.8版本中的iRecruitment组件的Password Reset子组件存在安全漏洞。攻击者可利用该漏洞造成拒绝服务，影响数据的可用性。

N/A

N/A