Login Sign Up

CVE-2025-30720

6.1 MEDIUM

📋 TL;DR

This vulnerability in Oracle Configurator allows unauthenticated attackers with network access via HTTP to compromise the system. It requires human interaction (like clicking a link) and can lead to unauthorized data modification and limited data access. Affects Oracle E-Business Suite Configurator versions 12.2.3 through 12.2.14.

💻 Affected Systems

Products:
  • Oracle E-Business Suite Configurator
Versions: 12.2.3-12.2.14
Operating Systems: Any OS running Oracle E-Business Suite
Default Config Vulnerable: ⚠️ Yes
Notes: Requires Oracle Configurator component to be installed and accessible via HTTP.

📦 What is this software?

Configurator by Oracle

View all CVEs affecting Configurator →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attacker gains unauthorized update/insert/delete access to Oracle Configurator data and reads sensitive information, potentially impacting connected systems due to scope change.

🟠

Likely Case

Attacker tricks user into interacting with malicious content, leading to data manipulation within Oracle Configurator and limited data exposure.

🟢

If Mitigated

With proper network segmentation and user awareness, impact is limited to isolated Configurator component with minimal data exposure.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploitation requires human interaction (UI:R in CVSS vector), making it less likely for automated attacks but still dangerous via phishing.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Apply patches from Oracle Critical Patch Update April 2025

Vendor Advisory: https://www.oracle.com/security-alerts/cpuapr2025.html

Restart Required: Yes

Instructions:

1. Download appropriate patches from Oracle Support. 2. Apply patches to affected Oracle E-Business Suite instances. 3. Restart affected services. 4. Test functionality.

🔧 Temporary Workarounds

Network Segmentation

all

Restrict HTTP access to Oracle Configurator to trusted networks only.

Use firewall rules to limit access to Oracle E-Business Suite ports (typically 8000, 443)

User Awareness Training

all

Educate users about phishing risks and not clicking suspicious links.

🧯 If You Can't Patch

  • Implement strict network access controls to limit exposure
  • Monitor for unusual HTTP requests to Oracle Configurator endpoints

🔍 How to Verify

Check if Vulnerable:

Check Oracle E-Business Suite version and Configurator component installation status via Oracle application console.

Check Version:

Check Oracle application version via Oracle application administration tools or database queries specific to your deployment.

Verify Fix Applied:

Verify patch application through Oracle OPatch utility and confirm version is beyond 12.2.14.

📡 Detection & Monitoring

Log Indicators:

  • Unusual HTTP requests to Oracle Configurator endpoints
  • Unauthorized data modification attempts in audit logs

Network Indicators:

  • Suspicious HTTP traffic patterns to Oracle E-Business Suite ports

SIEM Query:

Search for HTTP requests to Oracle Configurator paths from untrusted sources combined with data modification events.

📊 Metadata

CVE ID: CVE-2025-30720
CVSS v3 Score: 6.1 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS Score: 0.17% exploit probability (38.3th percentile)
Published: April 15, 2025
Last Updated: June 27, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON