Cyber Resilience

CVE-2025-50105

High

Published: 15 July 2025

Published
15 July 2025
Modified
24 July 2025
KEV Added
Patch
CVSS Score v3.1 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
EPSS Score 0.0040 60.9th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-50105 is a high-severity Improper Access Control (CWE-284) vulnerability in Oracle Universal Work Queue. Its CVSS base score is 8.1 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 39.1% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2025-50105 is a vulnerability in the Oracle Universal Work Queue product, which is part of Oracle E-Business Suite, specifically affecting the Work Provider Administration component. Supported versions impacted by this issue range from 12.2.3 to 12.2.14. The vulnerability is easily exploitable and has a CVSS 3.1 Base Score of 8.1, with impacts on confidentiality and integrity but not availability. The CVSS vector is (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N), and it is associated with CWE-284 (Improper Access Control).

A low privileged attacker with network access via HTTP can exploit this vulnerability to compromise Oracle Universal Work Queue. Successful exploitation enables unauthorized creation, deletion, or modification of critical data or all data accessible by Oracle Universal Work Queue, as well as unauthorized access to critical data or complete access to all Oracle Universal Work Queue accessible data.

Oracle's Critical Patch Update for July 2025, detailed at https://www.oracle.com/security-alerts/cpujul2025.html, provides information on patches and mitigation steps for this vulnerability.

EU & UK References

Vulnerability details

Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite (component: Work Provider Administration). Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Universal Work…

more

Queue. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Universal Work Queue accessible data as well as unauthorized access to critical data or complete access to all Oracle Universal Work Queue accessible data. CVSS 3.1 Base Score 8.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N).

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

Direct network-exploitable improper access control in a public-facing Oracle E-Business Suite web component enabling unauthorized data access and modification.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2026-46824Same product: Oracle Universal Work Queue
CVE-2026-46839Same vendor: Oracle
CVE-2026-34291Same vendor: Oracle
CVE-2026-46822Same vendor: Oracle
CVE-2026-22010Same vendor: Oracle
CVE-2026-21962Same vendor: Oracle
CVE-2026-35229Same vendor: Oracle
CVE-2026-21997Same vendor: Oracle
CVE-2026-46821Same vendor: Oracle
CVE-2025-50060Same vendor: Oracle

Affected Assets

oracle
universal work queue
12.2.3 — 12.2.14

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Enforces approved authorizations for logical access, directly preventing unauthorized creation, deletion, modification, and access to critical data due to improper access control in the Work Provider Administration component.

prevent

Requires timely identification, reporting, and correction of the specific flaw via Oracle's Critical Patch Update, comprehensively mitigating the vulnerability.

prevent

Limits damage from low-privileged attackers by ensuring only minimal authorized accesses necessary for tasks, reducing exploitation impact on critical data.

References