{"id":59560,"date":"2025-07-22T10:34:26","date_gmt":"2025-07-22T10:34:26","guid":{"rendered":""},"modified":"2025-10-20T15:23:16","modified_gmt":"2025-10-20T21:23:16","slug":"cve-2025-50105-critical-vulnerability-in-oracle-universal-work-queue-allowing-unauthorized-data-access","status":"publish","type":"post","link":"https:\/\/www.ameeba.com\/blog\/cve-2025-50105-critical-vulnerability-in-oracle-universal-work-queue-allowing-unauthorized-data-access\/","title":{"rendered":"CVE-2025-50105: Critical Vulnerability in Oracle Universal Work Queue Allowing Unauthorized Data Access<\/strong>"},"content":{"rendered":"

Overview<\/strong><\/p>\n

The cyber world is constantly plagued by vulnerabilities that could potentially lead to significant security breaches. One such recent discovery is the CVE-2025-50105, a vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite. The affected versions are from 12.2.3 to 12.2.14.
\nThe vulnerability matters significantly due to its high severity and potential<\/a> impact. It allows a low privileged attacker with network access<\/a> via HTTP to compromise Oracle Universal Work Queue. Successful exploitation can lead to unauthorized<\/a> creation, deletion, or modification access to critical data, making it a significant concern for businesses relying on Oracle E-Business Suite.<\/p>\n

Vulnerability Summary<\/strong><\/p>\n

CVE ID: CVE-2025-50105
\nSeverity: High (8.1 CVSS Score)
\nAttack Vector: Network via HTTP
\nPrivileges Required: Low
\nUser Interaction: None
\nImpact: Unauthorized creation, deletion, or modification access to critical data or complete access to Oracle<\/a> Universal Work Queue accessible data.<\/p>\n

Affected Products<\/strong><\/p>

\r\n

\r\n \r\n \"Ameeba\r\n <\/a>\r\n A new way to communicate\r\n <\/h2>\r\n\r\n

\r\n Ameeba Chat is built on encrypted identity, not personal profiles.\r\n <\/p>\r\n\r\n

\r\n Message, call, share files, and coordinate with identities kept separate.\r\n <\/p>\r\n\r\n