216.73.216.6

CVE-2026-34275

· Published 21/04/2026 21:16 · Modified 22/04/2026 21:24

Labels: CVE-2026-34275 2026-04-21CVE-2026-34275CWE-306[email protected]

Essential information

Published
21/04/2026 21:16
Modified
22/04/2026 21:24
Author
Creator
CVSS
9.8 CRITICAL (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS metrics

Description

Vulnerability in the Oracle Advanced Inbound Telephony product of Oracle E-Business Suite (component: Setup and Administration). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Advanced Inbound Telephony. Successful attacks of this vulnerability can result in takeover of Oracle Advanced Inbound Telephony. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

NVD status

Status
Undergoing Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
oracle / oracle e-business suite cpe:2.3:a:oracle:oracle_e-business_suite:12.2.3-12.2.15:*:*:*:*:*:*:*
oracle / advanced inbound telephony cpe:2.3:a:oracle:advanced_inbound_telephony:12.2.3-12.2.15:*:*:*:*:*:*:*

References