Oracle on Saturday issued a security alert warning of a fresh security flaw impacting its E-Business Suite that it said could allow unauthorized access to sensitive data.

The vulnerability, tracked as CVE-2025-61884 , carries a CVSS score of 7.5, indicating high severity. It affects versions from 12.2.3 through 12.2.14.

"Easily exploitable vulnerability allows an unauthenticated attacker with network access via HTTP to compromise Oracle Configurator," according to a description of the flaw in the NIST's National Vulnerability Database (NVD). "Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Configurator accessible data."

In a standalone alert, Oracle said the flaw is remotely exploitable without requiring

See Full Page