{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-15T04:33:16.357","vulnerabilities":[{"cve":{"id":"CVE-2025-30716","sourceIdentifier":"secalert_us@oracle.com","published":"2025-04-15T21:16:01.193","lastModified":"2025-04-21T19:55:07.253","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle Common Applications product of Oracle E-Business Suite (component: CRM User Management Framework).  Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Common Applications.  Successful attacks of this vulnerability can result in  unauthorized access to critical data or complete access to all Oracle Common Applications accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality impacts).  CVSS Vector: (CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:N\/A:N)."},{"lang":"es","value":"Vulnerabilidad en Oracle Common Applications de Oracle E-Business Suite (componente: CRM User Management Framework). Las versiones compatibles afectadas son la 12.2.3-12.2.14. Esta vulnerabilidad, fácilmente explotable, permite a un atacante no autenticado con acceso a la red vía HTTP comprometer Oracle Common Applications. Los ataques con éxito de esta vulnerabilidad pueden resultar en el acceso no autorizado a datos críticos o en el acceso completo a todos los datos accesibles de Oracle Common Applications. Puntuación base de CVSS 3.1: 7.5 (Afecta a la confidencialidad). Vector CVSS: (CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:N\/A:N)."}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:N\/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:common_applications:*:*:*:*:*:*:*:*","versionStartIncluding":"12.2.3","versionEndIncluding":"12.2.14","matchCriteriaId":"0A728EDA-EBBF-4480-951E-0B0A10D049D2"}]}]}],"references":[{"url":"https:\/\/www.oracle.com\/security-alerts\/cpuapr2025.html","source":"secalert_us@oracle.com","tags":["Patch","Vendor Advisory"]}]}}]}