CVE-2022-21587
Oracle E-Business Suite Unspecified Vulnerability
CVSS
—
No CVSS
EPSS
98.3%
p100
KEV
YES
Feb 2, 2023
Exploit Today
80
0-100
Published: — · Last modified: —
98.3%EPSS · 30 days98.3%
2026-06-302026-07-16
Product
Oracle / E-Business Suite
Vulnerability
Oracle E-Business Suite Unspecified Vulnerability
Added to KEV
Feb 2, 2023
Remediate by
Feb 23, 2023
Known ransomware use
Yes
Summary description
Oracle E-Business Suite contains an unspecified vulnerability that allows an unauthenticated attacker with network access via HTTP to compromise Oracle Web Applications Desktop Integrator.
Required action
Apply updates per vendor instructions.
Notes
https://www.oracle.com/security-alerts/cpuoct2022.html; https://nvd.nist.gov/vuln/detail/CVE-2022-21587
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2025-61882—100.0%
KEV—80Oracle E-Business Suite Unspecified Vulnerability—CVE-2025-61884—99.9%
KEV—80Oracle E-Business Suite Server-Side Request Forgery (SSRF) Vulnerability—CVE-2026-468179.8 CRI60.3%
KEV—68Oracle E-Business Suite Improper Privilege Management Vulnerability18h