Vulnerability in the Oracle Payments product of Oracle E-Business Suite (component: File Transmission). Supported versions that are affected are 12.2.3-12.2.15…

Critical vulnerability in Oracle Payments component of Oracle E-Business Suite affecting File Transmission functionality. Affects versions 12.2.3-12.2.15. Allows unauthenticated attackers with network access via HTTP to completely compromise Oracle Payments. CVSS score of 9.8 indicates maximum impact on confidentiality, integrity, and availability. The vulnerability is easily exploitable and can result in complete system takeover. No user interaction required for exploitation. Attack vector is network-based with low attack complexity.