HarborGuardharborguardDatabase
Back to search
HIGHCVE-2026-46922Published Modified CNA oracle

CVE-2026-46922: Vulnerability in the Oracle HR Intelligence product of Oracle E-Business Suite (component: Internal Operations)

Vulnerability in the Oracle HR Intelligence product of Oracle E-Business Suite (component: Internal Operations). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle HR Intelligence. Successful attacks of this vulnerability can result in takeover of Oracle HR Intelligence. CVSS 3.1 Base Score 7.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).

Metrics

CVSS v3.1
7.2
Severity
HIGH
Fixed in
Affected Products
1

Get notified

Email me when this CVE is updated: new fix versions, severity changes, or any record change.

HarborGuard Analysis

Synopsis

A high-severity vulnerability exists in the Internal Operations component of Oracle HR Intelligence, part of Oracle E-Business Suite versions 12.2.3 through 12.2.15. The flaw is reachable over the network via HTTP and requires a high-privileged account to exploit, with no victim interaction needed. Successful exploitation gives an attacker full control over the Oracle HR Intelligence instance, impacting confidentiality, integrity, and availability. No fix version has been published; HarborGuard tracks the advisory and will make a patched rebuild available as soon as Oracle ships an upstream fix.

HarborGuard Coverage

Detection

Detection is available across every HarborGuard environment: CVE-2026-46922 is ingested from upstream advisory feeds within minutes of publication and matched against all customer images, including custom-built images derived from Oracle E-Business Suite base layers. Any image containing Oracle HR Intelligence versions 12.2.3 through 12.2.15 is flagged automatically.

Available
Triage

HarborGuard scores this CVE at 7.2 HIGH using the CVSS 3.1 base score and weights findings against each customer environment's compliance policy to prioritize accordingly. Findings are routed to the appropriate team inbox within each customer organization based on configured ownership rules.

Available
Patch

Because no upstream fix has been published for CVE-2026-46922, HarborGuard re-checks the Oracle advisory on every ingest cycle and will make a patched-image rebuild available the moment Oracle releases a corrected version. In the interim, customers can apply compensating controls through HarborGuard's network policy recommendations described below.

Pending upstream

Exploit Conditions

  • Network reachabilityRequired

    The attacker must reach the Oracle HR Intelligence service over the network via HTTP; there is no local or physical access requirement.

  • AuthenticationRequired

    A high-privileged account (such as an administrative or privileged application user) is required before the attack can proceed.

  • Victim interactionNot required

    No user interaction is needed; the attacker can carry out the exploit entirely without involving another person.

  • Attack complexityDetail

    Attack complexity is low, meaning the exploit is reliable and requires no special preconditions, race conditions, or environmental setup.

Blast Radius

  • A successful attacker reads all data held by Oracle HR Intelligence, including employee records, compensation data, and HR operational data.
  • The attacker can modify or delete persisted HR records, corrupting data integrity across the affected E-Business Suite instance.
  • The attacker can crash or render the Oracle HR Intelligence service unavailable, disrupting HR operations for all users of the instance.
  • The combined confidentiality, integrity, and availability impact constitutes a full takeover of the affected component.

How HarborGuard Handles This

Available on HarborGuard: CVE-2026-46922 is actively monitored with no upstream fix currently published by Oracle. HarborGuard re-evaluates the advisory on every ingest cycle and will trigger a patched-image rebuild automatically the moment Oracle publishes a corrected version; customers with auto-remediation enabled will receive the rebuild, a regression-test run, and a PR opened against affected workloads without manual intervention. While no patch is available, compensating controls are recommended: apply network-policy isolation to restrict HTTP access to the Oracle HR Intelligence component to only known, trusted IP ranges; enforce egress filtering on containers running the affected versions to limit lateral movement if a compromise occurs; and review whether administrative accounts with access to the Internal Operations component can be further restricted or monitored via privileged access management tooling. HarborGuard will surface a notification to affected environments as soon as patch availability changes.

See how HarborGuard automates this
Affected packages
  • Oracle Corporation / Oracle HR Intelligence
    ≤ 12.2.15
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
References