Skip to content
Threat Feed
medium advisory

CVE-2026-46823 - Oracle Public Sector Financials (International) Unauthorized Data Access

CVE-2026-46823 is an easily exploitable vulnerability in Oracle Public Sector Financials (International) versions 12.2.6-12.2.15, allowing a low privileged attacker with network access via HTTPS to gain unauthorized access to critical data or complete access to all accessible data, potentially impacting additional products.

CVE-2026-46823 is a vulnerability affecting the Authorization component of Oracle Public Sector Financials (International) within Oracle E-Business Suite. The vulnerability impacts versions 12.2.6 through 12.2.15. A low-privileged attacker with network access via HTTPS can exploit this vulnerability to gain unauthorized access to sensitive data. While the vulnerability resides in Oracle Public Sector Financials (International), successful exploitation may significantly impact other Oracle products. This can lead to unauthorized access to critical data or complete access to all Oracle Public Sector Financials (International) accessible data.

Attack Chain

  1. Attacker gains network access to the target Oracle E-Business Suite instance via HTTPS.
  2. Attacker authenticates to the Oracle E-Business Suite with low-privileged credentials.
  3. Attacker crafts a malicious HTTPS request targeting the vulnerable Authorization component within Oracle Public Sector Financials (International).
  4. The crafted request bypasses authorization checks due to the vulnerability in the Authorization component.
  5. The application processes the malicious request without proper authorization, allowing the attacker to access restricted data.
  6. Attacker gains unauthorized read access to sensitive data within Oracle Public Sector Financials (International).
  7. The attacker may leverage this initial access to pivot and compromise other related Oracle products due to the scope change impact.
  8. Attacker exfiltrates sensitive data or uses the unauthorized access to perform other malicious activities within the compromised system.

Impact

Successful exploitation of CVE-2026-46823 can result in unauthorized access to critical data or complete access to all data accessible within Oracle Public Sector Financials (International). While the vulnerability exists within this specific component, the impact may extend to other Oracle products integrated with the E-Business Suite. This could lead to a significant breach of confidentiality, potentially exposing financial records, sensitive government data, or other confidential information.

Recommendation

  • Apply the Oracle patch for CVE-2026-46823 to remediate the vulnerability in Oracle Public Sector Financials (International).
  • Deploy the Sigma rule “Detect CVE-2026-46823 Exploitation Attempt - Malicious URI Access” to monitor for exploitation attempts targeting the vulnerable component.
  • Review and restrict network access to the Oracle E-Business Suite instance, limiting access to authorized users and systems to mitigate the risk of unauthorized access.

Detection coverage 1

Detect CVE-2026-46823 Exploitation Attempt - Malicious URI Access

medium

Detects CVE-2026-46823 exploitation attempt - suspicious URI access to Oracle Public Sector Financials (International)

sigma tactics: initial_access techniques: T1190 sources: webserver

Detection queries are available on the platform. Get full rules →