Unrated severityNVD Advisory· Published Oct 14, 2010· Updated Apr 29, 2026

CVE-2010-2404

Description

Unspecified vulnerability in the Oracle iRecruitment component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.2 allows remote authenticated users to affect integrity via unknown vectors related to Account.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Oracle iRecruitment in E-Business Suite 11.5.10.2, 12.0.6, 12.1.2 has an unspecified integrity flaw exploitable by authenticated remote users via unknown vectors related to Account.

Vulnerability

An unspecified vulnerability exists in the Oracle iRecruitment component of Oracle E-Business Suite, affecting versions 11.5.10.2, 12.0.6, and 12.1.2 per the October 2010 Critical Patch Update [1]. The flaw is triggered through unknown vectors related to Account, with no further technical details disclosed in available references [1].

Exploitation

A remote attacker with valid authentication to the affected Oracle E-Business Suite instance can exploit this vulnerability via unknown vectors related to Account [1]. No additional access or special conditions beyond user authentication are specified in the sources.

Impact

Successful exploitation compromises the integrity of the Oracle iRecruitment component; confidentiality and availability are not affected [1]. The attacker may be able to modify data or system behavior within the iRecruitment module, but the exact scope is undisclosed.

Mitigation

Oracle released fixes as part of the October 2010 Critical Patch Update (CPUOct2010). Details are available in the Oracle Critical Patch Update Advisory [1]. Affected users should apply the appropriate patches from Oracle for their E-Business Suite version (11.5.10.2, 12.0.6, or 12.1.2). If patching is not immediately possible, network access controls and strict authentication management are recommended until the patch can be applied.

References

Oracle Updates for Multiple Vulnerabilities | CISA

AI Insight generated on May 24, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

Oracle Corporation/E Business Suite3 versions
cpe:2.3:a:oracle:e-business_suite:11.5.10.2:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:oracle:e-business_suite:11.5.10.2:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:e-business_suite:12.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:e-business_suite:12.1.2:*:*:*:*:*:*:*
Oracle Corporation/Oracle iRecruitmentllm-fuzzy
Range: = 11.5.10.2, 12.0.6, 12.1.2

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.us-cert.gov/cas/techalerts/TA10-287A.htmlnvdUS Government Resource
www.oracle.com/technetwork/topics/security/cpuoct2010-175626.htmlnvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000