Level 36
Two critical security vulnerabilities discovered in Oracle's E-Business Suite (EBS) could allow potential attackers to take full control over a company's entire enterprise resource planning (ERP) solution.

"Over 21,000 global organizations use Oracle EBS for financial management, customer relationship management (CRM), supply chain management (SCM), human capital management (HCM), logistics, procurement and more," according to Onapsis Research Labs.

Onapsis reported the issues to the Oracle Security Response Team in December 2018 and helped fix the vulnerabilities, with patches released as part of Oracle's April 2019 Critical Patch Update Advisory.