Unspecified vulnerability in the Oracle Mobile Application Servlet component in Oracle E-Business Suite 12.1 and 12.2 allows local users to affect confidentiality via vectors related to MWA Server Manager.