PT-2017-11339 · Oracle · Peoplesoft Enterprise Peopletools
Publicado
2017-10-19
·
Atualizado
2019-10-03
·
CVE-2017-10362
CVSS v3.1
7.2
Alta
| Vetor | AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:L |
Name of the Vulnerable Software and Affected Versions
Oracle PeopleSoft Products version 8.54
Oracle PeopleSoft Products version 8.55
Oracle PeopleSoft Products version 8.56
Description
The issue allows an unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools, potentially impacting additional products. Successful attacks can result in unauthorized read access to a subset of PeopleSoft Enterprise PeopleTools accessible data and unauthorized ability to cause a partial denial of service of PeopleSoft Enterprise PeopleTools.
Recommendations
For version 8.54, update to a fixed version to mitigate the risk.
For version 8.55, update to a fixed version to mitigate the risk.
For version 8.56, update to a fixed version to mitigate the risk.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Peoplesoft Enterprise Peopletools