PT-2017-11343 · Oracle · Peoplesoft Enterprise Peopletools

Vahagn Vardanyan

Publicado

2017-10-19

Atualizado

2019-10-03

CVE-2017-10366

CVSS v3.1

9.8

Crítica

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions PeopleSoft Enterprise PT PeopleTools versions 8.54 through 8.56

Description The issue allows an unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PT PeopleTools, potentially resulting in a takeover. The attacker can exploit this issue easily.

Recommendations For versions 8.54 through 8.56, update to a version that contains a fix for this issue to prevent exploitation.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2017-10366

Produtos afetados

Peoplesoft Enterprise Peopletools

PT-2017-11343 · Oracle · Peoplesoft Enterprise Peopletools

CVE-2017-10366

Identificadores relacionados

Produtos afetados

Referências · 7