CVE-2019-2594

Name of the Vulnerable Software and Affected Versions PeopleSoft Enterprise PT PeopleTools versions 8.55 through 8.57

Description The issue is related to inadequate access control in the Application Server subcomponent of PeopleSoft Enterprise PT PeopleTools, part of Oracle PeopleSoft Products. This allows a remote attacker to potentially modify, add, or delete data using the HTTP protocol. The vulnerability can be exploited by a low-privileged attacker with network access, potentially leading to unauthorized access to critical data or all accessible data within PeopleSoft Enterprise PT PeopleTools.

Recommendations For versions 8.55 through 8.57, update to a version that includes the fix for this issue to prevent unauthorized access and data modification. At the moment, there is no information about a newer version that contains a fix for this vulnerability.