PT-2011-1565 · Oracle · Peoplesoft Enterprise Hcm

Published

2011-01-19

Updated

2017-08-17

CVE-2010-4461

CVSS v2.0

5.5

Medium

Vector

AV:N/AC:L/Au:S/C:P/I:P/A:N

Name of the Vulnerable Software and Affected Versions PeopleSoft Enterprise HRMS versions 8.9 Bundle #23, 9.0 Bundle #14, 9.1 Bundle #4

Description The issue affects confidentiality and integrity, allowing remote authenticated users to exploit it via unknown vectors related to ePerformance.

Recommendations For versions 8.9 Bundle #23, 9.0 Bundle #14, and 9.1 Bundle #4, consider restricting access to the ePerformance component until a fix is available. As a temporary workaround, limit the functionality of ePerformance to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2010-4461

Affected Products

Peoplesoft Enterprise Hcm

PT-2011-1565 · Oracle · Peoplesoft Enterprise Hcm

CVE-2010-4461

Related Identifiers

Affected Products

References · 8