CVE-2019-2700

Name of the Vulnerable Software and Affected Versions PeopleSoft Enterprise ELM version 9.2

Description The issue is related to inadequate access control in the Enterprise Learning Mgmt component of PeopleSoft Enterprise ELM. This can be exploited by a remote attacker to gain unauthorized access to protected information using the HTTP protocol. Successful attacks may result in unauthorized update, insert, or delete access to some accessible data.

Recommendations For version 9.2, apply the necessary security patches to fix the inadequate access control issue. As a temporary workaround, consider restricting access to the Enterprise Learning Mgmt component until a patch is available.