CVE-2020-2859

Name of the Vulnerable Software and Affected Versions PeopleSoft Enterprise PeopleTools versions 8.56 through 8.58

Description The issue is related to insufficient access controls in the nVision component of Oracle PeopleSoft Enterprise PeopleTools. It can be exploited by a remote attacker to cause a denial of service via the HTTP protocol. Successful attacks can result in the ability to cause the application to hang or crash repeatedly, leading to a complete denial of service.

Recommendations For versions 8.56 through 8.58, apply the necessary patches or updates to fix the insufficient access controls issue in the nVision component. At the moment, there is no information about a newer version that contains a fix for this vulnerability.