CVE-2021-2455

Name of the Vulnerable Software and Affected Versions PeopleSoft Enterprise HCM Shared Components version 9.2

Description The issue is related to insufficient input validation in the Person Search component. It allows a high-privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise HCM Shared Components. Successful attacks can result in unauthorized creation, deletion, or modification access to critical data or all accessible data, as well as unauthorized access to critical data.

Recommendations For version 9.2, update to a version that includes the fix for this issue, as the current version is easily exploitable and can lead to significant data compromise. At the moment, there is no information about a newer version that contains a fix for this vulnerability.