PT-2025-42958 · Oracle · Peoplesoft Enterprise Peopletools+1
Published
2025-10-21
·
Updated
2025-10-21
·
CVE-2025-53061
CVSS v2.0
5.5
Medium
| Vector | AV:N/AC:L/Au:S/C:P/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
Oracle PeopleSoft versions 8.60 through 8.62
Description
A security issue exists within the PeopleSoft Enterprise PeopleTools product, specifically in the PIA Core Technology component. A high-privileged attacker with network access via HTTP can compromise the system. Successful exploitation may lead to unauthorized data modification, insertion, or deletion, as well as unauthorized read access to certain data within PeopleSoft Enterprise PeopleTools. This could significantly impact additional products.
Recommendations
Update PeopleSoft Enterprise PeopleTools version 8.60 to a later version.
Update PeopleSoft Enterprise PeopleTools version 8.61 to a later version.
Update PeopleSoft Enterprise PeopleTools version 8.62 to a later version.
Fix
Improper Access Control
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Peoplesoft
Peoplesoft Enterprise Peopletools