PT-2025-42962 · Oracle · Peoplesoft Enterprise Peopletools+1
Published
2025-10-21
·
Updated
2025-10-21
·
CVE-2025-53065
CVSS v2.0
6.4
Medium
| Vector | AV:N/AC:L/Au:N/C:P/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
Oracle PeopleSoft versions 8.60 through 8.62
Description
An easily exploitable issue exists in the PeopleSoft Enterprise PeopleTools product, specifically within the PIA Core Technology component. An unauthenticated attacker with network access via HTTP can compromise PeopleSoft Enterprise PeopleTools. Successful exploitation requires interaction from a user other than the attacker and can lead to unauthorized data modification, insertion, deletion, or reading of accessible data.
Recommendations
Update PeopleSoft Enterprise PeopleTools version 8.60 to a later version.
Update PeopleSoft Enterprise PeopleTools version 8.61 to a later version.
Update PeopleSoft Enterprise PeopleTools version 8.62 to a later version.
Fix
Out of bounds Read
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Pia Core Technology
Peoplesoft Enterprise Peopletools