Oracle PeopleSoft Enterprise SCM eProcurement 9.2 Manage Requisition Status ثغرات غير معروفة

مجال23/04/2021 06:4026/04/2021 14:0826/04/2021 14:09
vendorOracleOracleOracle
namePeopleSoft Enterprise SCM eProcurementPeopleSoft Enterprise SCM eProcurementPeopleSoft Enterprise SCM eProcurement
cveCVE-2021-2220CVE-2021-2220CVE-2021-2220
componentManage Requisition StatusManage Requisition StatusManage Requisition Status
risk222
cvss3_vuldb_avNNN
cvss3_vuldb_acLLL
cvss3_vuldb_prLLL
cvss3_vuldb_uiNNN
cvss3_vuldb_sUUU
cvss3_vuldb_cLLL
cvss3_vuldb_iLLL
cvss3_vuldb_aNNN
cvss3_vuldb_rcCCC
cvss3_vuldb_rlOOO
version9.29.29.2
urlhttps://www.oracle.com/security-alerts/cpuapr2021.htmlhttps://www.oracle.com/security-alerts/cpuapr2021.htmlhttps://www.oracle.com/security-alerts/cpuapr2021.html
date1618956000 (21/04/2021)1618956000 (21/04/2021)1618956000 (21/04/2021)
date1618956000 (21/04/2021)1618956000 (21/04/2021)1618956000 (21/04/2021)
identifierOracle Critical Patch Update Advisory - April 2021Oracle Critical Patch Update Advisory - April 2021Oracle Critical Patch Update Advisory - April 2021
nameUpgradeUpgradeUpgrade
typeEnterprise Resource Planning SoftwareEnterprise Resource Planning SoftwareEnterprise Resource Planning Software
cvss2_vuldb_avNNN
cvss2_vuldb_acLLL
cvss2_vuldb_ciPPP
cvss2_vuldb_iiPPP
cvss2_vuldb_aiNNN
cvss2_vuldb_rcCCC
cvss2_vuldb_rlOFOFOF
cvss2_vuldb_auSSS
cvss2_vuldb_eNDNDND
cvss3_vuldb_eXXX
cvss2_vuldb_basescore5.55.55.5
cvss2_vuldb_tempscore5.54.84.8
cvss3_vuldb_basescore5.45.45.4
cvss3_vuldb_tempscore5.45.25.2
cvss3_meta_basescore5.45.45.4
cvss3_meta_tempscore5.45.25.2
price_0day$5k-$25k$5k-$25k$5k-$25k
cve_assigned1607468400 (09/12/2020)1607468400 (09/12/2020)
cve_nvd_summaryVulnerability in the PeopleSoft Enterprise SCM eProcurement product of Oracle PeopleSoft (component: Manage Requisition Status). The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise SCM eProcurement. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of PeopleSoft Enterprise SCM eProcurement accessible data as well as unauthorized read access to a subset of PeopleSoft Enterprise SCM eProcurement accessible data. CVSS 3.1 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N).Vulnerability in the PeopleSoft Enterprise SCM eProcurement product of Oracle PeopleSoft (component: Manage Requisition Status). The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise SCM eProcurement. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of PeopleSoft Enterprise SCM eProcurement accessible data as well as unauthorized read access to a subset of PeopleSoft Enterprise SCM eProcurement accessible data. CVSS 3.1 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N).
cve_cnaOracle

Do you know our Splunk app?

Download it now for free!