CVE-2018-3301 in PeopleSoft Enterprise PeopleToolsinfo

Zusammenfassung

von MITRE

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: PIA Core Technology). Supported versions that are affected are 8.55 and 8.56. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in PeopleSoft Enterprise PeopleTools, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of PeopleSoft Enterprise PeopleTools accessible data as well as unauthorized read access to a subset of PeopleSoft Enterprise PeopleTools accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Reservieren

15.12.2017

Veröffentlichung

16.10.2018

Moderieren

akzeptiert

Eintrag

VDB-125577

CPE

bereit

EPSS

0.00463

KEV

nein

Aktivitäten

very low

Sektor

Hospital, Telecommunication, ...

Quellen

MITREhttps://www.cve.org/CVERecord?id=CVE-2018-3301
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2018-3301
CVE Detailshttps://www.cvedetails.com/cve/CVE-2018-3301/

ZurückÜbersichtWeiter

Want to stay up to date on a daily basis?

Enable the mail alert feature now!