Oracle PeopleSoft Enterprise PeopleTools 8.56/8.57/8.58 Multichannel Framework vulnerabilità sconosciuta

In Oracle PeopleSoft Enterprise PeopleTools 8.56/8.57/8.58 (Enterprise Resource Planning Software) stata rilevata una vulnerabilità di livello critico. Interessato da questa vulnerabilità è una funzione sconosciuta del componente Multichannel Framework. L'aggiornamento elimina questa vulnerabilità. Una possibile soluzione è stata pubblicata immediatamente dopo la pubblicazione della vulnerabilità.

Sequenza temporale

Utente

130
022

Campo

vulnerability_cvss3_meta_tempscore2
vulnerability_cvss3_vuldb_tempscore2
vulnerability_cvss2_vuldb_tempscore2
vulnerability_cvss2_nvd_basescore1
source_cve_cna1

Commit Conf

90%33
50%10
70%9

Approve Conf

90%33
80%10
70%9
IDImpegnatoUtenteCampoModificareOsservazioniAccettatoMotivoC
1118338526/04/2021VulD...cvss2_nvd_basescore5.8nist.gov26/04/2021accettato
90
1118338426/04/2021VulD...cve_cnaOraclenvd.nist.gov26/04/2021accettato
70
1118338326/04/2021VulD...cvss2_nvd_aiNnvd.nist.gov26/04/2021accettato
70
1118338226/04/2021VulD...cvss2_nvd_iiPnvd.nist.gov26/04/2021accettato
70
1118338126/04/2021VulD...cvss2_nvd_ciPnvd.nist.gov26/04/2021accettato
70
1118338026/04/2021VulD...cvss2_nvd_auNnvd.nist.gov26/04/2021accettato
70
1118337926/04/2021VulD...cvss2_nvd_acMnvd.nist.gov26/04/2021accettato
70
1118337826/04/2021VulD...cvss2_nvd_avNnvd.nist.gov26/04/2021accettato
70
1118337726/04/2021VulD...cvss3_meta_tempscore5.8see CVSS documentation26/04/2021accettato
90
1118337626/04/2021VulD...cvss3_vuldb_tempscore5.8see CVSS documentation26/04/2021accettato
90
1118337526/04/2021VulD...cvss2_vuldb_tempscore5.6see CVSS documentation26/04/2021accettato
90
1118337426/04/2021VulD...cve_nvd_summaryVulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Multichannel Framework). Supported versions that are affected are 8.56, 8.57 and 8.58. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in PeopleSoft Enterprise PeopleTools, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of PeopleSoft Enterprise PeopleTools accessible data as well as unauthorized read access to a subset of PeopleSoft Enterprise PeopleTools accessible data. CVSS 3.1 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).cve.mitre.org26/04/2021accettato
70
1118337326/04/2021VulD...cve_assigned1607468400 (09/12/2020)cve.mitre.org26/04/2021accettato
70
1116924223/04/2021VulD...price_0day$5k-$25ksee exploit price documentation23/04/2021accettato
90
1116924123/04/2021VulD...cvss3_meta_tempscore6.1see CVSS documentation23/04/2021accettato
90
1116924023/04/2021VulD...cvss3_meta_basescore6.1see CVSS documentation23/04/2021accettato
90
1116923923/04/2021VulD...cvss3_vuldb_tempscore6.1see CVSS documentation23/04/2021accettato
90
1116923823/04/2021VulD...cvss3_vuldb_basescore6.1see CVSS documentation23/04/2021accettato
90
1116923723/04/2021VulD...cvss2_vuldb_tempscore6.4see CVSS documentation23/04/2021accettato
90
1116923623/04/2021VulD...cvss2_vuldb_basescore6.4see CVSS documentation23/04/2021accettato
90

32 non vengono visualizzate più voci

Do you want to use VulDB in your project?

Use the official API to access entries easily!