Summaryinfo

A vulnerability classified as critical has been found in Oracle PeopleSoft Enterprise PeopleTools 8.58/8.59/8.60. Affected is an unknown function of the component Security. This manipulation causes denial of service. This vulnerability is tracked as CVE-2022-45685. The attack is possible to be carried out remotely. No exploit exists.

Detailsinfo

A vulnerability has been found in Oracle PeopleSoft Enterprise PeopleTools 8.58/8.59/8.60 (Enterprise Resource Planning Software) and classified as critical. Affected by this vulnerability is some unknown processing of the component Security. The manipulation with an unknown input leads to a denial of service vulnerability. The CWE definition for the vulnerability is CWE-404. The product does not release or incorrectly releases a resource before it is made available for re-use. As an impact it is known to affect availability.

The weakness was disclosed 04/18/2023 as Oracle Critical Patch Update Advisory - April 2023. It is possible to read the advisory at oracle.com. This vulnerability is known as CVE-2022-45685. The technical details are unknown and an exploit is not publicly available. The attack technique deployed by this issue is T1499 according to MITRE ATT&CK.

A possible mitigation has been published immediately after the disclosure of the vulnerability.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Productinfo

Type

• Enterprise Resource Planning Software

Vendor

• Oracle

Name

• PeopleSoft Enterprise PeopleTools

Version

• 8.58
• 8.59
• 8.60

License

• commercial

Website

• Vendor: https://www.oracle.com

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion