CVE Vulnerabilities

CVE-2023-21916

Published: Apr 18, 2023 | Modified: Apr 19, 2023
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Web Server). Supported versions that are affected are 8.58, 8.59 and 8.60. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks of this vulnerability can result in unauthorized read access to a subset of PeopleSoft Enterprise PeopleTools accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).

Affected Software

Name Vendor Start Version End Version
Peoplesoft_enterprise_peopletools Oracle 8.58 (including) 8.58 (including)
Peoplesoft_enterprise_peopletools Oracle 8.59 (including) 8.59 (including)
Peoplesoft_enterprise_peopletools Oracle 8.60 (including) 8.60 (including)

References