N/A

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Navigation Pages, Portal, Query). Supported versions that are affected are 8.58 and 8.59. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in PeopleSoft Enterprise PeopleTools, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of PeopleSoft Enterprise PeopleTools accessible data as well as unauthorized read access to a subset of PeopleSoft Enterprise PeopleTools accessible data. CVSS 3.1 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

N/A

Oracle PeopleSoft Products产品输入验证错误漏洞

Oracle PeopleSoft Products是美国甲骨文（Oracle）公司的一套企业人力资本管理解决方案。该产品提供了人力资本管理、财务管理、供应商关系管理等功能。 Oracle PeopleSoft Products存在安全漏洞，该漏洞允许未经身份验证的攻击者通过 HTTP 访问网络来破坏 PeopleSoft Enterprise PeopleTools。成功攻击此漏洞可能导致对部分 PeopleSoft Enterprise PeopleTools 可访问数据的未经授权的更新、插入或删除访

N/A

N/A