What is the severity of CVE-2017-3547?

CVE-2017-3547 is considered an easily exploitable vulnerability that can be compromised by unauthenticated attackers with network access via HTTP.

How do I fix CVE-2017-3547?

To fix CVE-2017-3547, you should apply the latest patches and updates provided by Oracle for your PeopleSoft Enterprise PeopleTools version.

Which versions are affected by CVE-2017-3547?

CVE-2017-3547 affects PeopleSoft Enterprise PeopleTools versions 8.54 and 8.55.

Who can exploit CVE-2017-3547?

CVE-2017-3547 can be exploited by any unauthenticated attacker who has network access to the affected application.

What is the impact of CVE-2017-3547?

The impact of CVE-2017-3547 can result in unauthorized access and potential compromise of sensitive information within the affected PeopleSoft application.

Vulnerability/
CVE-2017-3547

high

7.4

CWE

24/4/2017

7/10/2024

CVE-2017-3547

First published: Mon Apr 24 2017(Updated: )

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: MultiChannel Framework). Supported versions that are affected are 8.54 and 8.55. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in PeopleSoft Enterprise PeopleTools, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all PeopleSoft Enterprise PeopleTools accessible data. CVSS 3.0 Base Score 7.4 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N).

Credit: secalert_us@oracle.com

Affected Software	Affected Version	How to fix
Oracle Peoplesoft Enterprise Campus Software Campus Community	=8.54
Oracle Peoplesoft Enterprise Campus Software Campus Community	=8.55

Remedy

http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2017-3547?
CVE-2017-3547 is considered an easily exploitable vulnerability that can be compromised by unauthenticated attackers with network access via HTTP.
How do I fix CVE-2017-3547?
To fix CVE-2017-3547, you should apply the latest patches and updates provided by Oracle for your PeopleSoft Enterprise PeopleTools version.
Which versions are affected by CVE-2017-3547?
CVE-2017-3547 affects PeopleSoft Enterprise PeopleTools versions 8.54 and 8.55.
Who can exploit CVE-2017-3547?
CVE-2017-3547 can be exploited by any unauthenticated attacker who has network access to the affected application.
What is the impact of CVE-2017-3547?
The impact of CVE-2017-3547 can result in unauthorized access and potential compromise of sensitive information within the affected PeopleSoft application.

agent/references
agent/type
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/weakness
agent/author
agent/severity
agent/remedy
agent/first-publish-date
agent/event
agent/description
agent/source
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/oracle
canonical/oracle peoplesoft enterprise campus software campus community
version/oracle peoplesoft enterprise campus software campus community/8.54
version/oracle peoplesoft enterprise campus software campus community/8.55