First published: Wed Oct 16 2019(Updated: )
Vulnerability in the PeopleSoft Enterprise HCM Human Resources product of Oracle PeopleSoft (component: US Federal Specific). The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise HCM Human Resources. Successful attacks of this vulnerability can result in unauthorized read access to a subset of PeopleSoft Enterprise HCM Human Resources accessible data. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).
Credit: secalert_us@oracle.com
Affected Software | Affected Version | How to fix |
---|---|---|
Oracle Peoplesoft Enterprise Human Capital Management Human Resources | =9.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2019-2951.
The severity of CVE-2019-2951 is medium with a severity value of 4.3.
The PeopleSoft Enterprise HCM Human Resources product of Oracle PeopleSoft version 9.2 is affected by CVE-2019-2951.
An attacker with low privileges and network access via HTTP can easily exploit CVE-2019-2951.
More information about CVE-2019-2951 can be found at the following reference link: [http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html](http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html)