What is the severity of CVE-2021-2219?

CVE-2021-2219 is rated as a high severity vulnerability due to the potential for exploitation by low privileged attackers with network access.

How do I fix CVE-2021-2219?

To fix CVE-2021-2219, it is recommended to apply the latest patches provided by Oracle for affected versions 8.56, 8.57, and 8.58 of PeopleSoft Enterprise PeopleTools.

Who is affected by CVE-2021-2219?

CVE-2021-2219 affects users of Oracle PeopleSoft Enterprise PeopleTools versions 8.56, 8.57, and 8.58.

Can CVE-2021-2219 be exploited remotely?

Yes, CVE-2021-2219 can be easily exploited remotely by low privileged attackers via HTTP network access.

What component of PeopleSoft is impacted by CVE-2021-2219?

CVE-2021-2219 impacts the SQR component of the PeopleSoft Enterprise PeopleTools product.

Vulnerability/
CVE-2021-2219

high

7.4

22/4/2021

26/9/2024

CVE-2021-2219

First published: Thu Apr 22 2021(Updated: )

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: SQR). Supported versions that are affected are 8.56, 8.57 and 8.58. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. While the vulnerability is in PeopleSoft Enterprise PeopleTools, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of PeopleSoft Enterprise PeopleTools accessible data as well as unauthorized read access to a subset of PeopleSoft Enterprise PeopleTools accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of PeopleSoft Enterprise PeopleTools. CVSS 3.1 Base Score 7.4 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L).

Credit: secalert_us@oracle.com

Affected Software	Affected Version	How to fix
Oracle Peoplesoft Enterprise Campus Software Campus Community	=8.56
Oracle Peoplesoft Enterprise Campus Software Campus Community	=8.57
Oracle Peoplesoft Enterprise Campus Software Campus Community	=8.58

Remedy

https://www.oracle.com/security-alerts/cpuapr2021.html

Never miss a vulnerability like this again

Reference Links

https://www.oracle.com/security-alerts/cpuapr2021.html

Frequently Asked Questions

What is the severity of CVE-2021-2219?
CVE-2021-2219 is rated as a high severity vulnerability due to the potential for exploitation by low privileged attackers with network access.
How do I fix CVE-2021-2219?
To fix CVE-2021-2219, it is recommended to apply the latest patches provided by Oracle for affected versions 8.56, 8.57, and 8.58 of PeopleSoft Enterprise PeopleTools.
Who is affected by CVE-2021-2219?
CVE-2021-2219 affects users of Oracle PeopleSoft Enterprise PeopleTools versions 8.56, 8.57, and 8.58.
Can CVE-2021-2219 be exploited remotely?
Yes, CVE-2021-2219 can be easily exploited remotely by low privileged attackers via HTTP network access.
What component of PeopleSoft is impacted by CVE-2021-2219?
CVE-2021-2219 impacts the SQR component of the PeopleSoft Enterprise PeopleTools product.

agent/type
agent/references
agent/severity
agent/author
agent/remedy
agent/first-publish-date
agent/event
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/source
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/oracle
canonical/oracle peoplesoft enterprise campus software campus community
version/oracle peoplesoft enterprise campus software campus community/8.56
version/oracle peoplesoft enterprise campus software campus community/8.57
version/oracle peoplesoft enterprise campus software campus community/8.58