First published: Tue Oct 18 2022(Updated: )
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Portal). Supported versions that are affected are 8.58, 8.59 and 8.60. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks of this vulnerability can result in unauthorized read access to a subset of PeopleSoft Enterprise PeopleTools accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).
Credit: secalert_us@oracle.com
Affected Software | Affected Version | How to fix |
---|---|---|
Oracle PeopleSoft Enterprise | =8.58 | |
Oracle PeopleSoft Enterprise | =8.59 | |
Oracle PeopleSoft Enterprise | =8.60 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this Oracle PeopleSoft vulnerability is CVE-2022-21602.
The affected software for this vulnerability is Oracle PeopleSoft Enterprise versions 8.58, 8.59, and 8.60.
The severity of CVE-2022-21602 is medium with a score of 5.3 out of 10.
An unauthenticated attacker with network access via HTTP can exploit this vulnerability to compromise PeopleSoft Enterprise.
Yes, you can find more information about this vulnerability at [Oracle Security Alerts - CPU October 2022](https://www.oracle.com/security-alerts/cpuoct2022.html).