Vulnerability in Oracle PeopleSoft Products 9.1 and 9.2 eProcurement Module
CVE-2016-5467

5.4MEDIUM

Key Information:

Vendor

Oracle
Status
Peoplesoft Enterprise Scm Eprocurement
Vendor
CVE Published:
21 July 2016

What is CVE-2016-5467?

An unspecified vulnerability within the eProcurement component of PeopleSoft Enterprise FSCM affects Oracle PeopleSoft Products 9.1 and 9.2. This weakness allows remote authenticated users to compromise both confidentiality and integrity of sensitive data, thereby posing significant risk to organizations utilizing these products.

References

http://www.securitytracker.com/id/1036404
vdb-entryx_refsource_SECTRACK
http://www.oracle.com/technetwork/security-advisory/cpuju...
x_refsource_CONFIRM
http://www.securityfocus.com/bid/91787
vdb-entryx_refsource_BID

CVSS V3.1

Score:
5.4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2016-5467 : Vulnerability in Oracle PeopleSoft Products 9.1 and 9.2 eProcurement Module