Remote Authenticated Vulnerability in Oracle PeopleSoft Enterprise HCM
CVE-2016-8295

4.3MEDIUM

Key Information:

Vendor

Oracle
Status
Peoplesoft Enterprise Human Capital Management Time And Labor
Vendor
CVE Published:
25 October 2016

What is CVE-2016-8295?

An unspecified vulnerability exists within the Oracle PeopleSoft Enterprise HCM component that permits remote authenticated users to compromise system confidentiality. This flaw can be exploited through various unknown vectors, potentially leading to unauthorized access to sensitive information.

References

http://www.securityfocus.com/bid/93712
vdb-entryx_refsource_BID
http://www.oracle.com/technetwork/security-advisory/cpuoc...
x_refsource_CONFIRM
http://www.securitytracker.com/id/1037046
vdb-entryx_refsource_SECTRACK

CVSS V3.1

Score:
4.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.