Vulnerability in PeopleSoft PRTL Interaction Hub by Oracle
CVE-2017-10057

5.4MEDIUM

Key Information:

Vendor
Oracle
Status
Peoplesoft Enterprise Prtl Interaction Hub
Vendor
CVE Published:
8 August 2017

Summary

A vulnerability exists in the PeopleSoft Enterprise PRTL Interaction Hub component of Oracle PeopleSoft Products, specifically within the Discussion Forum subcomponent. This vulnerability allows a low-privileged attacker with network access to compromise the PRTL Interaction Hub, requiring human interaction from a victim to exploit. Successful exploitation can lead to unauthorized modifications, including insertion, deletion, and reading of sensitive data within the hub. While primarily affecting the Interaction Hub, the impacts of an attack may extend to other associated products, emphasizing the need for vigilance in safeguarding data integrity.

Affected Version(s)

PeopleSoft Enterprise PRTL Interaction Hub 9.1.0

References

http://www.securitytracker.com/id/1038932
vdb-entryx_refsource_SECTRACK
http://www.securityfocus.com/bid/99798
vdb-entryx_refsource_BID
http://www.oracle.com/technetwork/security-advisory/cpuju...
x_refsource_CONFIRM

CVSS V3.1

Score:
5.4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.