Vulnerability in Oracle PeopleSoft Products Staffing Front Office Component
CVE-2017-10164

4.3MEDIUM

Key Information:

Vendor

Oracle
Status
Peoplesoft Enterprise Fin Staffing Front Office
Vendor
CVE Published:
19 October 2017

What is CVE-2017-10164?

A vulnerability exists in the Staffing Front Office component of Oracle PeopleSoft Enterprise FSCM, which can be exploited by a low privileged attacker with network access via HTTP. This vulnerability can lead to unauthorized read access to certain data within the PeopleSoft Enterprise FSCM system. The impact of this issue emphasizes the importance of securing applications and ensuring appropriate access controls to safeguard sensitive information.

Affected Version(s)

PeopleSoft Enterprise FIN Staffing Front Office 9.2

References

http://www.securitytracker.com/id/1039598
vdb-entryx_refsource_SECTRACK
http://www.oracle.com/technetwork/security-advisory/cpuoc...
x_refsource_CONFIRM
http://www.securityfocus.com/bid/101479
vdb-entryx_refsource_BID

CVSS V3.1

Score:
4.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.