Vulnerability in PeopleSoft Enterprise PRTL Interaction Hub by Oracle
CVE-2017-10215

6.1MEDIUM

Key Information:

Vendor
Oracle
Status
Peoplesoft Enterprise Prtl Interaction Hub
Vendor
CVE Published:
8 August 2017

Summary

An access control vulnerability in the PeopleSoft Enterprise PRTL Interaction Hub component allows an unauthenticated attacker with network access via HTTP to compromise the system. Successful exploitation may lead to unauthorized access to sensitive data, including updates, inserts, or deletions. The attack requires interaction from a user other than the attacker, potentially impacting various products beyond the PeopleSoft Enterprise PRTL Interaction Hub. This vulnerability poses risks to the confidentiality and integrity of accessible data.

Affected Version(s)

PeopleSoft Enterprise PRTL Interaction Hub 9.1.0

References

http://www.securitytracker.com/id/1038932
vdb-entryx_refsource_SECTRACK
http://www.oracle.com/technetwork/security-advisory/cpuju...
x_refsource_CONFIRM
http://www.securityfocus.com/bid/99749
vdb-entryx_refsource_BID

CVSS V3.1

Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.