Vulnerability in PeopleSoft Enterprise PRTL Interaction Hub by Oracle
CVE-2017-10248

6.1MEDIUM

Key Information:

Vendor
Oracle
Status
Peoplesoft Enterprise Prtl Interaction Hub
Vendor
CVE Published:
8 August 2017

Summary

A vulnerability exists in the PeopleSoft Enterprise PRTL Interaction Hub of Oracle PeopleSoft Products that can be exploited by an unauthenticated attacker with network access. The flaw permits unauthorized individuals to compromise the integrity and confidentiality of the hub and its associated data. While the vulnerability specifically resides in the PeopleSoft Enterprise PRTL Interaction Hub, successful exploits can extend their impact to other connected products. To successfully execute an attack, human interaction is required, allowing unauthorized actions such as inserting, updating, or deleting data, as well as unauthorized reading of certain accessible information. This vulnerability poses a significant risk to sensitive business operations relying on PeopleSoft systems.

Affected Version(s)

PeopleSoft Enterprise PRTL Interaction Hub 9.1.0

References

http://www.securitytracker.com/id/1038932
vdb-entryx_refsource_SECTRACK
http://www.securityfocus.com/bid/99754
vdb-entryx_refsource_BID
http://www.oracle.com/technetwork/security-advisory/cpuju...
x_refsource_CONFIRM

CVSS V3.1

Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.