Vulnerability in PeopleSoft Enterprise PRTL Interaction Hub by Oracle
CVE-2017-10258

6.1MEDIUM

Key Information:

Vendor
Oracle
Status
Peoplesoft Enterprise Prtl Interaction Hub
Vendor
CVE Published:
8 August 2017

Summary

An input validation vulnerability in the PeopleSoft Enterprise PRTL Interaction Hub component of Oracle PeopleSoft Products allows unauthenticated attackers with network access through HTTP to exploit the system. This vulnerability requires human interaction from a user other than the attacker to be successful. Attackers could gain unauthorized access to update, insert, or delete operations, as well as read certain data within the PeopleSoft Enterprise PRTL Interaction Hub. This could potentially impact additional related products, leading to wider security risks.

Affected Version(s)

PeopleSoft Enterprise PRTL Interaction Hub 9.1.0

References

http://www.securityfocus.com/bid/99739
vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1038932
vdb-entryx_refsource_SECTRACK
http://www.oracle.com/technetwork/security-advisory/cpuju...
x_refsource_CONFIRM

CVSS V3.1

Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.