Vulnerability in Oracle PeopleSoft Enterprise PRTL Interaction Hub
CVE-2017-10354

8.2HIGH

Key Information:

Vendor

Oracle
Status
Peoplesoft Enterprise Prtl Interaction Hub
Vendor
CVE Published:
19 October 2017

What is CVE-2017-10354?

A vulnerability exists in the PeopleSoft Enterprise PRTL Interaction Hub component within Oracle PeopleSoft Products, specifically affecting version 9.1.00. This issue allows an unauthenticated attacker with network access via HTTP to compromise the system. Although the vulnerability is confined to the PeopleSoft Enterprise PRTL Interaction Hub, its exploitation can lead to unauthorized access to sensitive data and permissions to manipulate accessible data, such as updates or deletions. Additionally, successful exploitation necessitates human interaction from a target user. Due to this, while the direct impact is limited to the interaction hub, the ramifications can extend to various connected products.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

PeopleSoft Enterprise PRTL Interaction Hub 9.1.00

References

http://www.securityfocus.com/bid/101465
vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1039598
vdb-entryx_refsource_SECTRACK
http://www.oracle.com/technetwork/security-advisory/cpuoc...
x_refsource_CONFIRM

CVSS V3.1

Score:
8.2
Severity:
HIGH
Confidentiality:
High
Integrity:
Low
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.