Vulnerability in Oracle PeopleSoft Products – Human Resources Component
CVE-2018-2654

6.1MEDIUM

Key Information:

Vendor

Oracle
Status
Peoplesoft Enterprise Hcm Human Resources
Vendor
CVE Published:
18 January 2018

What is CVE-2018-2654?

A vulnerability in the Oracle PeopleSoft Enterprise HCM Human Resources component allows an unauthenticated attacker with network access via HTTP to exploit the system. While this vulnerability resides within the Human Resources subcomponent, it has the potential to affect broader functionalities across Oracle PeopleSoft Products. Successful exploitation may grant unauthorized access to perform updates, insertions, or deletions on sensitive data, as well as unauthorized read access to certain accessible data. It is important for organizations utilizing PeopleSoft Enterprise HCM Human Resources to assess their exposure and implement necessary security measures.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

PeopleSoft Enterprise HCM Human Resources 9.2

References

http://www.oracle.com/technetwork/security-advisory/cpuja...
x_refsource_CONFIRM
http://www.securityfocus.com/bid/102604
vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1040204
vdb-entryx_refsource_SECTRACK

CVSS V3.1

Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.