Vulnerability in PeopleSoft Enterprise Interaction Hub by Oracle
CVE-2018-3130

5.4MEDIUM

Key Information:

Vendor
Oracle
Status
Peoplesoft Enterprise Prtl Interaction Hub
Vendor
CVE Published:
17 October 2018

Summary

A vulnerability exists in the PeopleSoft Enterprise Interaction Hub component of Oracle PeopleSoft Products, specifically within the Application Portal subcomponent. This flaw allows a low-privileged attacker with network access through HTTP to potentially manipulate the system. Successful exploitation could result in unauthorized alterations, additions, or deletions of data accessible through the PeopleSoft Enterprise Interaction Hub, as well as unauthorized reading of certain data. The vulnerability highlights significant security risks, particularly in terms of data confidentiality and integrity.

Affected Version(s)

PeopleSoft Enterprise PRTL Interaction Hub 9.1.0.0

References

http://www.securityfocus.com/bid/105614
vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1041891
vdb-entryx_refsource_SECTRACK
http://www.oracle.com/technetwork/security-advisory/cpuoc...
x_refsource_CONFIRM

CVSS V3.1

Score:
5.4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.