Vulnerability in Oracle PeopleSoft Enterprise Learning Management Component
CVE-2019-2707
6.1MEDIUM
Key Information:
- Vendor
- Oracle
- Vendor
- CVE Published:
- 23 April 2019
Summary
A vulnerability exists in the PeopleSoft Enterprise ELM component of Oracle PeopleSoft Products, specifically affecting the application search feature. This flaw could be exploited by an unauthenticated attacker with network access via HTTP, potentially compromising sensitive data within the system. While the primary focus is on PeopleSoft Enterprise ELM, the impacts could extend to other related products. Successful exploitation can lead to unauthorized updates, insertions, deletions, and read access to accessible data, posing significant risks to the integrity and confidentiality of information handled by the system.
Affected Version(s)
PeopleSoft Enterprise ELM Enterprise Learning Management 9.2
References
CVSS V3.1
Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved