Unauthorized Access Vulnerability in Oracle PeopleSoft's Activity Guide Composer
CVE-2021-35543

8.1HIGH

Key Information:

Vendor: Oracle
Status: Peoplesoft Enterprise Cc Common Application Objects
Vendor: CVE Published:; 20 October 2021

What is CVE-2021-35543?

A vulnerability exists in Oracle PeopleSoft's Activity Guide Composer that allows low privileged attackers to exploit it via HTTP. This easily exploitable flaw enables unauthorized creation, deletion, or modification of sensitive data within the PeopleSoft Enterprise CC Common Application Objects. As a result, attackers may gain unauthorized access to critical data across the platform, which poses significant risks to the integrity and confidentiality of the system. Organizations using the affected version should prioritize mitigation strategies to safeguard their data.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

PeopleSoft Enterprise CC Common Application Objects 9.2

References

https://www.oracle.com/security-alerts/cpuoct2021.html

x_refsource_MISC

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 20, 2021
Vulnerability Reserved
Jun 28, 2021

JSON

Oracle

What is CVE-2021-35543?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.