Vulnerability in Oracle PeopleSoft Students Administration Pack
CVE-2021-35601

5.7MEDIUM

Key Information:

Vendor: Oracle
Status: Peoplesoft Enterprise Cs Sa Integration Pack
Vendor: CVE Published:; 20 October 2021

What is CVE-2021-35601?

An exploitable vulnerability exists in Oracle PeopleSoft's Students Administration component. This flaw allows low privileged attackers, with access to the physical communication segment attached to the affected hardware, to compromise the PeopleSoft Enterprise CS SA Integration Pack. Successful exploitation could enable unauthorized access to sensitive information, potentially exposing all accessible data within the system.

Affected Version(s)

PeopleSoft Enterprise CS SA Integration Pack 9.0

PeopleSoft Enterprise CS SA Integration Pack 9.2

References

https://www.oracle.com/security-alerts/cpuoct2021.html

x_refsource_MISC

CVSS V3.1

Score:

5.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 20, 2021
Vulnerability Reserved
Jun 28, 2021