Security Flaw in Oracle PeopleSoft Enterprise Tools Affecting Multiple Versions
CVE-2024-21097
4.9MEDIUM
Key Information:
- Vendor
- Oracle
- Vendor
- CVE Published:
- 16 April 2024
Summary
A security vulnerability has been identified in Oracle's PeopleSoft Enterprise PeopleTools affecting the Security component. This flaw allows attackers with high privileges and network access via HTTP to potentially compromise the affected systems. Notably, versions 8.59, 8.60, and 8.61 are susceptible to exploitation. Successful exploitation could result in unauthorized access to sensitive data, posing a significant risk to organizational data integrity. It is imperative for users of these affected versions to implement security patches and follow best practices to mitigate any risks associated with this vulnerability. For detailed information, please refer to the official Oracle advisory.
References
CVSS V3.1
Score:
4.9
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published