漏洞类别:Local
漏洞等级: 
漏洞信息
Oracle's PeopleSoft applications are designed to address the most complex business requirements.
Multiple vulnerabilities were reported in Oracle PeopleSoft Products.
- Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Security). Difficult to exploit vulnerability allows successful unauthenticated network attacks via HTTP. Successful attack of this vulnerability can result in unauthorized update, insert or delete access to some PeopleSoft Enterprise PeopleTools accessible data as well as read access to a subset of PeopleSoft Enterprise PeopleTools accessible data and ability to cause a partial denial of service (partial DOS) of PeopleSoft Enterprise PeopleTools.
- Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: PIA Core Technology). Easily exploitable vulnerability allows successful authenticated network attacks via HTTP. Successful attack of this vulnerability can result in unauthorized update, insert or delete access to some PeopleSoft Enterprise PeopleTools accessible data as well as read access to a subset of PeopleSoft Enterprise PeopleTools accessible data.
- Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Pivot Grid). Easily exploitable vulnerability allows successful authenticated network attacks via HTTP. Successful attack of this vulnerability can result in unauthorized update, insert or delete access to some PeopleSoft Enterprise PeopleTools accessible data.
Affected Version
PeopleSoft Enterprise PeopleTools Prior to 8.53.25
PeopleSoft Enterprise PeopleTools Prior to 8.54.16
漏洞危害
Successful exploitation allows attacker to compromise the system.
解决方案
Newer version is available to download. For more information about this product or to check for new releases, go to the Oracle PeopleSoft Products.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0day
文章评论