漏洞标题
N/A
漏洞描述信息
Oracle PeopleSoft产品中的PeopleSoft Enterprise PeopleTools组件(子组件:Sawbridge)中存在的漏洞。受影响的支持版本为8.54、8.55和8.56。易 exploit 的漏洞允许未验证的 attacker 通过HTTP 网络访问来攻击PeopleSoft Enterprise PeopleTools。尽管漏洞在PeopleSoft Enterprise PeopleTools中,但攻击可能显著影响其他产品。成功利用此漏洞可能导致未经授权访问PeopleSoft Enterprise PeopleTools可访问的数据,以及未经授权的能力对PeopleSoft Enterprise PeopleTools造成部分拒绝服务(部分 DOS)。CVSS 3.0 基础得分为7.2(安全性和可用性影响)。CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:L)
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:L
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Sawbridge). Supported versions that are affected are 8.54, 8.55 and 8.56. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. While the vulnerability is in PeopleSoft Enterprise PeopleTools, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized read access to a subset of PeopleSoft Enterprise PeopleTools accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of PeopleSoft Enterprise PeopleTools. CVSS 3.0 Base Score 7.2 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:L).
CVSS信息
N/A
漏洞类别
N/A
漏洞标题
Oracle PeopleSoft Products PeopleSoft Enterprise PeopleTools组件安全漏洞
漏洞描述信息
Oracle PeopleSoft Products是美国甲骨文(Oracle)公司的一套企业人力资本管理解决方案,它提供了人力资本管理、财务管理、供应商关系管理等功能。PeopleSoft Enterprise PeopleTools是其中的一个能够转变企业管理、PeopleSoft软件的使用以及维护方式的工具和技术平台组件。 Oracle PeopleSoft Products中的PeopleSoft Enterprise PeopleTools组件8.54版本、8.55版本和8.56版本的Sawbr
CVSS信息
N/A
漏洞类别
授权问题