漏洞标题
N/A
漏洞描述信息
Oracle PeopleSoft PeopleTools产品(组件:Weblogic)中的漏洞。受影响的支持版本是8.57, 8.58和8.59。容易利用的漏洞允许通过HTTP网络访问的未授权攻击者 compromising PeopleSoft Enterprise PeopleTools。此漏洞的成功攻击可能导致未经授权的读取访问 PeopleSoft Enterprise PeopleTools可用数据的一个子集。CVSS 3.1基础得分5.3(保密影响)。CVSS向量:(CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)。
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Weblogic). Supported versions that are affected are 8.57, 8.58 and 8.59. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks of this vulnerability can result in unauthorized read access to a subset of PeopleSoft Enterprise PeopleTools accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
漏洞类别
N/A
漏洞标题
Oracle PeopleSoft Enterprise PeopleTools 访问控制错误漏洞
漏洞描述信息
Oracle PeopleSoft Enterprise PeopleTools是美国甲骨文(Oracle)公司的用于为 PeopleSoft 应用程序提供与用户的需求和期望保持同步的技术。 Oracle PeopleSoft Enterprise PeopleTools 中存在访问控制错误漏洞,该漏洞源于产品未对数据子集的访问添加权限限制。以下产品及版本受到影响:Oracle PeopleSoft Enterprise PeopleTools 8.57, 8.58, 8.59版本。
CVSS信息
N/A
漏洞类别
授权问题