Lucene search

[email protected]CVE-2014-2495

HistoryJul 17, 2014 - 5:10 a.m.

CVE-2014-2495

2014-07-1705:10:00

NVD-CWE-noinfo

[email protected]

web.nvd.nist.gov

oracle

peoplesoft

products

vulnerability

scm

purchasing

nvd

cve-2014-2495

5.3 Medium

AI Score

Confidence

Low

2.3 Low

CVSS2

Access Vector

ADJACENT_NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:A/AC:M/Au:S/C:P/I:N/A:N

0.002 Low

EPSS

Percentile

50.9%

JSON

Unspecified vulnerability in the PeopleSoft Enterprise SCM Purchasing component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote authenticated users to affect confidentiality via unknown vectors related to Purchasing.

CPENameOperatorVersion
oracle:peoplesoft_productsoracle peoplesoft productseq9.2
oracle:peoplesoft_productsoracle peoplesoft productseq9.1

CPE	Name	Operator	Version
oracle:peoplesoft_products	oracle peoplesoft products	eq	9.2
oracle:peoplesoft_products	oracle peoplesoft products	eq	9.1

References

seclists.org/fulldisclosure/2014/Dec/23

www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html

www.securityfocus.com/archive/1/534161/100/0/threaded

www.securitytracker.com/id/1030586

www.vmware.com/security/advisories/VMSA-2014-0012.html

5.3 Medium

AI Score

Confidence

Low

2.3 Low

CVSS2

Access Vector

ADJACENT_NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:A/AC:M/Au:S/C:P/I:N/A:N

0.002 Low

EPSS

Percentile

50.9%

JSON

Related for CVE-2014-2495

cvelist1 prion1 securityvulns1 oracle1