Lucene search

[email protected]CVE-2014-6460

HistoryOct 15, 2014 - 3:55 p.m.

CVE-2014-6460

2014-10-1515:55:00

NVD-CWE-noinfo

[email protected]

web.nvd.nist.gov

cve-2014-6460

peoplesoft

enterprise

peopletools

oracle

products

8.52

8.53

8.54

vulnerability

confidentiality

integrity

nvd

5.3 Medium

AI Score

Confidence

Low

4.9 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:P/I:P/A:N

0.001 Low

EPSS

Percentile

42.3%

JSON

Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.52, 8.53, and 8.54 allows remote authenticated users to affect confidentiality and integrity via vectors related to QUERY.

CPENameOperatorVersion
oracle:peoplesoft_productsoracle peoplesoft productseq8.54
oracle:peoplesoft_productsoracle peoplesoft productseq8.53
oracle:peoplesoft_productsoracle peoplesoft productseq8.52

CPE	Name	Operator	Version
oracle:peoplesoft_products	oracle peoplesoft products	eq	8.54
oracle:peoplesoft_products	oracle peoplesoft products	eq	8.53
oracle:peoplesoft_products	oracle peoplesoft products	eq	8.52

References

secunia.com/advisories/61701

www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html

www.securityfocus.com/bid/70555

www.securitytracker.com/id/1031044

5.3 Medium

AI Score

Confidence

Low

4.9 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:P/I:P/A:N

0.001 Low

EPSS

Percentile

42.3%

JSON

Related for CVE-2014-6460

prion1 cvelist1 securityvulns1 oracle1