Lucene search

K
cve[email protected]CVE-2017-10426
HistoryOct 19, 2017 - 5:29 p.m.

CVE-2017-10426

2017-10-1917:29:06
web.nvd.nist.gov
21
oracle
peoplesoft
enterprise
fscm
vulnerability
cve-2017-10426
nvd
security
cvss 3.0
http
attack

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

2.7 Low

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

2.8 Low

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

30.0%

Vulnerability in the PeopleSoft Enterprise FSCM component of Oracle PeopleSoft Products (subcomponent: Staffing Front Office). The supported version that is affected is 9.2. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise FSCM. Successful attacks of this vulnerability can result in unauthorized read access to a subset of PeopleSoft Enterprise FSCM accessible data. CVSS 3.0 Base Score 2.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N).

Affected configurations

Vulners
NVD
Node
oraclepeoplesoft_enterprise_fin_staffing_front_officeRange9.2
VendorProductVersionCPE
oraclepeoplesoft_enterprise_fin_staffing_front_office*cpe:2.3:a:oracle:peoplesoft_enterprise_fin_staffing_front_office:*:*:*:*:*:*:*:*

CNA Affected

[
  {
    "product": "PeopleSoft Enterprise FIN Staffing Front Office",
    "vendor": "Oracle Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "9.2"
      }
    ]
  }
]

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

2.7 Low

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

2.8 Low

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

30.0%

Related for CVE-2017-10426