Lucene search

OracleCVELIST:CVE-2020-2561

HistoryJan 15, 2020 - 4:34 p.m.

CVE-2020-2561

2020-01-1516:34:01

oracle

www.cve.org

4.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

3.8 Low

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

22.9%

JSON

Vulnerability in the PeopleSoft Enterprise HCM Human Resources product of Oracle PeopleSoft (component: Company Dir / Org Chart Viewer). The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise HCM Human Resources. Successful attacks of this vulnerability can result in unauthorized read access to a subset of PeopleSoft Enterprise HCM Human Resources accessible data. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).

CNA Affected

[
  {
    "product": "PeopleSoft Enterprise HCM Human Resources",
    "vendor": "Oracle Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "9.2"
      }
    ]
  }
]

References

www.oracle.com/security-alerts/cpujan2020.html

4.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

3.8 Low

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

22.9%

JSON

Related for CVELIST:CVE-2020-2561