6 matches found
CVE-2021-2218
Vulnerability in the PeopleSoft Enterprise PT PeopleTools product of Oracle PeopleSoft component: Health Center. Supported versions that are affected are 8.56 and 8.57. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterpris...
GHSA-J336-34Q7-CGJ3 Downloads Resources over HTTP in healthcenter
Affected versions of healthcenter insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on the...
Downloads Resources over HTTP in healthcenter
Affected versions of healthcenter insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on the...
Healthcenter Remote Code Execution Vulnerability
healthcenter is a set of diagnostic tools for checking the status of running Java or Node.js applications. A security vulnerability exists in healthcenter that originates when a program downloads an executable file over an unencrypted HTTP connection. A remote attacker could exploit the...
Man-in-the-Middle (MitM)
healthcenter is susceptible to man-in-the-middle MitM attacks. The attacker can download binary resources via HTTP, allowing MitM attacks. Since the attacker can replace the requested binary with its controlled binary if the attacker is on the network or positioned in between the user and the...
Downloads Resources over HTTP
Overview Affected versions of healthcenter insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution...