Lucene search

K
vulnrichmentOracleVULNRICHMENT:CVE-2017-10280
HistoryOct 19, 2017 - 5:00 p.m.

CVE-2017-10280

2017-10-1917:00:00
oracle
github.com
2
oracle peoplesoft products
test framework
data access
http
cvss
vulnerability

AI Score

6.1

Confidence

High

SSVC

Exploitation

none

Automatable

no

Technical Impact

partial

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Test Framework). Supported versions that are affected are 8.54, 8.55 and 8.56. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all PeopleSoft Enterprise PeopleTools accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).

AI Score

6.1

Confidence

High

SSVC

Exploitation

none

Automatable

no

Technical Impact

partial

Related for VULNRICHMENT:CVE-2017-10280