Lucene search
PRIOn knowledge basePRION:CVE-2023-21916HistoryApr 18, 2023 - 8:15 p.m.
Code injection
2023-04-1820:15:00
PRIOn knowledge base
www.prio-n.com
2
code injection
peoplesoft enterprise
oracle peoplesoft
vulnerability
web server
cvss 3.1
unauthorized access
nvd
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Web Server). Supported versions that are affected are 8.58, 8.59 and 8.60. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks of this vulnerability can result in unauthorized read access to a subset of PeopleSoft Enterprise PeopleTools accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).
| CPE | Name | Operator | Version |
|---|---|---|---|
| peoplesoft_enterprise_peopletools | eq | 8.58 | |
| peoplesoft_enterprise_peopletools | eq | 8.59 | |
| peoplesoft_enterprise_peopletools | eq | 8.60 |
Related
cve
cve
CVE-2023-21916
2023-04-18 20:15:12
cvelist
cvelist
CVE-2023-21916
2023-04-18 19:54:18
nvd
nvd
CVE-2023-21916
2023-04-18 20:15:12
oracle
oracle
Oracle Critical Patch Update Advisory - April 2023
2023-04-18 00:00:00