Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-5q43-wwhh-v8wh

Опубликовано: 18 июл. 2023
Источник: github
Github: Не прошло ревью
CVSS3: 7.5

Описание

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Portal). Supported versions that are affected are 8.59 and 8.60. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all PeopleSoft Enterprise PeopleTools accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Portal). Supported versions that are affected are 8.59 and 8.60. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all PeopleSoft Enterprise PeopleTools accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).

Ссылки

EPSS

Процентиль: 100%
0.91427
Критический

7.5 High

CVSS3

CVE ID

CVE-2023-22047

Дефекты

CWE-306

Связанные уязвимости

nvd логотип

CVE-2023-22047

CVSS3: 7.5
nvd
больше 2 лет назад

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Portal). Supported versions that are affected are 8.59 and 8.60. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all PeopleSoft Enterprise PeopleTools accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).

fstec логотип

BDU:2023-03991

CVSS3: 7.5
fstec
больше 2 лет назад

Уязвимость компонента PeopleSoft Enterprise PeopleTools пакета бизнес-приложений Oracle PeopleSoft Enterprise PeopleTools, позволяющая нарушителю раскрыть защищаемую информацию

EPSS

Процентиль: 100%
0.91427
Критический

7.5 High

CVSS3

CVE ID

CVE-2023-22047

Дефекты

CWE-306