CVE-2021-2407 – Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (compo …

21 July 2021

Vuln ID: CVE-2021-2407

Published: 2021-07-21 15:15:51Z

Description: Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Portal). Supported versions that are affected are 8.57, 8.58 and 8.59. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks of this vulnerability can result in unauthorized read access to a subset of PeopleSoft Enterprise PeopleTools accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).

Source: NVD.NIST.GOV

Date:

21 July 2021

Categorie(s):

NVD

Tag(s):

NVD

Severe Flaws Disclosed in Brocade SANnav SAN Management Software26 April 2024
Microsoft credentials targeted by phishing campaign using Autodesk Drive26 April 2024
Novel Kaolin RAT malware distributed in Lazarus Group attacks26 April 2024
Infections with abandoned PlugX USB worm continue to be prevalent26 April 2024
Phishing attack compromises LA County Health Services data26 April 2024