CVE-2018-2731
https://notcve.org/view.php?id=CVE-2018-2731
Vulnerability in the PeopleSoft Enterprise SCM eProcurement component of Oracle PeopleSoft Products (subcomponent: Manage Requisition Status). Supported versions that are affected are 9.1 and 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise SCM eProcurement. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of PeopleSoft Enterprise SCM eProcurement accessible data as well as unauthorized read access to a subset of PeopleSoft Enterprise SCM eProcurement accessible data. CVSS 3.0 Base Score 5.4 (Confidentiality and Integrity impacts). • http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html http://www.securityfocus.com/bid/102610 http://www.securitytracker.com/id/1040204 •
CVE-2017-3570
https://notcve.org/view.php?id=CVE-2017-3570
Vulnerability in the PeopleSoft Enterprise FSCM component of Oracle PeopleSoft Products (subcomponent: eSettlements). The supported version that is affected is 9.1. Easily "exploitable" vulnerability allows high privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise FSCM. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all PeopleSoft Enterprise FSCM accessible data as well as unauthorized access to critical data or complete access to all PeopleSoft Enterprise FSCM accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality and Integrity impacts). • http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html http://www.securityfocus.com/bid/97906 http://www.securitytracker.com/id/1038301 •
CVE-2016-5600
https://notcve.org/view.php?id=CVE-2016-5600
Unspecified vulnerability in the PeopleSoft Enterprise SCM Services Procurement component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors. Vulnerabilidad no especificada en el componente PeopleSoft Enterprise SCM Services Procurement en Oracle PeopleSoft Products 9.1 y 9.2 permite a usuarios remotos autenticados afectar la confidencialidad y la integridad a través de vectores desconocidos. • http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html http://www.securityfocus.com/bid/93688 http://www.securitytracker.com/id/1037046 • CWE-284: Improper Access Control •
CVE-2016-5467
https://notcve.org/view.php?id=CVE-2016-5467
Unspecified vulnerability in the PeopleSoft Enterprise FSCM component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote authenticated users to affect confidentiality and integrity via vectors related to eProcurement. Vulnerabilidad no especificada en el componente PeopleSoft Enterprise FSCM en Oracle PeopleSoft Products 9.1 y 9.2 permite a usuarios remotos autenticados afectar la confidencialidad y la integridad a través de vectores relacionados con eProcurement. • http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html http://www.securityfocus.com/bid/91787 http://www.securityfocus.com/bid/91879 http://www.securitytracker.com/id/1036404 •
CVE-2016-0407
https://notcve.org/view.php?id=CVE-2016-0407
Unspecified vulnerability in the PeopleSoft Enterprise HCM component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote authenticated users to affect confidentiality via vectors related to Fusion HR Talent Integration. Vulnerabilidad no especificada en el componente PeopleSoft Enterprise HCM en Oracle PeopleSoft Products 9.1 y 9.2 permite a ususarios remotos autenticados afectar a la confidencialidad a través de vectores relacionados con Fusion HR Talent Integration • http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html http://www.securitytracker.com/id/1035610 •