CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-3522
https://notcve.org/view.php?id=CVE-2017-3522
Vulnerability in the PeopleSoft Enterprise SCM eSupplier Connection component of Oracle PeopleSoft Products (subcomponent: Vendor). The supported version that is affected is 9.2. Easily "exploitable" vulnerability allows high privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise SCM eSupplier Connection. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all PeopleSoft Enterprise SCM eSupplier Connection accessible data as well as unauthorized access to critical data or complete access to all PeopleSoft Enterprise SCM eSupplier Connection accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality and Integrity impacts). • http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html http://www.securityfocus.com/bid/97890 http://www.securitytracker.com/id/1038301 •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-3525
https://notcve.org/view.php?id=CVE-2017-3525
Vulnerability in the PeopleSoft Enterprise SCM Service Procurement component of Oracle PeopleSoft Products (subcomponent: Usability). The supported version that is affected is 9.2. Easily "exploitable" vulnerability allows high privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise SCM Service Procurement. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all PeopleSoft Enterprise SCM Service Procurement accessible data as well as unauthorized access to critical data or complete access to all PeopleSoft Enterprise SCM Service Procurement accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality and Integrity impacts). • http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html http://www.securityfocus.com/bid/97882 http://www.securitytracker.com/id/1038301 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2016-5467
https://notcve.org/view.php?id=CVE-2016-5467
Unspecified vulnerability in the PeopleSoft Enterprise FSCM component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote authenticated users to affect confidentiality and integrity via vectors related to eProcurement. Vulnerabilidad no especificada en el componente PeopleSoft Enterprise FSCM en Oracle PeopleSoft Products 9.1 y 9.2 permite a usuarios remotos autenticados afectar la confidencialidad y la integridad a través de vectores relacionados con eProcurement. • http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html http://www.securityfocus.com/bid/91787 http://www.securityfocus.com/bid/91879 http://www.securitytracker.com/id/1036404 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2011-2277
https://notcve.org/view.php?id=CVE-2011-2277
Unspecified vulnerability in the PeopleSoft Enterprise SCM component in Oracle PeopleSoft Products 9.0 Bundle #36 and 9.1 Bundle #13 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Purchasing. Vulnerabilidad no especificada en el componente PeopleSoft Enterprise SCM en Oracle PeopleSoft Products v9.0 Bundle #36 y v9.1 Bundle #13 permite a usuarios remotos autenticados comprometer la confidencialidad y la integridad a través de vectores desconocidos relacionados Purchasing. • http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html http://www.us-cert.gov/cas/techalerts/TA11-201A.html •