CVE-2023-21831

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-21831
Vulnerability in the PeopleSoft Enterprise CS Academic Advisement product of Oracle PeopleSoft (component: Advising Notes). The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise CS Academic Advisement. Successful attacks of this vulnerability can result in unauthorized read access to a subset of PeopleSoft Enterprise CS Academic Advisement accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).

5.3 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://www.oracle.com/security-alerts/cpujan2023.html Patch Vendor Advisory
https://www.oracle.com/security-alerts/cpujan2023.html Patch Vendor Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:oracle:peoplesoft_enterprise_cs_academic_advisement:9.2:*:*:*:*:*:*:*
History

21 Nov 2024, 07:43

Type Values Removed Values Added
References () https://www.oracle.com/security-alerts/cpujan2023.html - Patch, Vendor Advisory () https://www.oracle.com/security-alerts/cpujan2023.html - Patch, Vendor Advisory
Summary
  • (es) Vulnerabilidad en el producto PeopleSoft Enterprise CS Academic Advisement de Oracle PeopleSoft (componente: Advising Notes). La versión compatible que se ve afectada es la 9.2. Una vulnerabilidad fácilmente explotable permite a un atacante no autenticado con acceso a la red a través de HTTP comprometer PeopleSoft Enterprise CS Academic Advisement. Los ataques exitosos a esta vulnerabilidad pueden resultar en acceso de lectura no autorizado a un subconjunto de datos accesibles de PeopleSoft Enterprise CS Academic Advisement. CVSS 3.1 Puntaje base 5.3 (Impactos en la confidencialidad). Vector CVSS: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).
Information

Published : 2023-01-18 00:15

Updated : 2024-11-21 07:43

NVD link : CVE-2023-21831

Mitre link : CVE-2023-21831

CVE.ORG link : CVE-2023-21831

JSON object : View

Products Affected

oracle

  • peoplesoft_enterprise_cs_academic_advisement
CWE
NVD-CWE-noinfo