Oracle PeopleSoft Enterprise SCM Purchasing Component Vulnerability Allowing Unauthorized Data Access and Modification

Vulnerability

A vulnerability exists in Oracle PeopleSoft Enterprise SCM Purchasing version 9.2, specifically within the Purchasing component. This easily exploitable issue allows a low-privileged attacker with network access via HTTP to compromise the application. Successful exploitation could lead to unauthorized read, update, insert, or delete access to certain accessible data within PeopleSoft Enterprise SCM Purchasing.

Impact

Exploitation of this vulnerability could result in unauthorized read, update, insert, or delete access to some of the data accessible within PeopleSoft Enterprise SCM Purchasing.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

1.3

exploitability

4.9

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

1.3

exploitability

4.9

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Oracle PeopleSoft Enterprise SCM Purchasing Component Vulnerability Allowing Unauthorized Data Access and Modification

Vulnerability

Impact

Affected Products

Oracle PeopleSoft Enterprise SCM Purchasing

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating