Oracle PeopleSoft Enterprise PeopleTools Panel Processor Vulnerability Allowing Unauthorized Data Access

A vulnerability has been identified in the PeopleSoft Enterprise PeopleTools product, specifically within the Panel Processor component. This issue affects PeopleSoft versions 8.60, 8.61, and 8.62. The vulnerability is easily exploitable, allowing a low-privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Exploitation of this vulnerability requires human interaction from a third party. While the vulnerability resides in PeopleSoft Enterprise PeopleTools, successful attacks could significantly impact additional products. Exploitation of this vulnerability could lead to unauthorized update, insert, or delete access to some data within PeopleSoft Enterprise PeopleTools, as well as unauthorized read access to a subset of accessible data.

Impact

Exploitation of this vulnerability could result in unauthorized access to update, insert, or delete data within PeopleSoft Enterprise PeopleTools, as well as unauthorized read access to certain accessible data.