Oracle PeopleSoft Enterprise PeopleTools PIA Core Technology Unauthenticated Data Access Vulnerability

An easily exploitable vulnerability has been identified in the PeopleSoft Enterprise PeopleTools product, specifically within the PIA Core Technology component. This vulnerability affects versions 8.60, 8.61, and 8.62. It allows an unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Exploitation of this vulnerability requires human interaction from a person other than the attacker. While the vulnerability resides in PeopleSoft Enterprise PeopleTools, successful attacks may significantly impact additional products. Exploitation can lead to unauthorized update, insert, or delete access to some of the accessible data in PeopleSoft Enterprise PeopleTools, as well as unauthorized read access to a subset of that data.

Impact

Successful exploitation allows for unauthorized access to read, update, insert, or delete certain data within PeopleSoft Enterprise PeopleTools. However, the impact may extend to additional products, indicating a broader scope of concern.