Oracle PeopleSoft Enterprise PeopleTools PIA Core Technology Unauthorized Data Access Vulnerability

Vulnerability

A vulnerability exists in Oracle PeopleSoft Enterprise PeopleTools, specifically in the PIA Core Technology component, affecting versions 8.60, 8.61, and 8.62. This vulnerability allows a high-privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. While the issue is contained within PeopleTools, it may also significantly impact other products, leading to a scope change. Exploitation of this vulnerability could result in unauthorized access to update, insert, or delete certain data within PeopleSoft Enterprise PeopleTools, as well as unauthorized read access to a subset of accessible data.

Impact

Exploitation allows for unauthorized modification or deletion of data within PeopleSoft Enterprise PeopleTools, as well as unauthorized read access to some of the accessible data.

Added: Oct 21, 2025, 9:40 PM

Updated: Oct 21, 2025, 9:40 PM

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

1.3

exploitability

4.4

remediation

0.0

relevance

0.7

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

1.3

exploitability

4.4

remediation

0.0

relevance

0.7

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Oracle PeopleSoft Enterprise PeopleTools PIA Core Technology Unauthorized Data Access Vulnerability

Vulnerability

Impact

Affected Products

Oracle PeopleSoft Enterprise PeopleTools

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating