Oracle PeopleSoft Enterprise PeopleTools PIA Core Technology Unauthenticated Data Access Vulnerability

Vulnerability

A vulnerability exists in Oracle PeopleSoft Enterprise PeopleTools, specifically in the PIA Core Technology component, affecting versions 8.60, 8.61, and 8.62. This easily exploitable vulnerability allows an unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Exploitation of this vulnerability requires human interaction from a third party. Successful attacks can lead to unauthorized update, insert, or delete access to certain accessible data within PeopleSoft Enterprise PeopleTools, as well as unauthorized read access to a subset of the accessible data.

Impact

Exploitation of this vulnerability could result in unauthorized data modifications or deletions, and unauthorized read access to certain data within PeopleSoft Enterprise PeopleTools.

Added: Oct 21, 2025, 9:35 PM

Updated: Oct 21, 2025, 9:35 PM

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

1.3

exploitability

6.0

remediation

0.0

relevance

0.7

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

1.3

exploitability

6.0

remediation

0.0

relevance

0.7

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Oracle PeopleSoft Enterprise PeopleTools PIA Core Technology Unauthenticated Data Access Vulnerability

Vulnerability

Impact

Affected Products

Oracle PeopleSoft Enterprise PeopleTools

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating