Oracle PeopleSoft Enterprise PeopleTools Query Component Unauthorized Data Access Vulnerability

Vulnerability

An easily exploitable vulnerability has been identified in the Query component of Oracle PeopleSoft Enterprise PeopleTools, affecting versions 8.61 and 8.62. This vulnerability allows a low-privileged attacker with network access via HTTP to gain unauthorized read access to a subset of accessible data within PeopleSoft Enterprise PeopleTools.

Impact

Exploitation of this vulnerability could lead to unauthorized read access to certain data within PeopleSoft Enterprise PeopleTools.

Added: Oct 21, 2025, 9:22 PM

Updated: Oct 21, 2025, 9:22 PM

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

0.6

exploitability

4.9

remediation

0.0

relevance

0.8

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

0.6

exploitability

4.9

remediation

0.0

relevance

0.8

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Oracle PeopleSoft Enterprise PeopleTools Query Component Unauthorized Data Access Vulnerability

Vulnerability

Impact

Affected Products

Oracle PeopleSoft Enterprise PeopleTools

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating