Oracle PeopleSoft Integration Broker Unauthenticated Data Access Vulnerability

Vulnerability

A vulnerability exists in Oracle PeopleSoft Integration Broker, part of the PeopleTools product, affecting versions 8.60, 8.61, and 8.62. This easily exploitable vulnerability allows an unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Exploitation of this vulnerability requires human interaction from a third party. While the vulnerability resides within PeopleTools, successful attacks could have a broader impact on additional products. Exploitation could lead to unauthorized access allowing updates, inserts, or deletions of certain accessible data within PeopleSoft Enterprise PeopleTools, as well as unauthorized read access to a subset of that data.

Impact

Exploitation allows for unauthorized modification or deletion of accessible data within PeopleSoft Enterprise PeopleTools, as well as unauthorized read access to some of that data.

Added: Jan 20, 2026, 11:02 PM

Updated: Jan 20, 2026, 11:02 PM

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

1.3

exploitability

5.4

remediation

0.0

relevance

2.2

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

1.3

exploitability

5.4

remediation

0.0

relevance

2.2

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Oracle PeopleSoft Integration Broker Unauthenticated Data Access Vulnerability

Vulnerability

Impact

Affected Products

Oracle PeopleSoft Enterprise PeopleTools

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating