Oracle PeopleSoft HCM Human Resources Employee Snapshot Component Vulnerability Allowing Unauthorized Data Access and Modification

Vulnerability

A vulnerability has been identified in the Oracle PeopleSoft Enterprise HCM Human Resources product, specifically within the Employee Snapshot component, version 9.2. This vulnerability allows a low-privileged attacker with network access via HTTP to compromise the application. Exploitation of this vulnerability requires human interaction from a third party. While the issue resides in PeopleSoft Enterprise HCM Human Resources, its effects may extend to other products. Successful exploitation could lead to unauthorized read access to certain data, as well as unauthorized updates, inserts, or deletions of accessible data within the application.

Impact

Exploitation of this vulnerability could result in unauthorized access to read, modify, insert, or delete data within the PeopleSoft Enterprise HCM Human Resources application.

Added: Apr 21, 2026, 11:35 PM

Updated: Apr 21, 2026, 11:35 PM

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

1.3

exploitability

4.4

remediation

0.0

relevance

6.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

1.3

exploitability

4.4

remediation

0.0

relevance

6.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Oracle PeopleSoft HCM Human Resources Employee Snapshot Component Vulnerability Allowing Unauthorized Data Access and Modification

Vulnerability

Impact

Affected Products

Oracle PeopleSoft Enterprise HCM Human Resources

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating