CVE-2012-3119 - Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Products

CVE-2012-3119

Summary

Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Products 9.0.20 allows remote authenticated users to affect confidentiality via unknown vectors related to Candidate Gateway.

References

http://osvdb.org/83967
http://secunia.com/advisories/49950
http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html
http://www.securityfocus.com/bid/54523
http://www.securitytracker.com/id?1027265
https://exchange.xforce.ibmcloud.com/vulnerabilities/77028

Vulnerable Configurations

cpe:2.3:a:oracle:peoplesoft_products:9.0.20:*:*:*:*:*:*:*
cpe:2.3:a:oracle:peoplesoft_products:9.0.20:*:*:*:*:*:*:*

CVSS

Base:	4.0 (as of 22-12-2017 - 02:29)
Impact:
Exploitability:

CWE

NVD-CWE-noinfo

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	SINGLE

Impact

Confidentiality	Integrity	Availability
PARTIAL	NONE	NONE

cvss-vector via4

AV:N/AC:L/Au:S/C:P/I:N/A:N

refmap via4

bid	54523
confirm	http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html
mandriva	MDVSA-2013:150
osvdb	83967
sectrack	1027265
secunia	49950
xf	peoplesoftenterprise-hrmscandgate-info-disc(77028)

Last major update

22-12-2017 - 02:29

Published

17-07-2012 - 23:55

Last modified

22-12-2017 - 02:29