ID CVE-2011-2277
Summary Unspecified vulnerability in the PeopleSoft Enterprise SCM component in Oracle PeopleSoft Products 9.0 Bundle #36 and 9.1 Bundle #13 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Purchasing.
References
Vulnerable Configurations
  • cpe:2.3:a:oracle:peoplesoft_enterprise_scm:9.0:bundle36:*:*:*:*:*:*
    cpe:2.3:a:oracle:peoplesoft_enterprise_scm:9.0:bundle36:*:*:*:*:*:*
  • cpe:2.3:a:oracle:peoplesoft_enterprise_scm:9.1:bundle13:*:*:*:*:*:*
    cpe:2.3:a:oracle:peoplesoft_enterprise_scm:9.1:bundle13:*:*:*:*:*:*
  • cpe:2.3:a:oracle:peoplesoft_products:9.0:bundle36:*:*:*:*:*:*
    cpe:2.3:a:oracle:peoplesoft_products:9.0:bundle36:*:*:*:*:*:*
  • cpe:2.3:a:oracle:peoplesoft_products:9.1:bundle13:*:*:*:*:*:*
    cpe:2.3:a:oracle:peoplesoft_products:9.1:bundle13:*:*:*:*:*:*
CVSS
Base: 5.5 (as of 05-10-2011 - 02:54)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW SINGLE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL NONE
cvss-vector via4 AV:N/AC:L/Au:S/C:P/I:P/A:N
refmap via4
cert TA11-201A
confirm http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html
Last major update 05-10-2011 - 02:54
Published 21-07-2011 - 00:55
Last modified 05-10-2011 - 02:54
Back to Top