admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 17:21:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-212xx/CVE-2024-21255.json
cad-safe-bot 3f3912eeb1 Auto-Update: 2024-10-18T20:00:17.306501+00:00
2024-10-18 20:03:18 +00:00

110 lines
4.0 KiB
JSON
Raw Blame History

{
"id": "CVE-2024-21255",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2024-10-15T20:15:16.040",
"lastModified": "2024-10-18T18:16:50.040",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: XMLPublisher). Supported versions that are affected are 8.59, 8.60 and 8.61. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks of this vulnerability can result in takeover of PeopleSoft Enterprise PeopleTools. CVSS 3.1 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)."
},
{
"lang": "es",
"value": "Vulnerabilidad en el producto PeopleSoft Enterprise PeopleTools de Oracle PeopleSoft (componente: XMLPublisher). Las versiones compatibles afectadas son 8.59, 8.60 y 8.61. Esta vulnerabilidad, f\u00e1cilmente explotable, permite a un atacante con pocos privilegios y acceso a la red a trav\u00e9s de HTTP comprometer PeopleSoft Enterprise PeopleTools. Los ataques exitosos de esta vulnerabilidad pueden dar como resultado la toma de control de PeopleSoft Enterprise PeopleTools. Puntuaci\u00f3n base de CVSS 3.1: 8,8 (impactos en confidencialidad, integridad y disponibilidad). Vector CVSS: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "secalert_us@oracle.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*",
"matchCriteriaId": "C8AF00C6-B97F-414D-A8DF-057E6BFD8597"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.60:*:*:*:*:*:*:*",
"matchCriteriaId": "AF191D4F-3D54-4525-AAF5-B70D3FD2F818"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.61:*:*:*:*:*:*:*",
"matchCriteriaId": "18F15FC6-947A-462A-8329-C52907799A7C"
}
]
}
]
}
],
"references": [
{
"url": "https://www.oracle.com/security-alerts/cpuoct2024.html",
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink