CVE-2016-0412

Unspecified vulnerability in the PeopleSoft Enterprise SCM eProcurement component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote authenticated users to affect integrity via unknown vectors related to Manage Requisition Status.

CVSS v2.0 3.5 LOW

3.5^/10

CVSS v2.0 : LOW

V2 Legend

Vector : AV:N/AC:M/Au:S/C:N/I:P/A:N

Exploitability : 6.8 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication SINGLE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html	Patch Vendor Advisory
http://www.securitytracker.com/id/1034720

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:oracle:peoplesoft_supply_chain_management_eprocurement:9.1:::::::*
	cpe:2.3:a:oracle:peoplesoft_supply_chain_management_eprocurement:9.2:::::::*

History

No history.

Information

Published : 2016-01-21 02:59

Updated : 2016-06-09 18:20

NVD link : CVE-2016-0412

Mitre link : CVE-2016-0412

CVE.ORG link : CVE-2016-0412

JSON object : View

Products Affected

oracle

peoplesoft_supply_chain_management_eprocurement

CWE

NVD-CWE-noinfo

3.5 /10