CVE-2008-4004

Unspecified vulnerability in the JDE EnterpriseOne Business Service Server component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.97.2.2 and 8.98.0.1 allows local users to affect confidentiality and integrity via unknown vectors.

CVSS v2.0 3.2 LOW

3.2^/10

CVSS v2.0 : LOW

Vector : AV:L/AC:L/Au:S/C:P/I:P/A:N

Exploitability : 3.1 / Impact : 4.9

Access Vector LOCAL

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://secunia.com/advisories/32291	Vendor Advisory
http://www.securitytracker.com/id?1021055
http://www.vupen.com/english/advisories/2008/2825
http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/45906

Advertisement

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:jdedwards:enterpriseone:8.97.2.2:::::::*
	cpe:2.3:a:jdedwards:enterpriseone:8.98.0.1:::::::*
	cpe:2.3:a:oracle:peoplesoft_enterprise:8.97.2.2:::::::*
	cpe:2.3:a:oracle:peoplesoft_enterprise:8.98.0.1:::::::*

Information

Published : 2008-10-14 14:11

Updated : 2017-08-07 18:32

NVD link : CVE-2008-4004

Mitre link : CVE-2008-4004

JSON object : View

CWE

NVD-CWE-noinfo

Advertisement

Products Affected

oracle

peoplesoft_enterprise

jdedwards

enterpriseone

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://secunia.com/advisories/32291", "name": "32291", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://www.securitytracker.com/id?1021055", "name": "1021055", "tags": [], "refsource": "SECTRACK"}, {"url": "http://www.vupen.com/english/advisories/2008/2825", "name": "ADV-2008-2825", "tags": [], "refsource": "VUPEN"}, {"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html", "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html", "tags": [], "refsource": "CONFIRM"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45906", "name": "oracle-jdedwards-enterprise-priv-escalation(45906)", "tags": [], "refsource": "XF"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Unspecified vulnerability in the JDE EnterpriseOne Business Service Server component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.97.2.2 and 8.98.0.1 allows local users to affect confidentiality and integrity via unknown vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2008-4004", "ASSIGNER": "secalert_us@oracle.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 3.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:N", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "severity": "LOW", "impactScore": 4.9, "obtainAllPrivilege": false, "exploitabilityScore": 3.1, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2008-10-14T21:11Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:jdedwards:enterpriseone:8.97.2.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:jdedwards:enterpriseone:8.98.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:peoplesoft_enterprise:8.97.2.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:peoplesoft_enterprise:8.98.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2017-08-08T01:32Z"}