CVE-2010-4418

Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft and JDEdwards Suite 8.50.11 through 8.50.15 and 8.51GA through 8.51.05 allows remote attackers to affect confidentiality, integrity, and availability, related to PIA Core Technology.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html	Vendor Advisory
http://www.securitytracker.com/id?1024978
http://www.securityfocus.com/bid/45865
http://secunia.com/advisories/42924	Vendor Advisory
http://www.vupen.com/english/advisories/2011/0147
https://exchange.xforce.ibmcloud.com/vulnerabilities/64785

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:oracle:peoplesoft_and_jdedwards_product_suite:8.50.15:::::::*
	cpe:2.3:a:oracle:peoplesoft_and_jdedwards_product_suite:8.51::ga:::::
	cpe:2.3:a:oracle:peoplesoft_and_jdedwards_product_suite:8.50.11:::::::*
	cpe:2.3:a:oracle:peoplesoft_enterprise:8.51.05:::::::*
	cpe:2.3:a:oracle:peoplesoft_enterprise:8.50.15:::::::*
	cpe:2.3:a:oracle:peoplesoft_enterprise:8.51::ga:::::
	cpe:2.3:a:oracle:peoplesoft_and_jdedwards_product_suite:8.51.05:::::::*
	cpe:2.3:a:oracle:peoplesoft_enterprise:8.50.11:::::::*

Information

Published : 2011-01-19 08:00

Updated : 2017-08-16 18:33

NVD link : CVE-2010-4418

Mitre link : CVE-2010-4418

JSON object : View

CWE

NVD-CWE-noinfo

Products Affected

oracle

peoplesoft_enterprise
peoplesoft_and_jdedwards_product_suite

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html", "name": "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html", "tags": ["Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "http://www.securitytracker.com/id?1024978", "name": "1024978", "tags": [], "refsource": "SECTRACK"}, {"url": "http://www.securityfocus.com/bid/45865", "name": "45865", "tags": [], "refsource": "BID"}, {"url": "http://secunia.com/advisories/42924", "name": "42924", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://www.vupen.com/english/advisories/2011/0147", "name": "ADV-2011-0147", "tags": [], "refsource": "VUPEN"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64785", "name": "peoplesoft-pia-code-execution(64785)", "tags": [], "refsource": "XF"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft and JDEdwards Suite 8.50.11 through 8.50.15 and 8.51GA through 8.51.05 allows remote attackers to affect confidentiality, integrity, and availability, related to PIA Core Technology."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2010-4418", "ASSIGNER": "secalert_us@oracle.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "HIGH", "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2011-01-19T16:00Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:oracle:peoplesoft_and_jdedwards_product_suite:8.50.15:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:peoplesoft_and_jdedwards_product_suite:8.51:*:ga:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:peoplesoft_and_jdedwards_product_suite:8.50.11:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:peoplesoft_enterprise:8.51.05:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:peoplesoft_enterprise:8.50.15:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:peoplesoft_enterprise:8.51:*:ga:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:peoplesoft_and_jdedwards_product_suite:8.51.05:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:peoplesoft_enterprise:8.50.11:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2017-08-17T01:33Z"}

7.5 /10