CVE-2024-21154

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Jul 16, 2024
Updated: Jul 17, 2024

Summary

CVE-2024-21154 is a vulnerability affecting the Oracle PeopleSoft Enterprise HCM Human Resources product, specifically version 9.2. This issue allows a low-privileged attacker with network access to compromise the system via HTTP. Successful exploitation results in unauthorized read access to a subset of the affected product's data, posing a confidentiality risk. The CVSS Base Score is 4.3. Attack vectors include network access with low privileges, making it easily exploitable.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • PeopleSoft Enterprise HCM Human Resources

Affected Vendors

  • Oracle Corp