CVE-2024-21202
CVSS 3.1 Score 6.1 of 10 (medium)
Details
Summary
CVE-2024-21202 is a vulnerability found in Oracle's PeopleSoft Enterprise PeopleTools, specifically within the PIA Core Technology component, affecting versions 8.59, 8.60, and 8.61. This vulnerability allows unauthenticated attackers with HTTP network access to potentially compromise the system, requiring human interaction from another user for successful exploitation. The risk includes unauthorized updates, inserts, deletes, and read access to sensitive data within PeopleSoft Enterprise PeopleTools, which could extend to other interconnected products. Organizations are encouraged to remediate this vulnerability by applying patches provided by Oracle as outlined in their security alerts. The CVSS 3.1 Base Score for this vulnerability is 6.1, indicating medium severity with low impacts on confidentiality and integrity.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.