CVE-2025-21562
CVSS 3.1 Score 4.3 of 10 (medium)
Details
Published Jan 21, 2025
Summary
CVE-2025-21562 is a vulnerability affecting the Run Control Management component of Oracle PeopleSoft's Enterprise CC Common Application Objects (version 9.2). This issue allows a low-privileged attacker with network access via HTTP to gain unauthorized read access to a subset of the product's accessible data. The impact of this vulnerability is rated as low (Confidentiality) on the Common Vulnerability Scoring System (CVSS) with a base score of 4.3. The attack vector is defined as Adversary Interaction: Low (L), and the exploitability is rated as Easy.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share