CVE-2025-21562

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Jan 21, 2025

Summary

CVE-2025-21562 is a vulnerability affecting the Run Control Management component of Oracle PeopleSoft's Enterprise CC Common Application Objects (version 9.2). This issue allows a low-privileged attacker with network access via HTTP to gain unauthorized read access to a subset of the product's accessible data. The impact of this vulnerability is rated as low (Confidentiality) on the Common Vulnerability Scoring System (CVSS) with a base score of 4.3. The attack vector is defined as Adversary Interaction: Low (L), and the exploitability is rated as Easy.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share