CNNVD-202510-2662 Information
CNNVD ID
CNNVD-202510-2662
Related CVE
- CNNVD Published: 2025-10-21
Description (Chinese)
Oracle PeopleSoft是美国甲骨文(Oracle)公司的一套企业人力资本管理解决方案。该产品提供了人力资本管理、财务管理、供应商关系管理等功能。 Oracle PeopleSoft的PeopleSoft Enterprise FIN Maintenance Management 9.2版本存在安全漏洞,该漏洞源于低权限攻击者可通过HTTP网络访问进行攻击,可能导致未经授权的数据更新、插入或删除以及部分数据读取。
Description (English)
Oracle PeopleSoft is an enterprise human capital management solution for Oracle. The product provides human capital management, financial management and supplier relationship management functions. There is a security loophole in version 9.2 of the PeopleSoft Enterprise FIN Community Management version of Oracle PeopleSoft, which stems from the fact that low-authorized assailants can attack via the HTTP network, which may lead to unauthorized data updating, insertion or deletion, and partial data access.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
甲骨文
Published
2025-10-21
Last Modified
2026-02-24
References
https://www.oracle.com/security-alerts/cpuoct2025.html https://access.redhat.com/security/cve/cve-2025-61761
Patch
https://www.oracle.com/security-alerts/cpuoct2025.html
Share on: