Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2007-0297

4 documents4 sources

Severity

4.0MEDIUM

EPSS

27.7%

top 3.56%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Oracle Enterpriseone Oracle Peoplesoft Enterprise

Timeline

PublishedJan 17

Latest updateMay 1

Description

Unspecified vulnerability in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.47.11 and 8.48.06 has unknown impact and attack vectors in PeopleTools, aka PSE03.

CVSS vector

AV:N/AC:L/C:N/I:P/A:NExploitability: 8.0 | Impact: 2.9

Affected Packages2 packages

▶NVDoracle/enterpriseone8.47.11, 8.48.06+1

▶NVDoracle/peoplesoft_enterprise8.47.11, 8.48.06+1

Patches

Patch: secunia.com ↗Patch: www.us-cert.gov ↗Patch: secunia.com ↗

🔴Vulnerability Details

GHSA

GHSA-g3cw-c848-p46h: Unspecified vulnerability in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8↗2022-05-01

▶

CVEList

CVE-2007-0297: Unspecified vulnerability in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8↗2007-01-17

▶

💥Exploits & PoCs

Exploit-DB

Oracle January 2007 Security Update - Multiple Vulnerabilities↗2007-01-16

▶