CVE-2008-2620 — Oracle JD Edwards Enterpriseone vulnerability

4 documents4 sources

Severity

6.5MEDIUMNVD

EPSS

0.9%

top 24.02%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Oracle JD Edwards Enterpriseone Oracle Peoplesoft Enterprise

Timeline

PublishedJul 15

Latest updateMay 1

Description

Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.17 and 8.49.11 has unknown impact and remote authenticated attack vectors, a different vulnerability than CVE-2008-2615, CVE-2008-2616, CVE-2008-2617, CVE-2008-2618, CVE-2008-2621, and CVE-2008-2622.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 8.0 | Impact: 6.4

Affected Packages2 packages

▶NVDoracle/peoplesoft_enterprise8.48.17, 8.49.11+1

▶NVDoracle/jd_edwards_enterpriseone8.48.17, 8.49.11+1

🔴Vulnerability Details

GHSA

GHSA-g8h5-wv99-85v5: Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8↗2022-05-01

▶

CVEList

CVE-2008-2620: Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8↗2008-07-15

▶

💬Community

Bugzilla

CVE-2008-3139 wireshark: crash in the RTMPT dissector↗2008-07-11

▶