CVE-2008-4001

3 documents3 sources

Severity

4.9MEDIUM

EPSS

0.2%

top 51.98%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Oracle JD Edwards Enterpriseone EP Oracle Peoplesoft Enterprise

Timeline

PublishedOct 14

Latest updateMay 2

Description

Unspecified vulnerability in the PeopleSoft Enterprise Portal component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne EP 8.9 and EP 9.0 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.

CVSS vector

AV:N/AC:M/C:P/I:P/A:NExploitability: 6.8 | Impact: 4.9

Affected Packages2 packages

▶NVDoracle/peoplesoft_enterprise8.9, 9.0+1

▶NVDoracle/jd_edwards_enterpriseone_ep8.9, 9.0+1

🔴Vulnerability Details

GHSA

GHSA-rv35-25xj-6cff: Unspecified vulnerability in the PeopleSoft Enterprise Portal component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne EP 8↗2022-05-02

▶

CVEList

CVE-2008-4001: Unspecified vulnerability in the PeopleSoft Enterprise Portal component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne EP 8↗2008-10-14

▶