CVE-2009-3404 — Oracle JD Edwards Enterpriseone vulnerability

3 documents3 sources

Severity

4.0MEDIUMNVD

EPSS

0.4%

top 40.44%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Oracle JD Edwards Enterpriseone Oracle Peoplesoft Enterprise

Timeline

PublishedOct 22

Latest updateMay 2

Description

Unspecified vulnerability in the PeopleSoft PeopleTools & Enterprise Portal component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.49.23 allows remote authenticated users to affect integrity via unknown vectors.

CVSS vector

AV:N/AC:L/C:N/I:P/A:NExploitability: 8.0 | Impact: 2.9

Affected Packages2 packages

▶NVDoracle/peoplesoft_enterprise8.49.23

▶NVDoracle/jd_edwards_enterpriseone8.49.23

🔴Vulnerability Details

GHSA

GHSA-mphw-3jw4-55gq: Unspecified vulnerability in the PeopleSoft PeopleTools & Enterprise Portal component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8↗2022-05-02

▶

CVEList

CVE-2009-3404: Unspecified vulnerability in the PeopleSoft PeopleTools & Enterprise Portal component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8↗2009-10-22

▶