CVE-2025-53061

CWE-284Improper Access ControlCWE-1915 documents5 sources
Severity
5.5MEDIUM
EPSS
0.0%
top 91.55%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Oracle Peoplesoft Enterprise PeopletoolsOracle Corporation Peoplesoft Enterprise Peopletools
Timeline
PublishedOct 21

Description

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: PIA Core Technology). Supported versions that are affected are 8.60, 8.61 and 8.62. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. While the vulnerability is in PeopleSoft Enterprise PeopleTools, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability ca

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:NExploitability: 2.3 | Impact: 2.7

Affected Packages2 packages

🔴Vulnerability Details

2
GHSA
GHSA-q8v8-9fjr-p47p: Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: PIA Core Technology)2025-10-21
CVEList
CVE-2025-53061: Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: PIA Core Technology)2025-10-21

📋Vendor Advisories

2
Oracle
Oracle Oracle PeopleSoft Risk Matrix: PIA Core Technology — CVE-2025-530612025-10-15
Microsoft
media: s5p-jpeg: prevent buffer overflows2024-11-12