Oracle PeopleSoft Enterprise PeopleTools CVE-2017-3520 Remote Security Vulnerability

Oracle PeopleSoft Enterprise PeopleTools is prone to a remote security vulnerability.

The vulnerability can be exploited over the 'HTTP' protocol. The 'Fluid Core' sub component is affected.

This vulnerability affects the following supported versions:
8.54, 8.55

Information

Bugtraq ID: 97908
Class: Unknown
CVE: CVE-2017-3520

Remote: Yes
Local: No
Published: Apr 18 2017 12:00AM
Updated: Apr 18 2017 12:00AM
Credit: Manich Koomsusi and Tawatchai Pinsuwan of Mindterra Red Team
Vulnerable: Oracle PeopleSoft Enterprise PeopleTools 8.55
Oracle PeopleSoft Enterprise PeopleTools 8.54

Not Vulnerable:

Exploit

Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

References:

Oracle Homepage (Oracle)
Oracle Critical Patch Update Advisory - April 2017 (Oracle)

Source: www.securityfocus.com

Exploit Collector

Search Exploit