CVE-2024-21178

Summary

CVE-2024-21178 is a vulnerability affecting Oracle PeopleSoft's PeopleTools component (version 8.59, 8.60, and 8.61) in their PeopleSoft Enterprise product. This easily exploitable issue allows unauthenticated attackers, with network access via HTTP, to compromise the system. However, a human interaction is required to escalate the attack, and the impact may extend beyond PeopleTools to other affected products. A successful attack can result in unauthorized read, insert, or delete access to some PeopleTools data, and significant consequences for confidentiality and integrity. The Base Score, according to CVSS 3.1, is 6.1.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.