cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2021-2404,https://securityvulnerability.io/vulnerability/CVE-2021-2404,E-mail Notification Vulnerability in Oracle PeopleSoft Enterprise HCM Candidate Gateway,"A vulnerability exists in Oracle's PeopleSoft Enterprise HCM Candidate Gateway, impacting the e-mail notification component. An unauthorized attacker with network access can exploit this weakness to gain unauthorized access to sensitive data. Successful exploitation allows the attacker to update, insert, or delete data without proper authorization, as well as read certain confidential information, thereby compromising the integrity and confidentiality of the data managed by the Candidate Gateway. The vulnerability highlights the need for improved security measures to safeguard against unauthorized interactions with the system.",Oracle,Peoplesoft Enterprise Hcm Candidate Gateway,6.5,MEDIUM,0.0009699999936856329,false,,false,false,false,,,false,false,,2021-07-20T22:44:18.000Z,0
CVE-2020-2954,https://securityvulnerability.io/vulnerability/CVE-2020-2954,Unauthenticated Vulnerability in Oracle PeopleSoft Enterprise HRMS Allows Data Compromise,"An exploitable vulnerability has been identified in the Candidate Gateway of Oracle's PeopleSoft Enterprise HRMS (version 9.2). This flaw allows an unauthenticated attacker with network access via HTTP to potentially compromise the system. The vulnerability necessitates human interaction from an external individual to successfully execute attacks. Exploitation can result in unauthorized updates, insertions, deletions, and read access to sensitive data, impacting both confidentiality and integrity of the data within PeopleSoft Enterprise HRMS. Mitigation strategies are essential to safeguard affected data and ensure continued compliance with security protocols.",Oracle,Peoplesoft Enterprise Hcm Candidate Gateway,6.1,MEDIUM,0.0008299999753944576,false,,false,false,false,,,false,false,,2020-04-15T13:29:54.000Z,0
CVE-2019-2591,https://securityvulnerability.io/vulnerability/CVE-2019-2591,Web Application Vulnerability in Oracle PeopleSoft Products – Candidate Gateway,"A vulnerability exists in the Candidate Gateway of Oracle PeopleSoft Enterprise HRMS 9.2, allowing unauthenticated attackers with network access via HTTP to significantly compromise the system. Exploitation of this vulnerability can lead to unauthorized updates, inserts, or deletions of accessible data within the PeopleSoft environment. Moreover, it may allow unauthorized read access to specific datasets, necessitating human interaction from a party other than the attacker to exploit successfully. Organizations utilizing this product should apply necessary patches and enhance security measures to mitigate potential risks associated with this vulnerability.",Oracle,Peoplesoft Enterprise Hcm Candidate Gateway,6.1,MEDIUM,0.0008299999753944576,false,,false,false,false,,,false,false,,2019-04-23T18:16:40.000Z,0
CVE-2018-3072,https://securityvulnerability.io/vulnerability/CVE-2018-3072,,Vulnerability in the PeopleSoft HRMS component of Oracle PeopleSoft Products (subcomponent: Candidate Gateway). The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft HRMS. Successful attacks of this vulnerability can result in unauthorized read access to a subset of PeopleSoft HRMS accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).,Oracle,Peoplesoft Enterprise Hcm Candidate Gateway,5.3,MEDIUM,0.001129999989643693,false,,false,false,false,,,false,false,,2018-07-18T13:00:00.000Z,0