Vulnerability Details : CVE-2013-5909
Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Org and Workforce Dev.
Exploit prediction scoring system (EPSS) score for CVE-2013-5909
Probability of exploitation activity in the next 30 days: 0.19%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 55 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2013-5909
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
4.9
|
MEDIUM | AV:N/AC:M/Au:S/C:P/I:P/A:N |
6.8
|
4.9
|
NIST |
References for CVE-2013-5909
-
http://www.securitytracker.com/id/1029623
Oracle PeopleSoft Products Bugs Let Remote Users Partially Access and Modify Data and Partially Deny Service - SecurityTrackerThird Party Advisory;VDB Entry
-
http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
Oracle Critical Patch Update - January 2014Patch;Vendor Advisory
-
http://www.securityfocus.com/bid/64855
Oracle PeopleSoft Enterprise HRMS CVE-2013-5909 Remote Security VulnerabilityThird Party Advisory;VDB Entry
-
http://www.securityfocus.com/bid/64758
RETIRED: Oracle January 2014 Critical Patch Update Multiple VulnerabilitiesThird Party Advisory;VDB Entry
Products affected by CVE-2013-5909
- cpe:2.3:a:oracle:peoplesoft_products:9.1:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:peoplesoft_products:9.2:*:*:*:*:*:*:*