Vulnerability Details : CVE-2014-4226
Unspecified vulnerability in the PeopleSoft Enterprise FIN Install component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
Exploit prediction scoring system (EPSS) score for CVE-2014-4226
Probability of exploitation activity in the next 30 days: 1.18%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 85 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2014-4226
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
5.1
|
MEDIUM | AV:N/AC:H/Au:N/C:P/I:P/A:P |
4.9
|
6.4
|
NIST |
References for CVE-2014-4226
-
http://www.vmware.com/security/advisories/VMSA-2014-0012.html
VMSA-2014-0012.1
-
http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
Oracle Critical Patch Update - July 2014Vendor Advisory
-
http://seclists.org/fulldisclosure/2014/Dec/23
Full Disclosure: NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities
-
http://www.securityfocus.com/bid/68585
Oracle PeopleSoft Enterprise FIN Install CVE-2014-4226 Remote Security Vulnerability
-
http://www.securitytracker.com/id/1030586
Oracle PeopleSoft Products Multiple Bugs Let Remote Users Partially Deny Service and Remote Authenticated Users Partially Access and Modify Data - SecurityTracker
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/94579
Oracle PeopleSoft Enterprise FIN Install Install unspecified CVE-2014-4226 Vulnerability Report
-
http://www.securityfocus.com/archive/1/534161/100/0/threaded
SecurityFocus
Products affected by CVE-2014-4226
- cpe:2.3:a:oracle:peoplesoft_products:9.1:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:peoplesoft_products:9.2:*:*:*:*:*:*:*