CVE-2016-0591 : Unspecified vulnerability in the PeopleSoft Enterprise SCM Purchasing component in Oracle PeopleSoft Products 9.1 and 9.

Unspecified vulnerability in the PeopleSoft Enterprise SCM Purchasing component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Supplier Change.

Published 2016-01-21 03:02:20

Updated 2016-06-09 18:17:14

Source Oracle

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2016-0591

Probability of exploitation activity in the next 30 days: 0.09%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 35 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2016-0591

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
5.5	MEDIUM	AV:N/AC:L/Au:S/C:P/I:P/A:N	8.0	4.9	NIST
Access Vector: Network Access Complexity: Low Authentication: Single Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: None

References for CVE-2016-0591

http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html

Oracle Critical Patch Update - January 2016
Patch;Vendor Advisory

CVEs referencing this url
http://www.securitytracker.com/id/1034720

Oracle PeopleSoft Product Flaws Let Remote Users Access and Modify Data - SecurityTracker

CVEs referencing this url

Products affected by CVE-2016-0591

Oracle » Peoplesoft Supply Chain Management Purchasing » Version: 9.1
cpe:2.3:a:oracle:peoplesoft_supply_chain_management_purchasing:9.1:*:*:*:*:*:*:*
Matching versions
Oracle » Peoplesoft Supply Chain Management Purchasing » Version: 9.2
cpe:2.3:a:oracle:peoplesoft_supply_chain_management_purchasing:9.2:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2016-0591

Exploit prediction scoring system (EPSS) score for CVE-2016-0591

CVSS scores for CVE-2016-0591

References for CVE-2016-0591

Products affected by CVE-2016-0591