1. Home
  2. CVE Database
  3. CVE-2016-0680
MEDIUM · 5.4

CVE-2016-0680

Unspecified vulnerability in the PeopleSoft Enterprise SCM component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote authenticated users to affect confidentiality and integrity via vectors rel...

Vulnerability Description

Unspecified vulnerability in the PeopleSoft Enterprise SCM component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote authenticated users to affect confidentiality and integrity via vectors related to Services Procurement.

CVSS Score

5.4

MEDIUM

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
LOW
Integrity
LOW
Availability
NONE

Affected Products

VendorProductVersions
OraclePeoplesoft Supply Chain Management Eprocurement9.1

References

FAQ

What is CVE-2016-0680?

CVE-2016-0680 is a vulnerability with a CVSS score of 5.4 (MEDIUM). Unspecified vulnerability in the PeopleSoft Enterprise SCM component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote authenticated users to affect confidentiality and integrity via vectors rel...

How severe is CVE-2016-0680?

CVE-2016-0680 has been rated MEDIUM with a CVSS base score of 5.4/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2016-0680?

Check the references section above for vendor advisories and patch information. Affected products include: Oracle Peoplesoft Supply Chain Management Eprocurement.