CVE-2008-4007

critical

Description

Unspecified vulnerability in the PeopleSoft Enterprise Components component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.9.18 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.

References

http://www.vupen.com/english/advisories/2009/0115

http://www.securitytracker.com/id?1021570

http://www.securityfocus.com/bid/33177

http://www.oracle.com/technetwork/topics/security/cpujan2009-097901.html

http://secunia.com/advisories/33525

Details

Source: Mitre, NVD

Published: 2009-01-14

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 6.5

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 9.9

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.00599