NVD

Id
3862  
Name
CVE-2008-4000  
Description
Unspecified vulnerability in the PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.18 and 8.49.14 allows remote attackers to affect confidentiality and integrity via unknown vectors. NOTE: the previous information was obtained from the Oracle October 2008 CPU. Oracle has not commented on reliable researcher claims that this issue allows bypass of the lockout mechanism using brute force guessing of credentials and a response discrepancy information leak when the password is correct.  
Reject
 
CVSS Version
2  
CVSS Score
6.4  
Severity
Medium  
CVSS Base Score
6.4  
CVSS Impact Subscore
4.9  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:P/I:P/A:N)  
Pub Date
2017-01-03  
Published
2008-10-14  
Modified Date
2012-10-22  
Seq
2008-4000  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
24400 3862 CVE-2008-4000 http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html  View
24401 3862 CVE-2008-4000 20081019 CVE-2008-4000: Oracle PeopleTools ? Authentication Weakness  View
24402 3862 CVE-2008-4000 1021055  View
24403 3862 CVE-2008-4000 ADV-2008-2825  View
24404 3862 CVE-2008-4000 oracle-peoplesoft-peopletools-unauth-access(45902)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
49533 JVNDB-2008-004843 Oracle PeopleSoft Enterprise および JD Edwards EnterpriseOne における脆弱性 Oracle PeopleSoft Enterprise および JD Edwards EnterpriseOne の PeopleTools コンポーネントには、機密性および完全性に影響を受ける脆弱性が存在します。 CVE-2008-4000 34113 CVE-2008-4000 3862 6.4 http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-004843.html 2008-10-14 2012-09-25 View