{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-05T18:55:48.769","vulnerabilities":[{"cve":{"id":"CVE-2017-3502","sourceIdentifier":"secalert_us@oracle.com","published":"2017-04-24T19:59:02.877","lastModified":"2025-04-20T01:37:25.860","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the PeopleSoft Enterprise FIN Receivables component of Oracle PeopleSoft Products (subcomponent: Receivables). The supported version that is affected is 9.2. Easily \"exploitable\" vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise FIN Receivables. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of PeopleSoft Enterprise FIN Receivables accessible data. CVSS 3.0 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)."},{"lang":"es","value":"Vulnerabilidad en el componente PeopleSoft Enterprise FIN Receivables de Oracle PeopleSoft Products (subcomponente: Receivables). La versión soportada afectada es 9.2. Vulnerabilidad fácil explotable permite a un atacante autenticado con acceso a la red a través de HTTP comprometer a PeopleSoft Enterprise FIN Receivables. Los ataques exitosos de esta vulnerabilidad pueden provocar la actualización, inserción o eliminación de acceso no autorizados a algunos de los datos accesibles de PeopleSoft Enterprise FIN Receivables. CVSS 3.0 Base Score 5.3 (Integrity impacts). Vector CVSS: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:P/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:peoplesoft_enterprise_fin_receivables:9.2:*:*:*:*:*:*:*","matchCriteriaId":"94D16F65-CAFD-4672-B8EE-12B710740771"}]}]}],"references":[{"url":"http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html","source":"secalert_us@oracle.com","tags":["Patch","Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/97897","source":"secalert_us@oracle.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1038301","source":"secalert_us@oracle.com"},{"url":"http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/97897","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1038301","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}