Skip to main content

Peoplesoft Enterprise Cs Campus Community

6 CVEs product

Monthly

CVE-2026-46979 MEDIUM This Month

Unauthorized data access and manipulation in Oracle PeopleSoft Enterprise CS Campus Community 9.2.38 allows a high-privileged attacker to read, create, modify, or delete all data within the Campus Community system via HTTPS. The flaw resides in the Integration and Interfaces component, where insufficient authorization controls permit elevated but unintended operations beyond a user's legitimate role scope. No public exploit code exists and this vulnerability is not listed in the CISA KEV catalog at time of analysis; however, the complete Confidentiality and Integrity impact on student and institutional data makes patching a priority for higher education organizations.

Authentication Bypass Oracle Peoplesoft Enterprise Cs Campus Community
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2026-46851 HIGH This Week

Remote takeover of Oracle PeopleSoft Enterprise CS Campus Community 9.2.38 is possible via the Security component, where an unauthenticated attacker reaching the application over HTTP can fully compromise confidentiality, integrity, and availability. Oracle scores this 8.1 with high attack complexity, indicating non-trivial preconditions rather than a trivial mass-exploit primitive. No public exploit identified at time of analysis, and the vulnerability is not currently listed in CISA KEV.

Oracle Peoplesoft Enterprise Cs Campus Community RCE Code Injection
NVD VulDB
CVSS 3.1
8.1
EPSS
0.4%
CVE-2021-35606 MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise CS Campus Community product of Oracle PeopleSoft (component: Notification Framework). Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity.

Oracle Authentication Bypass Peoplesoft Enterprise Cs Campus Community
NVD
CVSS 3.1
5.7
EPSS
0.5%
CVE-2021-2421 MEDIUM This Month

Vulnerability in the PeopleSoft Enterprise CS Campus Community product of Oracle PeopleSoft (component: Integration and Interfaces). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Peoplesoft Enterprise Cs Campus Community
NVD
CVSS 3.1
6.5
EPSS
1.5%
CVE-2020-2912 MEDIUM This Month

Vulnerability in the PeopleSoft Enterprise CS Campus Community product of Oracle PeopleSoft (component: Self-Service). Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Peoplesoft Enterprise Cs Campus Community
NVD
CVSS 3.1
5.0
EPSS
0.9%
CVE-2017-3577 MEDIUM This Month

Vulnerability in the PeopleSoft Enterprise CS Campus Community component of Oracle PeopleSoft Products (subcomponent: Frameworks). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Peoplesoft Enterprise Cs Campus Community
NVD
CVSS 3.0
6.5
EPSS
0.5%
EPSS 0% CVSS 6.5
MEDIUM This Month

Unauthorized data access and manipulation in Oracle PeopleSoft Enterprise CS Campus Community 9.2.38 allows a high-privileged attacker to read, create, modify, or delete all data within the Campus Community system via HTTPS. The flaw resides in the Integration and Interfaces component, where insufficient authorization controls permit elevated but unintended operations beyond a user's legitimate role scope. No public exploit code exists and this vulnerability is not listed in the CISA KEV catalog at time of analysis; however, the complete Confidentiality and Integrity impact on student and institutional data makes patching a priority for higher education organizations.

Authentication Bypass Oracle Peoplesoft Enterprise Cs Campus Community
NVD
EPSS 0% CVSS 8.1
HIGH This Week

Remote takeover of Oracle PeopleSoft Enterprise CS Campus Community 9.2.38 is possible via the Security component, where an unauthenticated attacker reaching the application over HTTP can fully compromise confidentiality, integrity, and availability. Oracle scores this 8.1 with high attack complexity, indicating non-trivial preconditions rather than a trivial mass-exploit primitive. No public exploit identified at time of analysis, and the vulnerability is not currently listed in CISA KEV.

Oracle Peoplesoft Enterprise Cs Campus Community RCE +1
NVD VulDB
EPSS 0% CVSS 5.7
MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise CS Campus Community product of Oracle PeopleSoft (component: Notification Framework). Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity.

Oracle Authentication Bypass Peoplesoft Enterprise Cs Campus Community
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Vulnerability in the PeopleSoft Enterprise CS Campus Community product of Oracle PeopleSoft (component: Integration and Interfaces). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Peoplesoft Enterprise Cs Campus Community
NVD
EPSS 1% CVSS 5.0
MEDIUM This Month

Vulnerability in the PeopleSoft Enterprise CS Campus Community product of Oracle PeopleSoft (component: Self-Service). Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Peoplesoft Enterprise Cs Campus Community
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Vulnerability in the PeopleSoft Enterprise CS Campus Community component of Oracle PeopleSoft Products (subcomponent: Frameworks). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Peoplesoft Enterprise Cs Campus Community
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy