Zero-friction vulnerability management platform

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

CVE-2003-0628

CVE information

Published

18 years ago

Last Modified

6 years ago

CVSSv2.0 Severity

Medium

Impact Analysis

Description

PeopleSoft Gateway Administration servlet (gateway.administration) in PeopleTools 8.43 and earlier allows remote attackers to obtain the full pathnames for server-side include (SSI) files via an HTTP request with an invalid value..

CVSSv2.0 Score

Severity
Medium
Base Score
5/10
Exploit Score
10/10
Access Vector
Network
Access Complexity
Low
Authentication Required
None
Impact Score
2.9/10
Confidentiality Impact
Partial
Availability Impact
None
Integrity Impact
None

Products Affected

CPE Affected Vulnerable Excluding Edit
cpe:2.3:a:peoplesoft:peopletools:8.15:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:peoplesoft:peopletools:8.19:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:peoplesoft:peopletools:8.42:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:peoplesoft:peopletools:8.43:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:peoplesoft:peopletools:8.12:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:peoplesoft:peopletools:8.10:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:peoplesoft:peopletools:8.17:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:peoplesoft:peopletools:8.41:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:peoplesoft:peopletools:8.16:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:peoplesoft:peopletools:8.11:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:peoplesoft:peopletools:8.18:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:peoplesoft:peopletools:8.13:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:peoplesoft:peopletools:8.20:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:peoplesoft:peopletools:8.4:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:peoplesoft:peopletools:8.14:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:peoplesoft:peopletools:8.40:*:*:*:*:*:*:*
  Yes
- -