Multiple vulnerabilities have been identified in Oracle products

Multiple vulnerabilities have been identified in Oracle products which could be exploited potentially by a malicious user to compromise affected systems.

How it can be Exploited
CVE-2023-21994: An unspecified vulnerability exists in Oracle Mobile Security Suite because a flaw occurs in the Android Mobile Authenticator App component.

CVE-2023-22014: An unspecified vulnerability exists in Oracle PeopleSoft Enterprise PeopleTools because a flaw occurs in the 'Portal' component.

Type
Vulnerability

Public Disclosure
18 July 2023

Affected Products
Oracle Mobile Security Suite Prior to v11.1.2.3.1
Oracle PeopleSoft Enterprise PeopleTools v8.59
Oracle PeopleSoft Enterprise PeopleTools v8.60

Impact
CVE-2023-21994: Easily exploitable vulnerability allows unauthenticated attackers access to the physical communication segment attached to the hardware where the Oracle Mobile Security Suite executes to compromise Oracle Mobile Security Suite. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Mobile Security Suite accessible data.

CVE-2023-22014: Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where PeopleSoft Enterprise PeopleTools executes to compromise PeopleSoft Enterprise PeopleTools. Successful attacks of this vulnerability can result in takeover of PeopleSoft Enterprise PeopleTools.

Action Required

For Security Advisories Services and further assistance, please don't hesitate to contact us:

Email: sales@r4im.com

Phone: 0529386413

We're here to help you stay secure and informed in the ever-changing landscape of cybersecurity.