EAS-SEC. Oracle PeopleSoft security configuration. Part 9: Insecure trusted...
Various solutions may be used to create intersystem business processes. The trusted relationships or Single Sign-on (SSO) between PeopleSoft systems allow minimizing the authentication requirements. If...
View ArticleClik here to view.
EAS-SEC. Oracle PeopleSoft Security Configuration. Part 10: Logging of...
One of the most important aspects to ensure the PeopleSoft security is security event logging in place. In case of an incident (which is likely to happen since there are plenty of settings and it is...
View ArticleClik here to view.
JOLTandBLEED Details and PoC
On November 15, 2017, Oracle published urgent critical updates related to JOLTandBLEED vulnerability (CVE 2017-10269). Today we released its proof of concept. As you remember, this vulnerability...
View ArticleClik here to view.
Analyzing Oracle Security – Oracle Critical Patch Update January 2018
Today Oracle has released its quarterly patch update for January 2018. It fixes a total of 237 vulnerabilities. The main highlights are as follows: The current CPU contains 153 vulnerabilities in...
View Article[ERPSCAN-18-001] Information Disclosure in PeopleSoft Listening Connector
Application: Oracle PeopleSoft Versions Affected: Oracle PeopleTools 8.54 – 8.56 Vendor: Oracle Bugs: Information Disclosure Reported: 15.06.2017 Vendor response: 16.06.2017 Date of Public Advisory:...
View ArticleClik here to view.
Analyzing Oracle Security – Oracle Critical Patch Update for October 2018
Today Oracle has released its quarterly patch update for October 2018. It fixes 301 vulnerabilities. The main highlights are as follows: Oracle closed 1119 issues in 2018 in total that is the same as...
View Article