Your browser does not seem to support JavaScript. As a result, your viewing experience will be diminished, and you may not be able to execute some actions.

Please download a browser that supports JavaScript, or enable it if it's disabled (i.e. NoScript).

Critical PeopleSoft JOLTANDBLEED Vulnerability CVE-2017-10269

Thomas D\'Andrea

If you use PeopleSoft please read this from Oracle regarding the Jolt server within Tuxedo. This is a critical issue with a maximum CVSS score of 10.0 and may be exploited over a network without the need for a valid username and password.

http://www.oracle.com/technetwork/security-advisory/alert-cve-2017-10269-4021872.html

This was released 2 days ago so it is possible these scripts have been running live on the internet scraping for information. If you have a public facing interface, I think it's even more important to perform an immediate risk analysis and consider taking it down.

To see how easy it is to grab usernames and passwords you can see the process automated in a few lines here, with a demo login subsequently exemplified using the server response. The programmer could scrape the information now and just come back later with the username and password.

https://erpscan.com/press-center/blog/peoplesoft-joltandbleed/

Thanks,

Thomas D'Andrea

1 Posts
272 Views