Recently Oracle has delivered Critical Patch Update. Universities should care
PeopleSoft is an industry software product line owned by Oracle that provides large-scale enterprises including those in the education sector with an integrated Enterprise Resource Planning (ERP) software package supporting and automating daily business processes.
PeopleSoft systems are used by various departments of educational institutions. These applications are PeopleSoft Campus Solutions, Human Resource Management Systems (HRMS), Customer Relationship Management (CRM), Financials, and Enterprise Performance Management (EPM).
Since hackers continuously try to exploit security vulnerabilities existing in the product, the database giant releases the Critical Patch Update (CPU).
In the first quarter of 2019, Oracle published CPU with 7% of patches addressing PeopleSoft.
In January, the vendor delivers 20 fixes for PeopleSoft. 15 of these flaws are remotely exploitable. One patch got high Common Vulnerability Scoring System (CVSS) score of 8.8.
EdGuards gives this PeopleSoft update collection a rate of 6.2 for January 2019. The index is an average score of patch updates. The rate for this PeopleSoft patch update is higher than in October 2018, which was 5.9. Therefore, this CPU contains more critical flaws.
PeopleSoft manages a wide range of business processes and stores key data, and a successful attack against PeopleSoft allows a cyber attacker to steal, modify or manipulate different business-critical information, depending on modules installed in an organization.
Oracle recommends its customers to install updates right after Oracle’s release and do not delay this process.
The next Oracle CPU is scheduled for April 16, 2019.
The post Education Sector: PeopleSoft Critical Patch Update January 2019 appeared first on EdGuards – Security for Education.
*** This is a Security Bloggers Network syndicated blog from EdGuards – Security for Education authored by edguards. Read the original post at: https://edguards.com/pr/articles/education-sector-peoplesoft-critical-patch-update-january-2019/