CVE-2017-3548

MEDIUM

Oracle PeopleSoft Products <8.56 - Info Disclosure

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2017-3548. PoCs published by Charles Fol, ERPScan.

AI-analyzed exploit summary This exploit leverages an XXE vulnerability in Oracle PeopleSoft to achieve remote code execution by deploying a malicious service via Axis and executing arbitrary commands through a JSP payload.

Description

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Integration Broker). Supported versions that are affected are 8.54 and 8.55. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks of this vulnerability can result in unauthorized read access to a subset of PeopleSoft Enterprise PeopleTools accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of PeopleSoft Enterprise PeopleTools. CVSS 3.0 Base Score 6.5 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L).

Exploits (2)

exploitdb WORKING POC

by Charles Fol · pythonwebappsjava

https://www.exploit-db.com/exploits/43114

View Code ZIP pw:eip

This exploit leverages an XXE vulnerability in Oracle PeopleSoft to achieve remote code execution by deploying a malicious service via Axis and executing arbitrary commands through a JSP payload.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Oracle PeopleSoft (multiple versions, including those using PeopleTools)

No auth needed

Prerequisites: Network access to the target PeopleSoft instance · Vulnerable XXE endpoint at /PSIGW/HttpListeningConnector

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1205 - Traffic Signaling T1220 - XSL Script Processing

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WRITEUP

by ERPScan · textwebappsxml

https://www.exploit-db.com/exploits/41925

View Code ZIP pw:eip

This is a writeup describing an XXE vulnerability in Oracle PeopleSoft HCM 9.2 on PeopleTools 8.55. The vulnerability allows an attacker to send specially crafted XML requests to access the OS file system.

Classification

Writeup 100%

Attack Type

Info Leak

Complexity

Moderate

Reliability

Reliable

Target: Oracle PeopleSoft HCM 9.2 on PeopleTools 8.55

No auth needed

Prerequisites: Network access to the target system

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5

Core References

Third Party Advisory, VDB Entry exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/41925/

Patch, Vendor Advisory x_refsource_confirm

http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id/1038301

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/97880

Third Party Advisory x_refsource_misc

https://erpscan.io/advisories/erpscan-17-020-xxe-via-doctype-peoplesoft/

Scores

CVSS v3 6.5

EPSS 0.1581

EPSS Percentile 96.5%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-611

Status published

Products (4)

oracle/peoplesoft_enterprise_peopletools 8.54

oracle/peoplesoft_enterprise_peopletools 8.55

Oracle Corporation/PeopleSoft Enterprise PT PeopleTools 8.54

Oracle Corporation/PeopleSoft Enterprise PT PeopleTools 8.55

Published Apr 24, 2017

Tracked Since Feb 18, 2026