430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Oracle PeopleSoft admin credentials open to hackers

SAP Security experts discovered a number of unpatched vulnerabilities and weaknesses in Oracle PeopleSoft that could be exploited to obtain admin passwords. The SAP security experts, Alexander Polyakov and Alexey Tyurin, revealed that Oracle PeopleSoft contains unpatched vulnerabilities and weaknesses that could be exploited by attackers to obtain admin passwords. The impact of such vulnerabilities […]

Oracle PeopleSoft admin credentials open to hackers

SAP Security experts discovered a number of unpatched vulnerabilities and weaknesses in Oracle PeopleSoft that could be exploited to obtain admin passwords.

The SAP security experts, Alexander Polyakov and Alexey Tyurin, revealed that Oracle PeopleSoft contains unpatched vulnerabilities and weaknesses that could be exploited by attackers to obtain admin passwords. The impact of such vulnerabilities is serious, more than 7000 companies use PeopleSoft solutions according the experts that highlighted that about half of the Fortune 100 are among the customers of the company.unpatched vulnerabilities and weaknesses that could be exploited by attackers to obtain admin passwords. The impact of such vulnerabilities is serious, more than 7000 companies use PeopleSoft solutions according the experts that highlighted that about half of the Fortune 100 are among the customers of the company.

The hackers discovered that PeopleSoft encrypted credential can be extracted from the TokenID used by the password recovery sites, anyway broke the encryption used to protect them is quite easy by using a cheap graphical processing unit.

peoplesoft

Oracle admitted the existence of the bug only in its demo system excluding any problem in production systems, but the experts explained that the flaws affects also a number of PeopleSoft production implementations.

“There are multiple default credentials in PeopleSoft itself and Weblogic Application server,” Polyakov says. “While Oracle telling us that this problem is only for a demo system, we disagree as we saw production implementations during our penetration tests where those default passwords exist.” “Not every implementation is vulnerable, but some of them definitely vulnerable, and those are not only demo installations.”

An attacker could obtain administrator privileges by brute-forcing the special node-password which uses SHA1.

“What’s more, attackers in some cases don’t need to have a user account to get a cookie-token since some public web pages such as password recovery or job forms pages generate tokens automatically forms,” he says.

Some PeopleSoft installations use standard default settings, really too easy for attackers!

“The only way now is set very strong password for the node, or change it to certificate authentication instead of password authentication. Those changes will require some configuration especially if customer use multiple nodes, and of course they will need to turn off systems for some time to reconfigure it,” he says.

Another disconcerting aspect of the vulnerabilities affecting the PeopleSoft solutions is that they could be exploited in order to hack connected applications

Tyurin remarked the poor state of security for PeopleSoft solutions and explained the importance to have people involved in vulnerability assessment and penetration testing to evaluate the level of security for the applications.

“While cyber criminals are exploiting existing security flaws, companies don’t know the methodology for testing their PeopleSoft applications against vulnerabilities, especially architectural ones,” Tyurin says.

Pierluigi Paganini

(Security Affairs – PeopleSoft , security)