Unrated severityNVD Advisory· Published Feb 8, 2006· Updated Apr 16, 2026

CVE-2006-0584

Description

The PSCipher function in PeopleSoft People Tools 8.4x uses PKCS #5 with a fixed DES key to store user passwords, which makes it easier for local users to guess passwords using a dictionary attack that compares output strings.

Affected products

Oracle Corporation/Peopletools7 versions
cpe:2.3:a:peoplesoft:peopletools:8.4:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:peoplesoft:peopletools:8.4:*:*:*:*:*:*:*
- cpe:2.3:a:peoplesoft:peopletools:8.40:*:*:*:*:*:*:*
- cpe:2.3:a:peoplesoft:peopletools:8.41:*:*:*:*:*:*:*
- cpe:2.3:a:peoplesoft:peopletools:8.42:*:*:*:*:*:*:*
- cpe:2.3:a:peoplesoft:peopletools:8.43:*:*:*:*:*:*:*
- cpe:2.3:a:peoplesoft:peopletools:8.45.5:*:*:*:*:*:*:*
- cpe:2.3:a:peoplesoft:peopletools:8.46.3:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000