Unrated severityNVD Advisory· Published Oct 14, 2010· Updated Apr 29, 2026

CVE-2010-3525

Description

Unspecified vulnerability in the (1) PeopleSoft Enterprise FMS, (2) SCM, (3) EPM, (4) CRM, and (5) Campus Solutions components in Oracle PeopleSoft and JDEdwards Suite 8.9, 9.0, and 9.1 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Oracle PeopleSoft and JDEdwards Suite 8.9/9.0/9.1 contain an unspecified vulnerability allowing remote authenticated users to affect confidentiality and integrity.

Vulnerability

This unspecified vulnerability exists in multiple PeopleSoft and JDEdwards Suite components: PeopleSoft Enterprise FMS, SCM, EPM, CRM, and Campus Solutions, as well as JDEdwards Suite, in versions 8.9, 9.0, and 9.1 [1]. The exact nature of the bug within these components is not disclosed by the vendor.

Exploitation

A remote attacker with valid authentication to an affected PeopleSoft or JDEdwards instance can exploit this vulnerability via unknown vectors. No further details are provided in the available references regarding the sequence of steps or specific conditions required beyond authenticated access [1].

Impact

Successful exploitation could lead to unauthorized disclosure of information and/or unauthorized modification of data, affecting both confidentiality and integrity of the affected system. The impact on availability is not mentioned in the sources [1].

Mitigation

Oracle released a Critical Patch Update (CPU) in October 2010 to address this vulnerability. The fix is included in the Oracle Critical Patch Update Advisory - October 2010 [1]. Customers should apply the relevant patches provided by Oracle for their specific PeopleSoft or JDEdwards Suite version.

References

Oracle Updates for Multiple Vulnerabilities | CISA

AI Insight generated on May 23, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

Oracle Corporation/Peoplesoft And Jdedwards Product Suite3 versions
cpe:2.3:a:oracle:peoplesoft_and_jdedwards_product_suite:8.9:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:oracle:peoplesoft_and_jdedwards_product_suite:8.9:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:peoplesoft_and_jdedwards_product_suite:9.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:peoplesoft_and_jdedwards_product_suite:9.1:*:*:*:*:*:*:*
Oracle Corporation/Peoplesoft Enterprise Scmllm-fuzzy
Range: 8.9, 9.0, 9.1
Oracle Corporation/Peoplesoft Enterprise Fmsllm-fuzzy
Range: 8.9, 9.0, 9.1
Oracle Corporation/Peoplesoft Enterprisellm-fuzzy
Range: 8.9, 9.0, 9.1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.us-cert.gov/cas/techalerts/TA10-287A.htmlnvdUS Government Resource
www.oracle.com/technetwork/topics/security/cpuoct2010-175626.htmlnvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000