CVE-2010-3533
Description
Unspecified vulnerability in the PeopleSoft Enterprise SCM OM and CRM Order Capture component in Oracle PeopleSoft and JDEdwards Suite 8.9, 9.0, and 9.1 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Remote authenticated users can affect confidentiality and integrity of PeopleSoft SCM OM and CRM Order Capture in versions 8.9, 9.0, 9.1.
Vulnerability
An unspecified vulnerability exists in the PeopleSoft Enterprise SCM OM and CRM Order Capture component of Oracle PeopleSoft and JDEdwards Suite. The flaw affects versions 8.9, 9.0, and 9.1 [1]. The exact nature of the bug is not disclosed by Oracle, but it can be exploited by remote authenticated users without requiring additional privileges beyond standard authentication.
Exploitation
An attacker must have valid user credentials to the affected PeopleSoft application. The vulnerability is remotely exploitable over a network without requiring physical access [1]. Specific exploitation steps are not publicly detailed, but the attack vector likely involves sending crafted input or requests to the Order Capture module.
Impact
Successful exploitation allows a remote authenticated user to compromise the confidentiality and integrity of the system [1]. The attacker could potentially read sensitive data or modify information processed by the Order Capture component, though the specific scope and privilege level are not further described in available references.
Mitigation
Oracle addressed this vulnerability in the Critical Patch Update released in October 2010 [1]. Administrators should apply the relevant patch from Oracle as soon as possible for PeopleSoft Enterprise SCM OM and CRM Order Capture versions 8.9, 9.0, and 9.1. No workarounds are documented in the references. The CVE is not listed on CISA's Known Exploited Vulnerabilities Catalog as of this writing.
AI Insight generated on May 23, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
4cpe:2.3:a:oracle:peoplesoft_and_jdedwards_product_suite:8.9:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:oracle:peoplesoft_and_jdedwards_product_suite:8.9:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:peoplesoft_and_jdedwards_product_suite:9.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:peoplesoft_and_jdedwards_product_suite:9.1:*:*:*:*:*:*:*
- Range: 8.9, 9.0, 9.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- www.us-cert.gov/cas/techalerts/TA10-287A.htmlnvdUS Government Resource
- www.oracle.com/technetwork/topics/security/cpuoct2010-175626.htmlnvd
News mentions
0No linked articles in our index yet.