HarborGuardharborguardDatabase
Back to search
HIGHCVE-2026-35279Published Modified CNA oracle

CVE-2026-35279: Vulnerability in the PeopleSoft Enterprise PT PeopleTools product of Oracle PeopleSoft (component: Performance Monitor)

Vulnerability in the PeopleSoft Enterprise PT PeopleTools product of Oracle PeopleSoft (component: Performance Monitor). Supported versions that are affected are 8.61 and 8.62. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PT PeopleTools. Successful attacks of this vulnerability can result in takeover of PeopleSoft Enterprise PT PeopleTools. CVSS 3.1 Base Score 8.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H).

Metrics

CVSS v3.1
8.1
Severity
HIGH
Fixed in
Affected Products
1

Get notified

Email me when this CVE is updated: new fix versions, severity changes, or any record change.

HarborGuard Analysis

Synopsis

An unspecified vulnerability in the Performance Monitor component of Oracle PeopleSoft Enterprise PT PeopleTools (versions 8.61 and 8.62) is reachable over HTTP from the network without any authentication. The CVSS vector indicates high attack complexity, meaning exploitation requires the attacker to meet specific environmental or timing conditions before the attack succeeds. Successful exploitation results in full takeover of the PeopleTools instance, affecting confidentiality, integrity, and availability. HarborGuard is tracking this advisory and will make a patched-image rebuild available the moment Oracle publishes a fix.

HarborGuard Coverage

Detection

Detection of CVE-2026-35279 is available across every HarborGuard environment: the CVE is ingested from upstream advisory feeds within minutes of publication and matched against all customer images, including custom-built images derived from affected PeopleTools base layers. Any image found running PeopleSoft Enterprise PT PeopleTools 8.61 or 8.62 is flagged automatically.

Available
Triage

HarborGuard scores this CVE at CVSS 8.1 (HIGH) and surfaces it accordingly in each customer's compliance-weighted issue queue, taking into account the environment's defined risk thresholds and policy rules. Routing to the appropriate team inbox within each customer organization is handled automatically based on image ownership and policy configuration.

Available
Patch

No fix version has been published by Oracle for this CVE. HarborGuard re-evaluates the advisory on every ingest cycle and will make a patched-image rebuild available automatically once Oracle ships an upstream fix. For customers with auto-remediation enabled, that rebuild will trigger a regression test run and a PR opened against affected workloads without manual intervention.

Pending upstream

Exploit Conditions

  • Network reachabilityRequired

    The attacker must reach the PeopleTools Performance Monitor service over the network via HTTP; no local or physical access is required.

  • AuthenticationNot required

    No credentials or prior account access are needed; the attack is available to any unauthenticated party with network access.

  • Victim interactionNot required

    No user interaction is required; the attacker does not need to trick or involve any human on the target system.

  • Attack complexityDetail

    Attack complexity is rated High, meaning the attacker must satisfy specific environmental conditions or timing constraints beyond simple connectivity before exploitation succeeds.

Blast Radius

  • A successful attacker reads all data accessible to the PeopleTools application, including HR records, financials, and session tokens stored within the instance.
  • A successful attacker modifies or destroys data persisted by PeopleTools, including business process configurations, user records, and audit logs.
  • A successful attacker crashes or permanently disrupts the PeopleTools service, making it unavailable to all users.
  • Because the impact is rated as full takeover, a successful attacker gains the ability to pivot from the compromised PeopleTools instance to other systems it communicates with.

How HarborGuard Handles This

Available on HarborGuard: detection for CVE-2026-35279 is active and will flag any scanned image running PeopleSoft Enterprise PT PeopleTools 8.61 or 8.62. Because Oracle has not yet published a fix, no patched-image rebuild is available at this time. HarborGuard will re-check the advisory on every ingest cycle and will surface a rebuild automatically the moment Oracle ships a corrective patch; customers with auto-remediation enabled will receive a rebuilt image, a regression-test run, and a PR opened against affected workloads without manual steps. In the interim, compensating controls worth considering include network-policy isolation that restricts HTTP access to the Performance Monitor component to known internal IP ranges, egress filtering to limit lateral movement from the PeopleTools host, and review of whether the Performance Monitor endpoint can be disabled or gated behind a reverse proxy requiring authentication until an official patch is available.

See how HarborGuard automates this
Affected packages
  • Oracle Corporation / PeopleSoft Enterprise PT PeopleTools
    8.61 · 8.62
CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
References