A dozen vulnerabilities, including three critical architectural issues, in PeopleSoft implementations were discussed this week at Hack in the Box conference in Amsterdam. ERPScan in Palo Alto, a firm specializing in SAP security, this week threw back the covers on a number of serious issues present in Oracle PeopleSoft. The most critical weakness was found in the token generation process for single sign-on, researcher Alexey Tyurin said. PeopleSoft has yet to patch this issue, but the researcher expects more ERP security research to emerge in the coming months.
Source: https://threatpost.com/peoplesoft-vulnerabilities-elevate-erp-security-issues/113061/