Code injection

2016-01-2102:59:00

PRIOn knowledge base

www.prio-n.com

6.4 Medium

AI Score

Confidence

Low

0.008 Low

EPSS

Percentile

81.3%

JSON

Unspecified vulnerability in the JD Edwards EnterpriseOne Tools component in Oracle JD Edwards Products 9.1 and 9.2 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Enterprise Infrastructure SEC.

CPENameOperatorVersion
jd_edwards_productseq9.2
jd_edwards_productseq9.1

CPE	Name	Operator	Version
	jd_edwards_products	eq	9.2
	jd_edwards_products	eq	9.1

References

packetstormsecurity.com/files/138512/JD-Edwards-9.1-EnterpriseOne-Server-JDENET-Denial-Of-Service.html

seclists.org/fulldisclosure/2016/Aug/128

www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html

www.securitytracker.com/id/1034722

www.onapsis.com/research/security-advisories/jd-edwards-jdenet-end-file-dos