16 matches found
CVE-2025-21552
Vulnerability in the JD Edwards EnterpriseOne Orchestrator product of Oracle JD Edwards component: E1 IOT Orchestrator Security. Supported versions that are affected are Prior to 9.2.9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD...
CVE-2024-21168
Vulnerability in the JD Edwards EnterpriseOne Orchestrator product of Oracle JD Edwards component: E1 IOT Orchestrator Security. Supported versions that are affected are Prior to 9.2.8.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD...
CVE-2025-21552
Vulnerability in the JD Edwards EnterpriseOne Orchestrator product of Oracle JD Edwards component: E1 IOT Orchestrator Security. Supported versions that are affected are Prior to 9.2.9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD...
Oracle JD Edwards Products 安全漏洞
Oracle JD Edwards Products is a fully integrated suite of Enterprise Resource Planning ERP applications from Oracle Corporation USA. The products provide application modules for financial management, project management, and asset lifecycle management. A security vulnerability exists in Oracle JD...
CVE-2024-21168
Vulnerability in the JD Edwards EnterpriseOne Orchestrator product of Oracle JD Edwards component: E1 IOT Orchestrator Security. Supported versions that are affected are Prior to 9.2.8.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD...
CVE-2024-21168
CVE-2024-21168 affects Oracle JD Edwards JD Edwards EnterpriseOne Orchestrator (component: E1 IOT Orchestrator Security). Affected versions are prior to 9.2.8.3. The vulnerability allows a low-privileged attacker with network access via HTTP to compromise the Orchestrator, leading to unauthorized...
Vulnerabilities fixed in Oracle JD Edwards
Vulnerabilities have been fixed in Oracle JD Edwards. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution User rights Access to sensitive data Oracle ha...
Vulnerabilities fixed in Oracle JD Edwards products
Oracle has fixed vulnerabilities in the following JD Edwards products: EnterpriseOne Orchestrator EnterpriseOne Tools A malicious party can exploit the vulnerabilities to cause the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution Administrator/Root...
CVE-2022-21532
Vulnerability in the JD Edwards EnterpriseOne Orchestrator product of Oracle JD Edwards component: E1 IOT Orchestrator. Supported versions that are affected are 9.2.6.3 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD Edwards...
CVE-2022-21532
CVE-2022-21532 affects Oracle JD Edwards EnterpriseOne Orchestrator (component E1 IOT Orchestrator). Affected versions are 9.2.6.3 and prior. The vulnerability permits a low-privilege, network-accessible attacker over HTTP to read a subset of data from the Orchestrator due to an input/validation ...
CVE-2022-21532
Vulnerability in the JD Edwards EnterpriseOne Orchestrator product of Oracle JD Edwards component: E1 IOT Orchestrator. Supported versions that are affected are 9.2.6.3 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD Edwards...
Vulnerabilities fixed in Oracle JD Edwards
Oracle has fixed vulnerabilities in JD Edwards EnterpriseOne Orchestrator and EnterpriseOne Tools. The vulnerabilities allow a malicious party potentially able to launch attacks that lead to the following categories of damage: Denial-of-Service DoS Manipulation of data Bypassing authentication...
CVE-2021-2052
Vulnerability in the JD Edwards EnterpriseOne Orchestrator product of Oracle JD Edwards component: E1 IOT Orchestrator Security. The supported version that is affected is Prior to 9.2.5.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise ...
Design/Logic Flaw
Vulnerability in the JD Edwards EnterpriseOne Orchestrator product of Oracle JD Edwards component: E1 IOT Orchestrator Security. The supported version that is affected is Prior to 9.2.5.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise ...
CVE-2021-2052
Vulnerability in the JD Edwards EnterpriseOne Orchestrator product of Oracle JD Edwards component: E1 IOT Orchestrator Security. The supported version that is affected is Prior to 9.2.5.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise ...
CVE-2021-2052
Vulnerability in the JD Edwards EnterpriseOne Orchestrator product of Oracle JD Edwards component: E1 IOT Orchestrator Security. The supported version that is affected is Prior to 9.2.5.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise ...