182 matches found
PT-2024-10264 · Oracle · Jd Edwards Enterpriseone Tools
Name of the Vulnerable Software and Affected Versions: JD Edwards EnterpriseOne Tools versions prior to 9.2.9.0 Description: This issue allows an attacker with low privileges and network access via HTTP to compromise JD Edwards EnterpriseOne Tools. Successful attacks can result in the unauthorize...
The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools system for managing enterprise resources allows a perpetrator to gain unauthorized access to read, modify, or delete data.
The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools system for resource management involves insufficient validation of input data. Exploiting this vulnerability could allow an attacker to gain unauthorized access to read, modify, or delete data using the HTTP...
CVE-2024-21150
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime SEC. Supported versions that are affected are Prior to 9.2.8.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards...
CVE-2024-21150
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime SEC. Supported versions that are affected are Prior to 9.2.8.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards...
CVE-2024-21150
CVE-2024-21150 affects Oracle JD Edwards EnterpriseOne Tools (Web Runtime SEC) with versions prior to 9.2.8.2. The issue arises from insufficient input validation in the Web Runtime SEC component, allowing an unauthenticated attacker with network access via HTTP to compromise the tools, potential...
PT-2023-9320 · Oracle · Jd Edwards Enterpriseone Tools
Name of the Vulnerable Software and Affected Versions: JD Edwards EnterpriseOne Tools versions prior to 9.2.8.2 Description: The issue is related to insufficient input validation in the Web Runtime SEC component. It allows an unauthenticated attacker with network access via HTTP to compromise JD...
The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools system for resource management allows a perpetrator to gain read access to data and modify it.
The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools system for resource management involves errors in processing input data. Exploiting this vulnerability can allow an attacker to gain read access to data and modify it...
CVE-2023-22055
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime SEC. Supported versions that are affected are Prior to 9.2.7.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards...
Code injection
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime SEC. Supported versions that are affected are Prior to 9.2.7.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards...
Oracle JD Edwards 安全漏洞
Oracle JD Edwards Products is a fully integrated suite of Enterprise Resource Planning ERP applications from Oracle. The product provides application modules for financial management, project management, and asset lifecycle management. A security vulnerability exists in Oracle JD Edwards' JD...
The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools, a resource management system, allows a perpetrator to gain access to read, modify, add, or delete data.
The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools system for resource management involves insufficient validation of input data. Exploiting this vulnerability could allow an attacker to gain read, modify, add, or delete access to data...
CVE-2022-21630
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime SEC. Supported versions that are affected are 9.2.6.4 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards...
CVE-2022-21630
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime SEC. Supported versions that are affected are 9.2.6.4 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards...
CVE-2022-21630
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime SEC. Supported versions that are affected are 9.2.6.4 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards...
CVE-2022-21629
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime SEC. Supported versions that are affected are 9.2.6.4 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD Edwards...
CVE-2022-21629
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime SEC. Supported versions that are affected are 9.2.6.4 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD Edwards...
Code injection
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime SEC. Supported versions that are affected are 9.2.6.4 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD Edwards...
CVE-2022-21630
CVE-2022-21630 affects Oracle JD Edwards EnterpriseOne Tools (Web Runtime SEC); affected versions are 9.2.6.4 and earlier. An unauthenticated attacker with network access via HTTP can compromise JD Edwards EnterpriseOne Tools, with successful exploits reportedly requiring user interaction. The vu...
The vulnerability of the Web Runtime component of the JD Edwards EnterpriseOne Tools system allows a perpetrator to gain access to read, modify, add, or delete data, or to cause partial service interruption.
The vulnerability of the Web Runtime component of the JD Edwards EnterpriseOne Tools system exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to read, modify, add, or delete data, or cause a partial service...
The vulnerability of the Web Runtime component of the JD Edwards EnterpriseOne Tools system allows a hacker to disclose protected information.
The vulnerability of the Web Runtime component of the JD Edwards EnterpriseOne Tools system management resource application is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to disclose sensitive information...