CVE-2016-0423

Severity

73%

Complexity

49%

Confidentiality

158%

Unspecified vulnerability in the JD Edwards EnterpriseOne Tools component in Oracle JD Edwards Products 9.1 and 9.2 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Enterprise Infrastructure SEC.

Unspecified vulnerability in the JD Edwards EnterpriseOne Tools component in Oracle JD Edwards Products 9.1 and 9.2 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Enterprise Infrastructure SEC.

CVSS 2.0 Base Score 7.3. CVSS Attack Vector: network. CVSS Attack Complexity: high. CVSS Vector: (AV:N/AC:H/Au:N/C:C/I:C/A:P).

Overview

Type

Oracle JD Edwards Products

First reported 9 years ago

2016-01-21 02:59:00

Last updated 7 years ago

2018-02-20 02:29:00

Affected Software

Oracle JD Edwards Products 9.1

9.1

Oracle JD Edwards Products 9.2

9.2

References

http://packetstormsecurity.com/files/138512/JD-Edwards-9.1-EnterpriseOne-Server-JDENET-Denial-Of-Service.html

20160825 Onapsis Security Advisory ONAPSIS-2016-014: JD Edwards JDENET function DoS

http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html

Vendor Advisory

1034722

https://www.onapsis.com/research/security-advisories/jd-edwards-jdenet-end-file-dos

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.