CyberSec.Space Logo
Back to CVE Browser

CVE-2018-2944

HIGH
7.5
CVSS Severity Score
EPSS Score0.0870%
EPSS Percentile36.24th
PublishedJul 18, 2018
Last ModifiedNov 21, 2024

Vulnerability Description

Vulnerability in the JD Edwards EnterpriseOne Tools component of Oracle JD Edwards Products (subcomponent: Monitoring and Diagnostics). The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseOne Tools. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all JD Edwards EnterpriseOne Tools accessible data. CVSS 3.0 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).

Affected Platforms (CPE)

πŸ“¦
Oracle

Jd Edwards Enterpriseone Tools

= 9.2

References & Advisories

πŸ”— http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
πŸ”— http://www.securityfocus.com/bid/104789
πŸ”— http://www.securitytracker.com/id/1041305
πŸ”— http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
πŸ”— http://www.securityfocus.com/bid/104789
πŸ”— http://www.securitytracker.com/id/1041305

Related Vulnerabilities

CVE-2006-372410.0

Unspecified vulnerability in JD Edwards HTML Server for Oracle OneWorld Tools EnterpriseOne Tools 8.95 and 8.96 has unknown impact...

CVE-2020-27339.8

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Monitoring and Diagnostics). The supp...

CVE-2016-04207.8

Unspecified vulnerability in the JD Edwards EnterpriseOne Tools component in Oracle JD Edwards Products 9.1 and 9.2 allows remote ...

CVE-2007-55327.5

Unspecified vulnerability in the People Tools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.22.17, 8.47...