CyberSec.Space Logo
Back to CVE Browser

CVE-2020-2733

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.1450%
EPSS Percentile37.01th
PublishedApr 15, 2020
Last ModifiedNov 21, 2024

Vulnerability Description

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Monitoring and Diagnostics). The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseOne Tools. Successful attacks of this vulnerability can result in takeover of JD Edwards EnterpriseOne Tools. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

Affected Platforms (CPE)

📦
Oracle

Jd Edwards Enterpriseone Tools

= 9.2

References & Advisories

🔗 https://www.oracle.com/security-alerts/cpuapr2020.html
🔗 https://www.oracle.com/security-alerts/cpuapr2020.html

Related Vulnerabilities

CVE-2006-372410.0

Unspecified vulnerability in JD Edwards HTML Server for Oracle OneWorld Tools EnterpriseOne Tools 8.95 and 8.96 has unknown impact...

CVE-2016-04207.8

Unspecified vulnerability in the JD Edwards EnterpriseOne Tools component in Oracle JD Edwards Products 9.1 and 9.2 allows remote ...

CVE-2018-29447.5

Vulnerability in the JD Edwards EnterpriseOne Tools component of Oracle JD Edwards Products (subcomponent: Monitoring and Diagnost...

CVE-2007-55327.5

Unspecified vulnerability in the People Tools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.22.17, 8.47...