CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2018-2944

HIGH
7.5
CVSS Severity Score
EPSS Score0.0870%
EPSS Percentile36.24th
Published2018年7月18日
Last Modified2024年11月21日

Vulnerability Description

Vulnerability in the JD Edwards EnterpriseOne Tools component of Oracle JD Edwards Products (subcomponent: Monitoring and Diagnostics). The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseOne Tools. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all JD Edwards EnterpriseOne Tools accessible data. CVSS 3.0 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).

Affected Platforms (CPE)

📦
Oracle

Jd Edwards Enterpriseone Tools

= 9.2

References & Advisories

🔗 http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
🔗 http://www.securityfocus.com/bid/104789
🔗 http://www.securitytracker.com/id/1041305
🔗 http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
🔗 http://www.securityfocus.com/bid/104789
🔗 http://www.securitytracker.com/id/1041305

相關漏洞威脅

CVE-2006-372410.0

Unspecified vulnerability in JD Edwards HTML Server for Oracle OneWorld Tools EnterpriseOne Tools 8.95 and 8.96 has unknown impact...

CVE-2020-27339.8

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Monitoring and Diagnostics). The supp...

CVE-2016-04207.8

Unspecified vulnerability in the JD Edwards EnterpriseOne Tools component in Oracle JD Edwards Products 9.1 and 9.2 allows remote ...

CVE-2007-55327.5

Unspecified vulnerability in the People Tools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.22.17, 8.47...