CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2020-2733

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.1450%
EPSS Percentile37.01th
Published2020年4月15日
Last Modified2024年11月21日

Vulnerability Description

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Monitoring and Diagnostics). The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseOne Tools. Successful attacks of this vulnerability can result in takeover of JD Edwards EnterpriseOne Tools. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

Affected Platforms (CPE)

📦
Oracle

Jd Edwards Enterpriseone Tools

= 9.2

References & Advisories

🔗 https://www.oracle.com/security-alerts/cpuapr2020.html
🔗 https://www.oracle.com/security-alerts/cpuapr2020.html

相關漏洞威脅

CVE-2006-372410.0

Unspecified vulnerability in JD Edwards HTML Server for Oracle OneWorld Tools EnterpriseOne Tools 8.95 and 8.96 has unknown impact...

CVE-2016-04207.8

Unspecified vulnerability in the JD Edwards EnterpriseOne Tools component in Oracle JD Edwards Products 9.1 and 9.2 allows remote ...

CVE-2018-29447.5

Vulnerability in the JD Edwards EnterpriseOne Tools component of Oracle JD Edwards Products (subcomponent: Monitoring and Diagnost...

CVE-2007-55327.5

Unspecified vulnerability in the People Tools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.22.17, 8.47...