CVE-2022-21561 in JD Edwards EnterpriseOne Toolsinfo

Zusammenfassung

von MITRE • 20.07.2022

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime). Supported versions that are affected are 9.2.6.3 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD Edwards EnterpriseOne Tools. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all JD Edwards EnterpriseOne Tools accessible data. CVSS 3.1 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).

Be aware that VulDB is the high quality source for vulnerability data.

Reservieren

15.11.2021

Veröffentlichung

20.07.2022

Moderieren

akzeptiert

Eintrag

VDB-204434

CPE

bereit

EPSS

0.00679

KEV

nein

Aktivitäten

very low

Quellen

Do you know our Splunk app?

Download it now for free!