CVE-2024-20957 in JD Edwards EnterpriseOne Toolsinfo

Zusammenfassung

von MITRE • 17.01.2024

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Package Build SEC). Supported versions that are affected are Prior to 9.2.8.1. Easily exploitable vulnerability allows high privileged attacker with network access via JDENET to compromise JD Edwards EnterpriseOne Tools. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of JD Edwards EnterpriseOne Tools. CVSS 3.1 Base Score 2.7 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L).

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Zuständig

Oracle

Reservieren

07.12.2023

Veröffentlichung

17.01.2024

Moderieren

akzeptiert

Eintrag

VDB-251249

CPE

bereit

EPSS

0.00471

KEV

nein

Aktivitäten

very low

Quellen

Do you want to use VulDB in your project?

Use the official API to access entries easily!