Oracle Jd Edwards 漏洞

时间轴

去年

版本

9.252
9.2.227
9.2.025
9.2.125
9.2.325

修正

Official Fix173
Temporary Fix0
Workaround0
Unavailable0
Not Defined9

易受攻击性

High2
Functional0
Proof-of-Concept5
Unproven2
Not Defined173

访问向量

Not Defined0
Physical0
Local11
Adjacent0
Network171

身份验证

Not Defined0
High3
Low36
None143

用户交互

Not Defined0
Required38
None144

C3BM Index

去年

CVSSv3 Base

≤10
≤20
≤32
≤44
≤519
≤626
≤743
≤840
≤910
≤1038

CVSSv3 Temp

≤10
≤20
≤32
≤44
≤520
≤650
≤723
≤841
≤94
≤1038

VulDB

≤10
≤20
≤32
≤44
≤519
≤628
≤737
≤839
≤914
≤1039

NVD

≤10
≤20
≤30
≤43
≤53
≤617
≤731
≤831
≤95
≤1040

CNA

≤10
≤20
≤31
≤41
≤53
≤64
≤75
≤82
≤94
≤100

供应商

≤10
≤20
≤30
≤42
≤53
≤66
≤715
≤87
≤96
≤1021

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

零日攻击

<1k0
<2k0
<5k5
<10k47
<25k82
<50k10
<100k32
≥100k6

本日攻击

<1k100
<2k25
<5k16
<10k5
<25k32
<50k4
<100k0
≥100k0

攻击市场容量

去年

🔴 CTI 活动

Affected Versions (33): 4.0.1, 8.9, 8.50.07, 8.96.i1, 8.98, 8.98 SP 24, 9.0, 9.1, 9.1.5, 9.2, 9.2.0.5, 9.2.1, 9.2.2, 9.2.3, 9.2.4, 9.2.5, 9.2.5.1, 9.2.5.2, 9.2.5.3, 9.2.6, 9.2.6.1, 9.2.6.2, 9.2.6.3, 9.2.6.4, 9.2.7, 24, A9.1, A9.2, A9.3, A9.3.1, A9.4, Prior to 9.2.8, Prior to 9.2.8.1

Link to Product Website: https://www.oracle.com

软件类型: Enterprise Resource Planning Software

已发布BaseTemp漏洞0day今天修正CTICVE
2024-01-162.72.6Oracle JD Edwards EnterpriseOne Tools Package Build SEC 拒绝服务$5k-$25k$0-$5kNot DefinedOfficial Fix0.02CVE-2024-20957
2024-01-162.72.6Oracle JD Edwards EnterpriseOne Tools Enterprise Infrastructure SEC 拒绝服务$5k-$25k$0-$5kNot DefinedOfficial Fix0.02CVE-2024-20905
2024-01-164.34.1Oracle JD Edwards EnterpriseOne Tools Monitoring/Diagnostics SEC 信息公开$5k-$25k$0-$5kNot DefinedOfficial Fix0.02CVE-2024-20937
2024-01-166.56.3Oracle JD Edwards EnterpriseOne Tools Enterprise Infrastructure SEC 拒绝服务$5k-$25k$0-$5kNot DefinedOfficial Fix0.02CVE-2023-2650
2024-01-167.57.3Oracle JD Edwards EnterpriseOne Tools Enterprise Infrastructure SEC 拒绝服务$5k-$25k$0-$5kNot DefinedOfficial Fix0.02CVE-2022-3479
2024-01-166.46.3Oracle JD Edwards EnterpriseOne Tools One-Click Provisioning 拒绝服务$5k-$25k$0-$5kNot DefinedOfficial Fix0.02CVE-2023-28756
2024-01-167.06.9Oracle JD Edwards EnterpriseOne Orchestrator E1 IOT Orchestrator Security 拒绝服务$5k-$25k$0-$5kNot DefinedOfficial Fix0.02CVE-2023-1436
2024-01-169.89.6Oracle JD Edwards EnterpriseOne Tools Interactive Engine SEC 内存损坏$25k-$100k$5k-$25kNot DefinedOfficial Fix0.02CVE-2022-37434
2024-01-169.89.6Oracle JD Edwards EnterpriseOne Tools One-Click Provisioning Remote Code Execution$25k-$100k$5k-$25kNot DefinedOfficial Fix0.02CVE-2023-32002
2023-10-175.35.2Oracle JD Edwards EnterpriseOne Tools Deployment SEC 未知漏洞$5k-$25k$0-$5kNot DefinedOfficial Fix0.02CVE-2020-13956
2023-07-185.45.3Oracle JD Edwards EnterpriseOne Orchestrator E1 IOT Orchestrator Security 未知漏洞$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2023-22050
2023-07-186.15.9Oracle JD Edwards EnterpriseOne Tools Web Runtime SEC 未知漏洞$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2023-22055
2023-07-188.17.9Oracle JD Edwards EnterpriseOne Tools E1 Dev Platform Tech 权限升级$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2022-43548
2023-07-189.39.2Oracle JD Edwards EnterpriseOne Orchestrator E1 IOT Orchestrator Security 权限升级$25k-$100k$5k-$25kNot DefinedOfficial Fix0.00CVE-2022-1471
2023-04-183.33.2Oracle JD Edwards EnterpriseOne Orchestrator E1 IOT Orchestrator Security 信息公开$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2020-8908
2023-04-184.34.2Oracle JD Edwards EnterpriseOne Tools Interoperability SEC 信息公开$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2023-21927
2023-04-185.45.3Oracle JD Edwards EnterpriseOne Tools Web Runtime SEC 未知漏洞$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2023-21936
2023-04-185.55.4Oracle JD Edwards EnterpriseOne Tools Deployment SEC 拒绝服务$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2021-36373
2023-04-185.15.1Oracle JD Edwards EnterpriseOne Tools Business Logic Infra SEC 信息公开$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2020-15250
2023-04-186.56.3Oracle JD Edwards EnterpriseOne Tools Interoperability SEC 拒绝服务$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2021-41973
2023-04-186.56.3Oracle JD Edwards EnterpriseOne Tools Interoperability SEC 拒绝服务$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2021-30129
2023-04-187.57.3Oracle JD Edwards EnterpriseOne Tools Web Runtime SEC 拒绝服务$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2022-42003
2023-04-187.57.2Oracle JD Edwards EnterpriseOne Orchestrator E1 IOT Orchestrator Security 拒绝服务$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2022-25857
2023-04-188.17.9Oracle JD Edwards EnterpriseOne Tools Enterprise Infrastructure 内存损坏$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2018-1311
2023-04-188.28.0Oracle JD Edwards EnterpriseOne Tools E1 Dev Platform Tech - Cloud Manager 未知漏洞$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2022-21824

157 更多条目未显示

更多条目由 Oracle

Do you know our Splunk app?

Download it now for free!