← Voltar para CVEs
CVE-2019-2565
N/ADescricao
Vulnerability in the JD Edwards World Technical Foundation component of Oracle JD Edwards Products (subcomponent: Service Enablement). Supported versions that are affected are A9.2, A9.3.1 and A9.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards World Technical Foundation. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all JD Edwards World Technical Foundation accessible data. CVSS 3.0 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).
Detalhes CVE
Pontuacao CVSS v3.1N/A
Publicado4/23/2019
Ultima modificacao11/21/2024
Fontenvd
Avistamentos honeypot0
Produtos afetados
oracle:jd_edwards_world_technical_foundation
Referencias
http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html(secalert_us@oracle.com)
http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html(af854a3a-2127-422b-91ae-364da2661108)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.