Vulnerability CVE-2015-4919

Vulnerability CVE-2015-4919

Published: 2016-01-20 Modified: 2016-01-21

Description:

Unspecified vulnerability in the JD Edwards EnterpriseOne Tools component in Oracle JD Edwards Products 9.1 and 9.2 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Monitoring and Diagnostics SEC.

CVSS2 => (AV:N/AC:M/Au:N/C:P/I:P/A:P)

CVSS Base Score	Impact Subscore	Exploitability Subscore
6.8/10	6.4/10	8.6/10

Exploit range	Attack complexity	Authentication
Remote	Medium	No required
Confidentiality impact	Integrity impact	Availability impact
Partial	Partial	Partial

Affected software
Oracle -> Jd edwards products

References:

http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html

http://www.securitytracker.com/id/1034722

Copyright 2024, cxsecurity.com