Vulnerabilities > CVE-2016-0420 - Remote Security vulnerability in Oracle JD Edwards products 9.1/9.2
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
COMPLETE Summary
Unspecified vulnerability in the JD Edwards EnterpriseOne Tools component in Oracle JD Edwards Products 9.1 and 9.2 allows remote attackers to affect availability via unknown vectors related to Monitoring and Diagnostics.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
References
- http://packetstormsecurity.com/files/138509/JD-Edwards-9.1-EnterpriseOne-Server-Create-Users.html
- http://seclists.org/fulldisclosure/2016/Aug/126
- http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
- http://www.securitytracker.com/id/1034722
- https://www.onapsis.com/research/security-advisories/jd-edwards-server-manager-create-user