Vulnerabilities > CVE-2016-0422 - Remote Security vulnerability in Oracle JD Edwards products 9.1/9.2
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
COMPLETE network
oracle
Summary
Unspecified vulnerability in the JD Edwards EnterpriseOne Tools component in Oracle JD Edwards Products 9.1 and 9.2 allows remote attackers to affect availability via vectors related to Enterprise Infrastructure SEC, a different vulnerability than CVE-2016-0424.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
References
- http://packetstormsecurity.com/files/138507/JD-Edwards-9.1-EnterpriseOne-Server-JDENet-Password-Disclosure.html
- http://seclists.org/fulldisclosure/2016/Aug/124
- http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
- http://www.securitytracker.com/id/1034722
- https://www.onapsis.com/research/security-advisories/jd-edwards-jdenet-password-disclosure