Vulnerabilities > CVE-2016-0423 - Remote Security vulnerability in Oracle JD Edwards products 9.1/9.2
Attack vector
NETWORK Attack complexity
HIGH Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
PARTIAL Summary
Unspecified vulnerability in the JD Edwards EnterpriseOne Tools component in Oracle JD Edwards Products 9.1 and 9.2 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Enterprise Infrastructure SEC.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
References
- http://packetstormsecurity.com/files/138512/JD-Edwards-9.1-EnterpriseOne-Server-JDENET-Denial-Of-Service.html
- http://seclists.org/fulldisclosure/2016/Aug/128
- http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
- http://www.securitytracker.com/id/1034722
- https://www.onapsis.com/research/security-advisories/jd-edwards-jdenet-end-file-dos