VDB
GCVE-110-NCSC-2024-302
GCVE-110-NCSC-2024-302
Advisory PublishedCVSS 7.8/10
Er zijn kwetsbaarheden verholpen in Oracle JD Edwards.
Weaknesses (CWE)
CWE-404Improper Resource Shutdown or ReleaseCWE-328Use of Weak HashCWE-200Exposure of Sensitive Information to an Unauthorized ActorCWE-24Path Traversal: '../filedir'CWE-354Improper Validation of Integrity Check Value
Risk Scores
CVSS 3.1
7.8/10
High · CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| oracle | jd_edwards_world_security | — | — |
| oracle_corporation | jd_edwards_enterpriseone_orchestrator | — | — |
| oracle | jd_edwards_enterpriseone_tools | — | — |
| oracle | jd_edwards_enterpriseone_orchestrator | — | — |
| oracle_corporation | jd_edwards_enterpriseone_tools | — | — |
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.