VDB

GCVE-110-NCSC-2024-302

GCVE-110-NCSC-2024-302
Advisory PublishedCVSS 7.8/10
Vulnetix · Advisory published July 17, 2024
Er zijn kwetsbaarheden verholpen in Oracle JD Edwards.

Weaknesses (CWE)

CWE-404Improper Resource Shutdown or ReleaseCWE-328Use of Weak HashCWE-200Exposure of Sensitive Information to an Unauthorized ActorCWE-24Path Traversal: '../filedir'CWE-354Improper Validation of Integrity Check Value

Risk Scores

CVSS 3.1
7.8/10
High · CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products

VendorProductVersionsPlatforms
oraclejd_edwards_world_security
oracle_corporationjd_edwards_enterpriseone_orchestrator
oraclejd_edwards_enterpriseone_tools
oraclejd_edwards_enterpriseone_orchestrator
oracle_corporationjd_edwards_enterpriseone_tools

References

advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›