Security Vulnerability in JD Edwards EnterpriseOne Technology by Oracle
CVE-2015-0475

Currently unrated

Key Information:

Vendor: Oracle
Status: Jd Edwards Products
Vendor: CVE Published:; 16 April 2015

Summary

An unspecified security vulnerability exists within the JD Edwards EnterpriseOne Technology component of Oracle JD Edwards Products 9.1. This flaw potentially allows remote authenticated users to compromise the confidentiality of the system through unknown methods associated with Web Runtime Security, thereby putting sensitive data at risk. Organizations utilizing the affected versions should take immediate action to mitigate any potential exploitation of this vulnerability.

References

http://www.oracle.com/technetwork/topics/security/cpuapr2...

x_refsource_CONFIRM

http://www.securitytracker.com/id/1032126

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
Apr 16, 2015
Vulnerability Reserved
Dec 17, 2014