Unauthenticated Network Vulnerability in JD Edwards EnterpriseOne Tools by Oracle
CVE-2026-46904
9.8CRITICAL
What is CVE-2026-46904?
A significant vulnerability has been identified in the JD Edwards EnterpriseOne Tools product from Oracle, particularly affecting versions 9.2.0.0 through 9.2.26.2. This vulnerability allows unauthenticated attackers with network access via JDENET to compromise the system. If successfully exploited, it can lead to a complete takeover of JD Edwards EnterpriseOne Tools, posing severe risks to confidentiality, integrity, and availability. Organizations using the affected versions are urged to take immediate action to mitigate potential threats and safeguard their systems.
Affected Version(s)
JD Edwards EnterpriseOne Tools 9.2.0.0 <= 9.2.26.2