Unauthorized Access Vulnerability in JD Edwards EnterpriseOne Tools by Oracle
CVE-2026-46912
9.3CRITICAL
What is CVE-2026-46912?
A vulnerability exists in JD Edwards EnterpriseOne Tools that can be easily exploited by unauthenticated attackers through HTTP access. This issue affects versions 9.2.0.0 to 9.2.26.2, allowing potential attackers to gain unauthorized access to sensitive data connected to JD Edwards tools. Successful exploitation may lead to unauthorized updates, insertion, or deletion of data, representing a significant risk to organizations utilizing the platform. Given the interconnected nature of software systems, compromise of JD Edwards may also result in broader impacts on related applications and data security.
Affected Version(s)
JD Edwards EnterpriseOne Tools 9.2.0.0 <= 9.2.26.2