Volerion logoVolerion
Volerion logoVolerion

Oracle JD Edwards EnterpriseOne Tools Design Tools Security Vulnerability Allowing Unauthorized Data Access

Vulnerability

A vulnerability exists in the JD Edwards EnterpriseOne Tools product, specifically within the Design Tools component, for versions prior to 9.2.9.0. This vulnerability allows an unauthenticated attacker with network access via HTTP to compromise the affected tools. Exploitation of this vulnerability requires human interaction from a person other than the attacker. While the issue is contained within JD Edwards EnterpriseOne Tools, successful attacks could significantly impact additional products, leading to a scope change. The vulnerability allows unauthorized update, insert, or delete access to some accessible data within JD Edwards EnterpriseOne Tools, as well as unauthorized read access to a subset of that data.

Impact

Successful exploitation can result in unauthorized modifications or deletions of accessible data within JD Edwards EnterpriseOne Tools, along with unauthorized read access to certain data.

Remediation

Users are advised to update to JD Edwards EnterpriseOne Tools version 9.2.9.2 or later.

Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm
spread
2.6
impact
5.0
exploitability
6.0
remediation
7.7
relevance
0.0
threat
0.0
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.