CVE-2018-2944

Name of the Vulnerable Software and Affected Versions JD Edwards EnterpriseOne Tools version 9.2

Description The issue is related to inadequate access control in the Monitoring and Diagnostics component of JD Edwards EnterpriseOne Tools, allowing an unauthenticated attacker with network access via HTTP to compromise the system. Successful attacks can result in unauthorized access to critical data or complete access to all accessible data in JD Edwards EnterpriseOne Tools.

Recommendations For version 9.2, apply the necessary security patches or updates to fix the access control issue in the Monitoring and Diagnostics component. As a temporary workaround, consider restricting access to the Monitoring and Diagnostics component until a patch is available.