See Recorded Future’s Threat Intelligence Solutions in Action

See our Threat Intelligence Solutions in Action

Reduce risk and mitigate cyber attacks, no matter your IT & security stack, maturity journey, or industry

Book a free demo

View Solutions to Reduce Risk

See Recorded Future’s Intelligence in Action

Reduce operational risk through timely, precise, and actionable intelligence.

Book a free demo

Intelligence Cloud Overview

View Services & Support Overview

View Research Overview

CVE-2023-22050

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Jul 18, 2023

Updated: Jul 27, 2023

Summary

CVE-2023-22050 is a newly identified vulnerability affecting the JD Edwards EnterpriseOne Orchestrator product of Oracle JD Edwards, specifically versions prior to 9.2.7.4. This vulnerability is considered easily exploitable, allowing a low-privileged attacker with network access to compromise the JD Edwards EnterpriseOne Orchestrator via HTTP. Successful exploitation can lead to unauthorized update, insert, or delete access to some data, as well as unauthorized read access to a subset of data. The CVSS Base Score is 5.4, indicating moderate security impacts on both confidentiality and integrity.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Oracle Jd Edwards Enterpriseone Orchestrator

Affected Vendors

BonqDAO

Advisories, Assessments, and Mitigations

Back to Vulnerability Database