CVE-2025-21514

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Jan 21, 2025

Summary

CVE-2025-21514 is a vulnerability affecting Oracle JD Edwards EnterpriseOne Tools (Web Runtime SEC) prior to version 9.2.9.0. This easily exploitable issue permits unauthenticated attackers with network access via HTTP to gain unauthorized read access to a subset of the JD Edwards EnterpriseOne Tools data. The impact of this vulnerability is rated as low confidentiality, with a CVSS Base Score of 5.3. Attackers can potentially read sensitive information without requiring authentication credentials. This issue should be addressed promptly to prevent potential data breaches.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

Oracle JD Edwards EnterpriseOne Tools

Affected Vendors

BonqDAO

Advisories, Assessments, and Mitigations

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Measuring the US-China AI Gap

TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered

Uncovering MintsLoader With Recorded Future Malware Intelligence Hunting

Know What Matters

For Customers

For Partners