The Onapsis Research Lab delivers regular SAP and Oracle vulnerability research to our eco-system of customers, partners and the information security industry

Onapsis security advisories enable customers to better understand the security and business implications of discovered SAP and Oracle security issues. This enables organizations to prioritize patches, updates and their remediation strategies to ensure continuity of the business. Onapsis security advisories, together with vendor patches and security notes, are available for download to provide vendors and end-users with the necessary information to mitigate advanced threats to mission-critical applications running on SAP and Oracle.

Oracle
Medium
07/28/2016

By exploiting this vulnerability, an unauthenticated attacker could shut down the Server Manager.

Oracle
Medium
07/28/2016

By exploiting this vulnerability, a remote attacker could steal sensitive business information by targeting other users connected to the system.

Oracle
Critical
07/28/2016

By exploiting this vulnerability, an unauthenticated attacker could achieve administrative rights and would be able to potentially compromise all information stored and processed on the JDE System.

Oracle
Critical
07/28/2016

By exploiting this vulnerability, an unauthenticated attacker could retrieve the administration user and passwords from the Server Manager. This could lead to a potential compromise of the entire JDE landscape hence all of its information and processes.

Oracle
Medium
07/28/2016

By exploiting this vulnerability, a remote attacker could steal sensitive business information by targeting other users connected to the system.

07/28/2016

By exploiting this vulnerability, an unauthenticated attacker could remotely shutdown the entire JD Edwards infrastructure.

Oracle
Medium
07/28/2016

By exploiting this vulnerability, a remote attacker could steal sensitive business information by targeting other users connected to the system.

SAP
Critical
07/20/2016

By exploiting this vulnerability, an unauthenticated attacker could access and modify any information indexed by the SAP system.

SAP
High
07/20/2016

By exploiting this vulnerability an unauthenticated attacker could modify any information indexed by the SAP system.

SAP
Medium
07/20/2016

By exploiting this vulnerability, a remote unauthenticated attacker could obtain valid usernames that could be used to support more complex attacks.

Pages