Oracle JD Edwards EnterpriseOne Tools contains a flaw related to the Enterprise Infrastructure SEC (JDENET) sub-component that is triggered during the handling of a specially crafted packet. This may allow a remote authenticated attacker to gain access to arbitrary files.
Remote / Network Access
Loss of Confidentiality
Patch / RCS
Currently, there are no known workarounds or upgrades to correct this issue. However, Oracle has released a patch to address this vulnerability. Check the vendor advisory or solution in the references section.