Unspecified vulnerability in the JD Edwards EnterpriseOne Tools component in Oracle JD Edwards Products 9.1 and 9.2 allows remote attackers to affect availability via unknown vectors related to Monitoring and Diagnostics.
https://www.onapsis.com/research/security-advisories/jd-edwards-server-manager-create-user
http://www.securitytracker.com/id/1034722
http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
http://seclists.org/fulldisclosure/2016/Aug/126
http://packetstormsecurity.com/files/138509/JD-Edwards-9.1-EnterpriseOne-Server-Create-Users.html