Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2017-5645 (GCVE-0-2017-5645)
Vulnerability from cvelistv5 – Published: 2017-04-17 21:00 – Updated: 2024-08-05 15:11
VLAI
EPSS
Summary
In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code.
Severity
No CVSS data available.
CWE
- Remote Code Execution.
Assigner
References
82 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache Log4j |
Affected:
All versions between 2.0-alpha1 and 2.8.1
|
Date Public
2017-04-02 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:11:47.391Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2017:2888",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2888"
},
{
"name": "RHSA-2017:2809",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2809"
},
{
"name": "97702",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97702"
},
{
"name": "1041294",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041294"
},
{
"name": "RHSA-2017:2810",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2810"
},
{
"name": "RHSA-2017:1801",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1801"
},
{
"name": "RHSA-2017:2889",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2889"
},
{
"name": "RHSA-2017:2635",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2635"
},
{
"name": "RHSA-2017:2638",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2638"
},
{
"name": "RHSA-2017:1417",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1417"
},
{
"name": "RHSA-2017:2423",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2423"
},
{
"name": "RHSA-2017:2808",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2808"
},
{
"name": "1040200",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040200"
},
{
"name": "RHSA-2017:2636",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2636"
},
{
"name": "RHSA-2017:3399",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3399"
},
{
"name": "RHSA-2017:2637",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2637"
},
{
"name": "RHSA-2017:3244",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3244"
},
{
"name": "RHSA-2017:3400",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3400"
},
{
"name": "RHSA-2017:2633",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2633"
},
{
"name": "RHSA-2017:2811",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2811"
},
{
"name": "RHSA-2017:1802",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1802"
},
{
"name": "RHSA-2019:1545",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1545"
},
{
"name": "[druid-commits] 20191115 [GitHub] [incubator-druid] ccaominh opened a new pull request #8878: Address security vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe%40%3Ccommits.druid.apache.org%3E"
},
{
"name": "[logging-dev] 20191215 Re: Is there any chance that there will be a security fix for log4j-v1.2.17?",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/e8fb7d76a244ee997ba4b217d6171227f7c2521af8c7c5b16cba27bc%40%3Cdev.logging.apache.org%3E"
},
{
"name": "[logging-dev] 20191218 [CVE-2019-17571] Apache Log4j 1.2 deserialization of untrusted data in SocketServer",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/eea03d504b36e8f870e8321d908e1def1addda16adda04327fe7c125%40%3Cdev.logging.apache.org%3E"
},
{
"name": "[oss-security] 20191218 [CVE-2019-17571] Apache Log4j 1.2 deserialization of untrusted data in SocketServer",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/12/19/2"
},
{
"name": "[announce] 20191218 [CVE-2019-17571] Apache Log4j 1.2 deserialization of untrusted data in SocketServer",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/84cc4266238e057b95eb95dfd8b29d46a2592e7672c12c92f68b2917%40%3Cannounce.apache.org%3E"
},
{
"name": "[logging-dev] 20191219 Re: [CVE-2019-17571] Apache Log4j 1.2 deserialization of untrusted data in SocketServer",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/0dcca05274d20ef2d72584edcf8c917bbb13dbbd7eb35cae909d02e9%40%3Cdev.logging.apache.org%3E"
},
{
"name": "[activemq-issues] 20191226 [jira] [Created] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/8ab32b4c9f1826f20add7c40be08909de9f58a89dc1de9c09953f5ac%40%3Cissues.activemq.apache.org%3E"
},
{
"name": "[tika-dev] 20191226 [jira] [Created] (TIKA-3018) log4j 1.2 version used by Apache Tika 1.23 is vulnerable to CVE-2019-17571",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/44491fb9cc19acc901f7cff34acb7376619f15638439416e3e14761c%40%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20191226 [jira] [Commented] (TIKA-3018) log4j 1.2 version used by Apache Tika 1.23 is vulnerable to CVE-2019-17571",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/277b4b5c2b0e06a825ccec565fa65bd671f35a4d58e3e2ec5d0618e1%40%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20191230 [jira] [Created] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/479471e6debd608c837b9815b76eab24676657d4444fcfd5ef96d6e6%40%3Cdev.tika.apache.org%3E"
},
{
"name": "[activemq-issues] 20191230 [jira] [Created] (AMQ-7372) [9.8] [CVE-2019-17571] [activemq-all] [5.15.10]",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/6114ce566200d76e3cc45c521a62c2c5a4eac15738248f58a99f622c%40%3Cissues.activemq.apache.org%3E"
},
{
"name": "[tika-dev] 20200106 [jira] [Commented] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rf2567488cfc9212b42e34c6393cfa1c14e30e4838b98dda84d71041f%40%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20200107 [jira] [Commented] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r3a85514a518f3080ab1fc2652cfe122c2ccf67cfb32356acb1b08fe8%40%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20200108 [jira] [Commented] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rc1eaed7f7d774d5d02f66e49baced31e04827a1293d61a70bd003ca7%40%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20200110 [jira] [Commented] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r681b4432d0605f327b68b9f8a42662993e699d04614de4851c35ffd1%40%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20200111 Re: [jira] [Commented] (TIKA-3018) log4j 1.2 version used by Apache Tika 1.23 is vulnerable to CVE-2019-17571",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/ra38785cfc0e7f17f8e24bebf775dd032c033fadcaea29e5bc9fffc60%40%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20200111 [jira] [Closed] (TIKA-3018) log4j 1.2 version used by Apache Tika 1.23 is vulnerable to CVE-2019-17571",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r746fbc3fc13aee292ae6851f7a5080f592fa3a67b983c6887cdb1fc5%40%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20200111 [jira] [Resolved] (TIKA-3018) log4j 1.2 version used by Apache Tika 1.23 is vulnerable to CVE-2019-17571",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rdec0d8ac1f03e6905b0de2df1d5fcdb98b94556e4f6cccf7519fdb26%40%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20200114 [jira] [Commented] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rca24a281000fb681d7e26e5c031a21eb4b0593a7735f781b53dae4e2%40%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20200115 [jira] [Commented] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r4b25538be50126194cc646836c718b1a4d8f71bd9c912af5b59134ad%40%3Cdev.tika.apache.org%3E"
},
{
"name": "[activemq-issues] 20200122 [jira] [Updated] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rd5dbeee4808c0f2b9b51479b50de3cc6adb1072c332a200d9107f13e%40%3Cissues.activemq.apache.org%3E"
},
{
"name": "[activemq-issues] 20200122 [jira] [Assigned] (AMQ-7372) [9.8] [CVE-2019-17571] [activemq-all] [5.15.10]",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r7bcdc710857725c311b856c0b82cee6207178af5dcde1bd43d289826%40%3Cissues.activemq.apache.org%3E"
},
{
"name": "[activemq-issues] 20200122 [jira] [Updated] (AMQ-7372) [9.8] [CVE-2019-17571] [activemq-all] [5.15.10]",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/raedd12dc24412b3780432bf202a2618a21a727788543e5337a458ead%40%3Cissues.activemq.apache.org%3E"
},
{
"name": "[activemq-issues] 20200122 [jira] [Assigned] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r2ff63f210842a3c5e42f03a35d8f3a345134d073c80a04077341c211%40%3Cissues.activemq.apache.org%3E"
},
{
"name": "[activemq-issues] 20200122 [jira] [Resolved] (AMQ-7372) [9.8] [CVE-2019-17571] [activemq-all] [5.15.10]",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r3d666e4e8905157f3c046d31398b04f2bfd4519e31f266de108c6919%40%3Cissues.activemq.apache.org%3E"
},
{
"name": "[activemq-issues] 20200127 [jira] [Commented] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r61590890edcc64140e0c606954b29a063c3d08a2b41d447256d51a78%40%3Cissues.activemq.apache.org%3E"
},
{
"name": "[activemq-issues] 20200208 [jira] [Commented] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r2ce8d26154bea939536e6cf27ed02d3192bf5c5d04df885a80fe89b3%40%3Cissues.activemq.apache.org%3E"
},
{
"name": "[activemq-issues] 20200228 [jira] [Commented] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/re8c21ed9dd218c217d242ffa90778428e446b082b5e1c29f567e8374%40%3Cissues.activemq.apache.org%3E"
},
{
"name": "[activemq-issues] 20200228 [jira] [Resolved] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rb1b29aee737e1c37fe1d48528cb0febac4f5deed51f5412e6fdfe2bf%40%3Cissues.activemq.apache.org%3E"
},
{
"name": "[activemq-issues] 20200228 [jira] [Updated] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r18f1c010b554a3a2d761e8ffffd8674fd4747bcbcf16c643d708318c%40%3Cissues.activemq.apache.org%3E"
},
{
"name": "[logging-commits] 20200425 svn commit: r1059809 - /websites/production/logging/content/log4j/2.13.2/security.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/ra9a682bc0a8dff1c5cefdef31c7c25f096d9121207cf2d74e2fc563d%40%3Ccommits.logging.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujan2020.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20181107-0002/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20180726-0002/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.apache.org/jira/browse/LOG4J2-1863"
},
{
"name": "[bookkeeper-issues] 20200729 [GitHub] [bookkeeper] padma81 opened a new issue #2387: Security vulnerabilities in the apache/bookkeeper-4.9.2 image",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E"
},
{
"name": "[activemq-issues] 20200730 [jira] [Commented] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r3784834e80df2f284577a5596340fb84346c91a2dea6a073e65e3397%40%3Cissues.activemq.apache.org%3E"
},
{
"name": "[geode-issues] 20200831 [jira] [Created] (GEODE-8471) Dependency security issues in geode-core-1.12",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujan2021.html"
},
{
"name": "[doris-commits] 20210402 [GitHub] [incubator-doris] zh0122 opened a new pull request #5594: [FE][Bug]Update log4j-web to fix a security issue",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rcbb79023a7c8494cb389cd3d95420fa9e0d531ece0b780b8c1f99422%40%3Ccommits.doris.apache.org%3E"
},
{
"name": "[beam-issues] 20210528 [jira] [Created] (BEAM-12422) Vendored gRPC 1.36.0 is using a log4j version with security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r0831e2e52a390758ce39a6193f82c11c295175adce6e6307de28c287%40%3Cissues.beam.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
},
{
"name": "[beam-github] 20210701 [GitHub] [beam] lukecwik commented on pull request #15113: [BEAM-12422] Upgrade log4j version not affected by CVE-2017-5645",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rbfa7a0742be4981a3f9356a23d0e1a5f2e1eabde32a1a3d8e41420f8%40%3Cgithub.beam.apache.org%3E"
},
{
"name": "[beam-github] 20210701 [GitHub] [beam] lukecwik opened a new pull request #15113: [BEAM-12422] Upgrade log4j version not affected by CVE-2017-5645",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r23369fd603eb6d62d3b883a0a28d12052dcbd1d6d531137124cd7f83%40%3Cgithub.beam.apache.org%3E"
},
{
"name": "[beam-github] 20210701 [GitHub] [beam] codecov[bot] commented on pull request #15113: [BEAM-12422] Upgrade log4j version not affected by CVE-2017-5645",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r9d5c1b558a15d374bd5abd2d3ae3ca7e50e796a0efdcf91e9c5b4cdd%40%3Cgithub.beam.apache.org%3E"
},
{
"name": "[beam-github] 20210701 [GitHub] [beam] codecov[bot] edited a comment on pull request #15113: [BEAM-12422] Upgrade log4j version not affected by CVE-2017-5645",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r94b5aae09c4bcff5d06cf641be17b00bd83ba7e10cad737bf16a1b8f%40%3Cgithub.beam.apache.org%3E"
},
{
"name": "[beam-github] 20210701 [GitHub] [beam] suztomo commented on pull request #15113: [BEAM-12422] Upgrade log4j version not affected by CVE-2017-5645",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rdbd579dc223f06af826d7de340218ee2f80d8b43fa7e4decb2a63f44%40%3Cgithub.beam.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache Log4j",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "All versions between 2.0-alpha1 and 2.8.1"
}
]
}
],
"datePublic": "2017-04-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-07T14:40:00.000Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"name": "RHSA-2017:2888",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2888"
},
{
"name": "RHSA-2017:2809",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2809"
},
{
"name": "97702",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97702"
},
{
"name": "1041294",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041294"
},
{
"name": "RHSA-2017:2810",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2810"
},
{
"name": "RHSA-2017:1801",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1801"
},
{
"name": "RHSA-2017:2889",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2889"
},
{
"name": "RHSA-2017:2635",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2635"
},
{
"name": "RHSA-2017:2638",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2638"
},
{
"name": "RHSA-2017:1417",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1417"
},
{
"name": "RHSA-2017:2423",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2423"
},
{
"name": "RHSA-2017:2808",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2808"
},
{
"name": "1040200",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040200"
},
{
"name": "RHSA-2017:2636",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2636"
},
{
"name": "RHSA-2017:3399",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3399"
},
{
"name": "RHSA-2017:2637",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2637"
},
{
"name": "RHSA-2017:3244",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3244"
},
{
"name": "RHSA-2017:3400",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3400"
},
{
"name": "RHSA-2017:2633",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2633"
},
{
"name": "RHSA-2017:2811",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2811"
},
{
"name": "RHSA-2017:1802",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1802"
},
{
"name": "RHSA-2019:1545",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1545"
},
{
"name": "[druid-commits] 20191115 [GitHub] [incubator-druid] ccaominh opened a new pull request #8878: Address security vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe%40%3Ccommits.druid.apache.org%3E"
},
{
"name": "[logging-dev] 20191215 Re: Is there any chance that there will be a security fix for log4j-v1.2.17?",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/e8fb7d76a244ee997ba4b217d6171227f7c2521af8c7c5b16cba27bc%40%3Cdev.logging.apache.org%3E"
},
{
"name": "[logging-dev] 20191218 [CVE-2019-17571] Apache Log4j 1.2 deserialization of untrusted data in SocketServer",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/eea03d504b36e8f870e8321d908e1def1addda16adda04327fe7c125%40%3Cdev.logging.apache.org%3E"
},
{
"name": "[oss-security] 20191218 [CVE-2019-17571] Apache Log4j 1.2 deserialization of untrusted data in SocketServer",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2019/12/19/2"
},
{
"name": "[announce] 20191218 [CVE-2019-17571] Apache Log4j 1.2 deserialization of untrusted data in SocketServer",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/84cc4266238e057b95eb95dfd8b29d46a2592e7672c12c92f68b2917%40%3Cannounce.apache.org%3E"
},
{
"name": "[logging-dev] 20191219 Re: [CVE-2019-17571] Apache Log4j 1.2 deserialization of untrusted data in SocketServer",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/0dcca05274d20ef2d72584edcf8c917bbb13dbbd7eb35cae909d02e9%40%3Cdev.logging.apache.org%3E"
},
{
"name": "[activemq-issues] 20191226 [jira] [Created] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/8ab32b4c9f1826f20add7c40be08909de9f58a89dc1de9c09953f5ac%40%3Cissues.activemq.apache.org%3E"
},
{
"name": "[tika-dev] 20191226 [jira] [Created] (TIKA-3018) log4j 1.2 version used by Apache Tika 1.23 is vulnerable to CVE-2019-17571",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/44491fb9cc19acc901f7cff34acb7376619f15638439416e3e14761c%40%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20191226 [jira] [Commented] (TIKA-3018) log4j 1.2 version used by Apache Tika 1.23 is vulnerable to CVE-2019-17571",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/277b4b5c2b0e06a825ccec565fa65bd671f35a4d58e3e2ec5d0618e1%40%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20191230 [jira] [Created] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/479471e6debd608c837b9815b76eab24676657d4444fcfd5ef96d6e6%40%3Cdev.tika.apache.org%3E"
},
{
"name": "[activemq-issues] 20191230 [jira] [Created] (AMQ-7372) [9.8] [CVE-2019-17571] [activemq-all] [5.15.10]",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/6114ce566200d76e3cc45c521a62c2c5a4eac15738248f58a99f622c%40%3Cissues.activemq.apache.org%3E"
},
{
"name": "[tika-dev] 20200106 [jira] [Commented] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rf2567488cfc9212b42e34c6393cfa1c14e30e4838b98dda84d71041f%40%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20200107 [jira] [Commented] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r3a85514a518f3080ab1fc2652cfe122c2ccf67cfb32356acb1b08fe8%40%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20200108 [jira] [Commented] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rc1eaed7f7d774d5d02f66e49baced31e04827a1293d61a70bd003ca7%40%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20200110 [jira] [Commented] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r681b4432d0605f327b68b9f8a42662993e699d04614de4851c35ffd1%40%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20200111 Re: [jira] [Commented] (TIKA-3018) log4j 1.2 version used by Apache Tika 1.23 is vulnerable to CVE-2019-17571",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/ra38785cfc0e7f17f8e24bebf775dd032c033fadcaea29e5bc9fffc60%40%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20200111 [jira] [Closed] (TIKA-3018) log4j 1.2 version used by Apache Tika 1.23 is vulnerable to CVE-2019-17571",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r746fbc3fc13aee292ae6851f7a5080f592fa3a67b983c6887cdb1fc5%40%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20200111 [jira] [Resolved] (TIKA-3018) log4j 1.2 version used by Apache Tika 1.23 is vulnerable to CVE-2019-17571",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rdec0d8ac1f03e6905b0de2df1d5fcdb98b94556e4f6cccf7519fdb26%40%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20200114 [jira] [Commented] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rca24a281000fb681d7e26e5c031a21eb4b0593a7735f781b53dae4e2%40%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20200115 [jira] [Commented] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r4b25538be50126194cc646836c718b1a4d8f71bd9c912af5b59134ad%40%3Cdev.tika.apache.org%3E"
},
{
"name": "[activemq-issues] 20200122 [jira] [Updated] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rd5dbeee4808c0f2b9b51479b50de3cc6adb1072c332a200d9107f13e%40%3Cissues.activemq.apache.org%3E"
},
{
"name": "[activemq-issues] 20200122 [jira] [Assigned] (AMQ-7372) [9.8] [CVE-2019-17571] [activemq-all] [5.15.10]",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r7bcdc710857725c311b856c0b82cee6207178af5dcde1bd43d289826%40%3Cissues.activemq.apache.org%3E"
},
{
"name": "[activemq-issues] 20200122 [jira] [Updated] (AMQ-7372) [9.8] [CVE-2019-17571] [activemq-all] [5.15.10]",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/raedd12dc24412b3780432bf202a2618a21a727788543e5337a458ead%40%3Cissues.activemq.apache.org%3E"
},
{
"name": "[activemq-issues] 20200122 [jira] [Assigned] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r2ff63f210842a3c5e42f03a35d8f3a345134d073c80a04077341c211%40%3Cissues.activemq.apache.org%3E"
},
{
"name": "[activemq-issues] 20200122 [jira] [Resolved] (AMQ-7372) [9.8] [CVE-2019-17571] [activemq-all] [5.15.10]",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r3d666e4e8905157f3c046d31398b04f2bfd4519e31f266de108c6919%40%3Cissues.activemq.apache.org%3E"
},
{
"name": "[activemq-issues] 20200127 [jira] [Commented] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r61590890edcc64140e0c606954b29a063c3d08a2b41d447256d51a78%40%3Cissues.activemq.apache.org%3E"
},
{
"name": "[activemq-issues] 20200208 [jira] [Commented] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r2ce8d26154bea939536e6cf27ed02d3192bf5c5d04df885a80fe89b3%40%3Cissues.activemq.apache.org%3E"
},
{
"name": "[activemq-issues] 20200228 [jira] [Commented] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/re8c21ed9dd218c217d242ffa90778428e446b082b5e1c29f567e8374%40%3Cissues.activemq.apache.org%3E"
},
{
"name": "[activemq-issues] 20200228 [jira] [Resolved] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rb1b29aee737e1c37fe1d48528cb0febac4f5deed51f5412e6fdfe2bf%40%3Cissues.activemq.apache.org%3E"
},
{
"name": "[activemq-issues] 20200228 [jira] [Updated] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r18f1c010b554a3a2d761e8ffffd8674fd4747bcbcf16c643d708318c%40%3Cissues.activemq.apache.org%3E"
},
{
"name": "[logging-commits] 20200425 svn commit: r1059809 - /websites/production/logging/content/log4j/2.13.2/security.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/ra9a682bc0a8dff1c5cefdef31c7c25f096d9121207cf2d74e2fc563d%40%3Ccommits.logging.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpujan2020.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20181107-0002/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20180726-0002/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.apache.org/jira/browse/LOG4J2-1863"
},
{
"name": "[bookkeeper-issues] 20200729 [GitHub] [bookkeeper] padma81 opened a new issue #2387: Security vulnerabilities in the apache/bookkeeper-4.9.2 image",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E"
},
{
"name": "[activemq-issues] 20200730 [jira] [Commented] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r3784834e80df2f284577a5596340fb84346c91a2dea6a073e65e3397%40%3Cissues.activemq.apache.org%3E"
},
{
"name": "[geode-issues] 20200831 [jira] [Created] (GEODE-8471) Dependency security issues in geode-core-1.12",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpujan2021.html"
},
{
"name": "[doris-commits] 20210402 [GitHub] [incubator-doris] zh0122 opened a new pull request #5594: [FE][Bug]Update log4j-web to fix a security issue",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rcbb79023a7c8494cb389cd3d95420fa9e0d531ece0b780b8c1f99422%40%3Ccommits.doris.apache.org%3E"
},
{
"name": "[beam-issues] 20210528 [jira] [Created] (BEAM-12422) Vendored gRPC 1.36.0 is using a log4j version with security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r0831e2e52a390758ce39a6193f82c11c295175adce6e6307de28c287%40%3Cissues.beam.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
},
{
"name": "[beam-github] 20210701 [GitHub] [beam] lukecwik commented on pull request #15113: [BEAM-12422] Upgrade log4j version not affected by CVE-2017-5645",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rbfa7a0742be4981a3f9356a23d0e1a5f2e1eabde32a1a3d8e41420f8%40%3Cgithub.beam.apache.org%3E"
},
{
"name": "[beam-github] 20210701 [GitHub] [beam] lukecwik opened a new pull request #15113: [BEAM-12422] Upgrade log4j version not affected by CVE-2017-5645",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r23369fd603eb6d62d3b883a0a28d12052dcbd1d6d531137124cd7f83%40%3Cgithub.beam.apache.org%3E"
},
{
"name": "[beam-github] 20210701 [GitHub] [beam] codecov[bot] commented on pull request #15113: [BEAM-12422] Upgrade log4j version not affected by CVE-2017-5645",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r9d5c1b558a15d374bd5abd2d3ae3ca7e50e796a0efdcf91e9c5b4cdd%40%3Cgithub.beam.apache.org%3E"
},
{
"name": "[beam-github] 20210701 [GitHub] [beam] codecov[bot] edited a comment on pull request #15113: [BEAM-12422] Upgrade log4j version not affected by CVE-2017-5645",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r94b5aae09c4bcff5d06cf641be17b00bd83ba7e10cad737bf16a1b8f%40%3Cgithub.beam.apache.org%3E"
},
{
"name": "[beam-github] 20210701 [GitHub] [beam] suztomo commented on pull request #15113: [BEAM-12422] Upgrade log4j version not affected by CVE-2017-5645",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rdbd579dc223f06af826d7de340218ee2f80d8b43fa7e4decb2a63f44%40%3Cgithub.beam.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2017-5645",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache Log4j",
"version": {
"version_data": [
{
"version_value": "All versions between 2.0-alpha1 and 2.8.1"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2017:2888",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2888"
},
{
"name": "RHSA-2017:2809",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2809"
},
{
"name": "97702",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97702"
},
{
"name": "1041294",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041294"
},
{
"name": "RHSA-2017:2810",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2810"
},
{
"name": "RHSA-2017:1801",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1801"
},
{
"name": "RHSA-2017:2889",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2889"
},
{
"name": "RHSA-2017:2635",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2635"
},
{
"name": "RHSA-2017:2638",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2638"
},
{
"name": "RHSA-2017:1417",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1417"
},
{
"name": "RHSA-2017:2423",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2423"
},
{
"name": "RHSA-2017:2808",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2808"
},
{
"name": "1040200",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040200"
},
{
"name": "RHSA-2017:2636",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2636"
},
{
"name": "RHSA-2017:3399",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3399"
},
{
"name": "RHSA-2017:2637",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2637"
},
{
"name": "RHSA-2017:3244",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3244"
},
{
"name": "RHSA-2017:3400",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3400"
},
{
"name": "RHSA-2017:2633",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2633"
},
{
"name": "RHSA-2017:2811",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2811"
},
{
"name": "RHSA-2017:1802",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1802"
},
{
"name": "RHSA-2019:1545",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:1545"
},
{
"name": "[druid-commits] 20191115 [GitHub] [incubator-druid] ccaominh opened a new pull request #8878: Address security vulnerabilities",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe@%3Ccommits.druid.apache.org%3E"
},
{
"name": "[logging-dev] 20191215 Re: Is there any chance that there will be a security fix for log4j-v1.2.17?",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/e8fb7d76a244ee997ba4b217d6171227f7c2521af8c7c5b16cba27bc@%3Cdev.logging.apache.org%3E"
},
{
"name": "[logging-dev] 20191218 [CVE-2019-17571] Apache Log4j 1.2 deserialization of untrusted data in SocketServer",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/eea03d504b36e8f870e8321d908e1def1addda16adda04327fe7c125@%3Cdev.logging.apache.org%3E"
},
{
"name": "[oss-security] 20191218 [CVE-2019-17571] Apache Log4j 1.2 deserialization of untrusted data in SocketServer",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/12/19/2"
},
{
"name": "[announce] 20191218 [CVE-2019-17571] Apache Log4j 1.2 deserialization of untrusted data in SocketServer",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/84cc4266238e057b95eb95dfd8b29d46a2592e7672c12c92f68b2917@%3Cannounce.apache.org%3E"
},
{
"name": "[logging-dev] 20191219 Re: [CVE-2019-17571] Apache Log4j 1.2 deserialization of untrusted data in SocketServer",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/0dcca05274d20ef2d72584edcf8c917bbb13dbbd7eb35cae909d02e9@%3Cdev.logging.apache.org%3E"
},
{
"name": "[activemq-issues] 20191226 [jira] [Created] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/8ab32b4c9f1826f20add7c40be08909de9f58a89dc1de9c09953f5ac@%3Cissues.activemq.apache.org%3E"
},
{
"name": "[tika-dev] 20191226 [jira] [Created] (TIKA-3018) log4j 1.2 version used by Apache Tika 1.23 is vulnerable to CVE-2019-17571",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/44491fb9cc19acc901f7cff34acb7376619f15638439416e3e14761c@%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20191226 [jira] [Commented] (TIKA-3018) log4j 1.2 version used by Apache Tika 1.23 is vulnerable to CVE-2019-17571",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/277b4b5c2b0e06a825ccec565fa65bd671f35a4d58e3e2ec5d0618e1@%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20191230 [jira] [Created] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/479471e6debd608c837b9815b76eab24676657d4444fcfd5ef96d6e6@%3Cdev.tika.apache.org%3E"
},
{
"name": "[activemq-issues] 20191230 [jira] [Created] (AMQ-7372) [9.8] [CVE-2019-17571] [activemq-all] [5.15.10]",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/6114ce566200d76e3cc45c521a62c2c5a4eac15738248f58a99f622c@%3Cissues.activemq.apache.org%3E"
},
{
"name": "[tika-dev] 20200106 [jira] [Commented] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rf2567488cfc9212b42e34c6393cfa1c14e30e4838b98dda84d71041f@%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20200107 [jira] [Commented] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r3a85514a518f3080ab1fc2652cfe122c2ccf67cfb32356acb1b08fe8@%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20200108 [jira] [Commented] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rc1eaed7f7d774d5d02f66e49baced31e04827a1293d61a70bd003ca7@%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20200110 [jira] [Commented] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r681b4432d0605f327b68b9f8a42662993e699d04614de4851c35ffd1@%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20200111 Re: [jira] [Commented] (TIKA-3018) log4j 1.2 version used by Apache Tika 1.23 is vulnerable to CVE-2019-17571",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/ra38785cfc0e7f17f8e24bebf775dd032c033fadcaea29e5bc9fffc60@%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20200111 [jira] [Closed] (TIKA-3018) log4j 1.2 version used by Apache Tika 1.23 is vulnerable to CVE-2019-17571",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r746fbc3fc13aee292ae6851f7a5080f592fa3a67b983c6887cdb1fc5@%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20200111 [jira] [Resolved] (TIKA-3018) log4j 1.2 version used by Apache Tika 1.23 is vulnerable to CVE-2019-17571",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rdec0d8ac1f03e6905b0de2df1d5fcdb98b94556e4f6cccf7519fdb26@%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20200114 [jira] [Commented] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rca24a281000fb681d7e26e5c031a21eb4b0593a7735f781b53dae4e2@%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20200115 [jira] [Commented] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r4b25538be50126194cc646836c718b1a4d8f71bd9c912af5b59134ad@%3Cdev.tika.apache.org%3E"
},
{
"name": "[activemq-issues] 20200122 [jira] [Updated] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rd5dbeee4808c0f2b9b51479b50de3cc6adb1072c332a200d9107f13e@%3Cissues.activemq.apache.org%3E"
},
{
"name": "[activemq-issues] 20200122 [jira] [Assigned] (AMQ-7372) [9.8] [CVE-2019-17571] [activemq-all] [5.15.10]",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r7bcdc710857725c311b856c0b82cee6207178af5dcde1bd43d289826@%3Cissues.activemq.apache.org%3E"
},
{
"name": "[activemq-issues] 20200122 [jira] [Updated] (AMQ-7372) [9.8] [CVE-2019-17571] [activemq-all] [5.15.10]",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/raedd12dc24412b3780432bf202a2618a21a727788543e5337a458ead@%3Cissues.activemq.apache.org%3E"
},
{
"name": "[activemq-issues] 20200122 [jira] [Assigned] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r2ff63f210842a3c5e42f03a35d8f3a345134d073c80a04077341c211@%3Cissues.activemq.apache.org%3E"
},
{
"name": "[activemq-issues] 20200122 [jira] [Resolved] (AMQ-7372) [9.8] [CVE-2019-17571] [activemq-all] [5.15.10]",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r3d666e4e8905157f3c046d31398b04f2bfd4519e31f266de108c6919@%3Cissues.activemq.apache.org%3E"
},
{
"name": "[activemq-issues] 20200127 [jira] [Commented] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r61590890edcc64140e0c606954b29a063c3d08a2b41d447256d51a78@%3Cissues.activemq.apache.org%3E"
},
{
"name": "[activemq-issues] 20200208 [jira] [Commented] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r2ce8d26154bea939536e6cf27ed02d3192bf5c5d04df885a80fe89b3@%3Cissues.activemq.apache.org%3E"
},
{
"name": "[activemq-issues] 20200228 [jira] [Commented] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/re8c21ed9dd218c217d242ffa90778428e446b082b5e1c29f567e8374@%3Cissues.activemq.apache.org%3E"
},
{
"name": "[activemq-issues] 20200228 [jira] [Resolved] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rb1b29aee737e1c37fe1d48528cb0febac4f5deed51f5412e6fdfe2bf@%3Cissues.activemq.apache.org%3E"
},
{
"name": "[activemq-issues] 20200228 [jira] [Updated] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r18f1c010b554a3a2d761e8ffffd8674fd4747bcbcf16c643d708318c@%3Cissues.activemq.apache.org%3E"
},
{
"name": "[logging-commits] 20200425 svn commit: r1059809 - /websites/production/logging/content/log4j/2.13.2/security.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/ra9a682bc0a8dff1c5cefdef31c7c25f096d9121207cf2d74e2fc563d@%3Ccommits.logging.apache.org%3E"
},
{
"name": "https://www.oracle.com/security-alerts/cpuapr2020.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"name": "https://www.oracle.com/security-alerts/cpujul2020.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"name": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
"refsource": "CONFIRM",
"url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
},
{
"name": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
"refsource": "MISC",
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"name": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
"refsource": "MISC",
"url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
},
{
"name": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html",
"refsource": "MISC",
"url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
},
{
"name": "https://www.oracle.com/security-alerts/cpujan2020.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujan2020.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20181107-0002/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20181107-0002/"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180726-0002/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180726-0002/"
},
{
"name": "https://issues.apache.org/jira/browse/LOG4J2-1863",
"refsource": "CONFIRM",
"url": "https://issues.apache.org/jira/browse/LOG4J2-1863"
},
{
"name": "[bookkeeper-issues] 20200729 [GitHub] [bookkeeper] padma81 opened a new issue #2387: Security vulnerabilities in the apache/bookkeeper-4.9.2 image",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E"
},
{
"name": "[activemq-issues] 20200730 [jira] [Commented] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r3784834e80df2f284577a5596340fb84346c91a2dea6a073e65e3397@%3Cissues.activemq.apache.org%3E"
},
{
"name": "[geode-issues] 20200831 [jira] [Created] (GEODE-8471) Dependency security issues in geode-core-1.12",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E"
},
{
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"name": "https://www.oracle.com/security-alerts/cpujan2021.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujan2021.html"
},
{
"name": "[doris-commits] 20210402 [GitHub] [incubator-doris] zh0122 opened a new pull request #5594: [FE][Bug]Update log4j-web to fix a security issue",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rcbb79023a7c8494cb389cd3d95420fa9e0d531ece0b780b8c1f99422@%3Ccommits.doris.apache.org%3E"
},
{
"name": "[beam-issues] 20210528 [jira] [Created] (BEAM-12422) Vendored gRPC 1.36.0 is using a log4j version with security issues",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r0831e2e52a390758ce39a6193f82c11c295175adce6e6307de28c287@%3Cissues.beam.apache.org%3E"
},
{
"name": "https://www.oracle.com/security-alerts/cpuApr2021.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
},
{
"name": "[beam-github] 20210701 [GitHub] [beam] lukecwik commented on pull request #15113: [BEAM-12422] Upgrade log4j version not affected by CVE-2017-5645",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rbfa7a0742be4981a3f9356a23d0e1a5f2e1eabde32a1a3d8e41420f8@%3Cgithub.beam.apache.org%3E"
},
{
"name": "[beam-github] 20210701 [GitHub] [beam] lukecwik opened a new pull request #15113: [BEAM-12422] Upgrade log4j version not affected by CVE-2017-5645",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r23369fd603eb6d62d3b883a0a28d12052dcbd1d6d531137124cd7f83@%3Cgithub.beam.apache.org%3E"
},
{
"name": "[beam-github] 20210701 [GitHub] [beam] codecov[bot] commented on pull request #15113: [BEAM-12422] Upgrade log4j version not affected by CVE-2017-5645",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r9d5c1b558a15d374bd5abd2d3ae3ca7e50e796a0efdcf91e9c5b4cdd@%3Cgithub.beam.apache.org%3E"
},
{
"name": "[beam-github] 20210701 [GitHub] [beam] codecov[bot] edited a comment on pull request #15113: [BEAM-12422] Upgrade log4j version not affected by CVE-2017-5645",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r94b5aae09c4bcff5d06cf641be17b00bd83ba7e10cad737bf16a1b8f@%3Cgithub.beam.apache.org%3E"
},
{
"name": "[beam-github] 20210701 [GitHub] [beam] suztomo commented on pull request #15113: [BEAM-12422] Upgrade log4j version not affected by CVE-2017-5645",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rdbd579dc223f06af826d7de340218ee2f80d8b43fa7e4decb2a63f44@%3Cgithub.beam.apache.org%3E"
},
{
"name": "https://www.oracle.com/security-alerts/cpuoct2021.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"name": "https://www.oracle.com/security-alerts/cpujan2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2017-5645",
"datePublished": "2017-04-17T21:00:00.000Z",
"dateReserved": "2017-01-29T00:00:00.000Z",
"dateUpdated": "2024-08-05T15:11:47.391Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2017-5645",
"date": "2026-05-29",
"epss": "0.94013",
"percentile": "0.99899"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2017-5645\",\"sourceIdentifier\":\"security@apache.org\",\"published\":\"2017-04-17T21:59:00.373\",\"lastModified\":\"2026-05-13T00:24:29.033\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code.\"},{\"lang\":\"es\",\"value\":\"En Apache Log4j 2.x en versiones anteriores a 2.8.2, cuando se utiliza el servidor de socket TCP o el servidor de socket UDP para recibir sucesos de registro serializados de otra aplicaci\u00f3n, puede enviarse una carga binaria especialmente dise\u00f1ada que, cuando se deserializa, puede ejecutar c\u00f3digo arbitrario.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-502\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.0\",\"versionEndExcluding\":\"2.8.2\",\"matchCriteriaId\":\"A364B542-9D74-48AD-9616-8F16107B3F9C\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:oncommand_api_services:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5EC98B22-FFAA-4B59-8E63-EBAA4336AD13\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1BE6C1F-2565-4E97-92AA-16563E5660A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5735E553-9731-4AAC-BCFF-989377F817B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:service_level_manager:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7081652A-D28B-494E-94EF-CA88117F23EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BDFB1169-41A0-4A86-8E4F-FDA9730B1E94\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7B7A6697-98CC-4E36-93DB-B7160F8399F9\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:fuse:1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"077732DB-F5F3-4E9C-9AC0-8142AB85B32F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:6.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"84FF61DF-D634-4FB5-8DF1-01F631BE1A7A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"142AD0DD-4CF3-4D74-9442-459CE3347E3A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:7.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B99A2411-7F6A-457F-A7BF-EB13C630F902\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:7.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"041F9200-4C01-4187-AE34-240E8277B54D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:7.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4EB48767-F095-444F-9E05-D9AC345AB803\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:7.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F6FA12B-504C-4DBF-A32E-0548557AA2ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"33C068A4-3780-4EAB-A937-6082DF847564\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"51EF4996-72F4-4FA4-814F-F5991E7A8318\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D99A687E-EAE6-417E-A88E-D0082BC194CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B353CE99-D57C-465B-AAB0-73EF581127D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9EC0D196-F7B8-4BDD-9050-779F7A7FBEE4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BF77CDCF-B9C9-427D-B2BF-36650FB2148C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D5F7E11E-FB34-4467-8919-2B6BEAABF665\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B76AA310-FEC7-497F-AF04-C3EC1E76C4CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"825ECE2D-E232-46E0-A047-074B34DB1E97\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:api_gateway:11.1.2.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A5553591-073B-45E3-999F-21B8BA2EEE22\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A125E817-F974-4509-872C-B71933F42AD1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:autovue_vuelink_integration:21.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6FAA9FFE-8F55-4E81-B62F-A5500468AD30\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:autovue_vuelink_integration:21.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C41B952C-B6FD-4244-BEEE-A1EB73503594\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_platform:2.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8972497F-6E24-45A9-9A18-EB0E842CB1D4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_platform:2.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"400509A8-D6F2-432C-A2F1-AD5B8778D0D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_platform:2.6.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"132CE62A-FBFC-4001-81EC-35D81F73AF48\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:bi_publisher:11.1.1.7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3D8D08B8-CE61-45A3-BAC2-6D0E7D567B68\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:bi_publisher:11.1.1.9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C83DA9A0-2EBC-4298-8412-1A7C4DC88C2B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:bi_publisher:12.2.1.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9DC56004-4497-4CDD-AE76-5E3DFAE170F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"274A0CF5-41E8-42E0-9931-F7372A65B9C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_converged_application_server_-_service_controller:6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"66DCCCD9-2170-4675-A447-FB679BC28A74\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD945A04-174C-46A2-935D-4F92631D1018\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_interactive_session_recorder:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.0\",\"versionEndIncluding\":\"6.2\",\"matchCriteriaId\":\"9D5F8F04-7DFB-4B44-90CF-F1372DB8313C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_messaging_server:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"8.0.2\",\"matchCriteriaId\":\"A53B6FD8-8367-4915-B4D0-23572F31C539\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_network_integrity:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.3.2\",\"versionEndIncluding\":\"7.3.6\",\"matchCriteriaId\":\"ABD748C9-24F6-4739-9772-208B98616EE2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_online_mediation_controller:6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"15817206-C2AD-47B7-B40F-85BB36DB4E78\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_pricing_design_center:11.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F6C9F582-6C82-4994-9724-22E9575E48B0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_pricing_design_center:12.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49BB6E9C-B630-4BDC-AEC1-7F031F612D6B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_service_broker:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"373C4024-679F-4C37-B408-0FB0D7FD845F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_webrtc_session_controller:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.2\",\"matchCriteriaId\":\"77120A3C-9A48-45FC-A620-5072AF325ACF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:configuration_manager:12.1.2.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A76F09D-AF43-426B-A04F-79E1CAC51D03\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:configuration_manager:12.1.2.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F5B5E83F-D4FD-4ABB-9B8E-97C0E7571AA5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:endeca_information_discovery_studio:3.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D03A8C9-35A5-4B75-9711-7A4A60457307\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:enterprise_data_quality:12.2.1.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36CF85A9-2C29-46E7-961E-8ADD0B5822CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:enterprise_manager_base_platform:12.1.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36E39918-B2D6-43F0-A607-8FD8BFF6F340\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:enterprise_manager_base_platform:13.2.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1FEB8446-7EAC-4A8D-B6EE-3AAC2294C324\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:enterprise_manager_for_fusion_middleware:12.1.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"14480702-4398-4C28-82A6-E7329FB3B650\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:enterprise_manager_for_fusion_middleware:13.2.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6F4E0F9A-D925-43FB-A1B7-452EEAE6BE2D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:enterprise_manager_for_mysql_database:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"13.2.2.0.0\",\"matchCriteriaId\":\"C2239009-34CE-4E54-992B-835649C9D96F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:enterprise_manager_for_oracle_database:12.1.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"41650E24-8BFD-42F0-A3E2-545118602690\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:enterprise_manager_for_oracle_database:13.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5AFC807-4873-42B3-AEDE-8633A9BDDEF2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:enterprise_manager_for_peoplesoft:13.1.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E3D0D69-6AFF-49DD-9BB4-5C0C6905D14E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:enterprise_manager_for_peoplesoft:13.2.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"532955A8-7292-4662-9324-C961587C8657\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.3.3.0.0\",\"versionEndIncluding\":\"7.3.3.0.2\",\"matchCriteriaId\":\"6E3469D7-69E4-4242-B45A-C0CD9E691C4A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.0.0.0.0\",\"versionEndIncluding\":\"8.0.7.0.0\",\"matchCriteriaId\":\"1D94C05C-7403-47D3-98D8-2DA8373FEE6F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_behavior_detection_platform:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.0.0.0.0\",\"versionEndIncluding\":\"8.0.4.0.0\",\"matchCriteriaId\":\"46E31100-478A-480C-9518-A6D8FBB94B8B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_behavior_detection_platform:6.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48D8CC72-A67A-4CB0-948D-53488ACC7826\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:8.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8DECBF5C-6C87-424F-A116-DD534EC5946C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:8.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3469C84E-50F3-4461-864C-E59174DDC981\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_lending_and_leasing:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.8.0\",\"matchCriteriaId\":\"2959030B-A9B7-4423-A2E8-9352FC83C4A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_lending_and_leasing:12.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"317CA916-61F3-4E24-B42F-610A1C88A5BA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E7791EF-A99D-4D52-AFC7-157372E88E21\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"265B796B-2DDA-43A6-A3A9-1A79676F25C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_profitability_management:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.0.0.0.0\",\"versionEndIncluding\":\"8.0.7.0.0\",\"matchCriteriaId\":\"D4279644-04B8-4E58-A38D-CD1E4FB1C39C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_profitability_management:6.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"43422E17-1D41-497E-A60B-31B1B4D6D563\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_regulatory_reporting_with_agilereporter:8.0.9.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C9C146BA-6F4F-4A6F-8E53-8A4F5B8E15D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:flexcube_investor_servicing:12.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B0A34DF8-72CC-4A8E-84F2-C2DF4A0B9FAB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:flexcube_investor_servicing:12.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"21BE77B2-6368-470E-B9E6-21664D9A818A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:flexcube_investor_servicing:12.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3250073F-325A-4AFC-892F-F2005E3854A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:flexcube_investor_servicing:12.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0DDDC9C2-33D6-4123-9ABC-C9B809A6E88E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:flexcube_investor_servicing:14.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"991A279B-9D7C-4E39-8827-BC21C2C03B83\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D151B58F-5583-4F19-B225-80075B45441B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C7D665C9-408A-4039-A2D4-9EE565BC4656\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:goldengate:12.3.2.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"65B765DA-560B-4367-B9B0-B7369BC4D3DC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:goldengate_application_adapters:12.3.2.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CECECC34-8112-4328-BA49-39F30BE7874A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:identity_analytics:11.1.1.5.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B4855252-D6CA-461D-B196-30AFA7482868\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:identity_management_suite:11.1.2.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7A79A489-F37C-420A-83B1-4482A8DFF9BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:identity_management_suite:12.2.1.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1489DDA7-EDBE-404C-B48D-F0B52B741708\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:identity_manager_connector:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E8BD581B-1CC0-4236-836A-204BBCBBBF77\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:in-memory_performance-driven_planning:12.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16BBC649-7AA8-4B8E-9A3F-CC62948F0102\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:in-memory_performance-driven_planning:12.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"289702F6-1CC4-4D88-9745-EB0FA68A732B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:instantis_enterprisetrack:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"17.1\",\"versionEndIncluding\":\"17.3\",\"matchCriteriaId\":\"9A74FD5F-4FEA-4A74-8B92-72DFDE6BA464\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:insurance_calculation_engine:10.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CEE4B2F0-1AAB-4A1F-AE86-A568D43891B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:insurance_calculation_engine:10.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C79B50C2-27C2-4A9C-ACEE-B70015283F58\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:insurance_policy_administration:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9ED4F724-C92F-4B4F-B631-81A4EA706DB2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:insurance_policy_administration:10.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"900450EB-A71D-4A8E-B8C4-AFD36F9A36B0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:insurance_policy_administration:10.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"68017B52-6597-4E32-A38F-634B5635568C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:insurance_policy_administration:11.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A19D11A6-BA1D-4121-8686-C177C450777F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:insurance_rules_palette:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB6321F8-7A0A-4DB8-9889-3527023C652A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:insurance_rules_palette:10.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"25F8E604-8180-4728-AD2D-7FF034E3E65A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:insurance_rules_palette:10.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"02867DC7-E669-43C0-ACC4-E1CAA8B9994C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:insurance_rules_palette:11.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FBAFA631-C92B-4FF7-8E65-07C67789EBCD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:insurance_rules_palette:11.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9652104A-119D-4327-A937-8BED23C23861\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:4.0.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A055CAA6-F789-4E63-A212-84DBAC4BF044\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"41684398-18A4-4DC6-B8A2-3EBAA0CBF9A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdeveloper:11.1.1.9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A7506589-9B3B-49BA-B826-774BFDCC45B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdeveloper:12.1.3.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"042C243F-EDFE-4A04-AB0B-26E73CC34837\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdeveloper:12.2.1.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"228DA523-4D6D-48C5-BDB0-DB1A60F23F8B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.4.0.0\",\"versionEndIncluding\":\"3.4.7.4297\",\"matchCriteriaId\":\"48D04F3B-A385-4D8C-BD05-53006452346A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.0.0.0\",\"versionEndIncluding\":\"4.0.4.5235\",\"matchCriteriaId\":\"4424C7C9-508B-4824-91A7-AFA1D8C8C698\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.0.0.0.0\",\"versionEndIncluding\":\"8.0.0.8131\",\"matchCriteriaId\":\"BFFFF50D-D301-4752-B720-4340C69E2A98\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:peoplesoft_enterprise_fin_install:9.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B21E71BD-DD38-4634-BF9F-092D55000DE6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:policy_automation:10.4.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D8B3B57-73D6-4402-987F-8AE723D52F94\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:policy_automation:12.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"62BF043E-BCB9-433D-BA09-7357853EE127\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:policy_automation:12.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3F26FB80-F541-4B59-AC3C-633F49388B59\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:policy_automation:12.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07EB8080-B6DE-47F4-B978-F56AEF7294BE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:policy_automation:12.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0AE52320-14DB-4BD5-A1E5-6BBE4829923A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:policy_automation:12.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C0B5E4B-BA35-4949-B7EC-70C5F5E44FD8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:policy_automation:12.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"165E98B6-9ADA-46A7-92C0-E3624D6D89C5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:policy_automation:12.2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"092C9E61-8A0A-4348-A423-A9312D7D330F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:policy_automation:12.2.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"01949739-F799-47FE-9118-617F84903F70\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:policy_automation:12.2.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"34FAA06A-F092-452A-B35C-BC133834DA59\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:policy_automation:12.2.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8A9A0D5-95B9-47BB-8303-03D40DE46678\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:policy_automation:12.2.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F071925B-7B0A-4250-9A25-1221711453FF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:policy_automation:12.2.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"93CF9B92-309E-4356-B8C1-CB161A712479\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:policy_automation:12.2.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CBCA717-6B8B-4CAF-8E9C-57335925CE2F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:policy_automation_connector_for_siebel:10.4.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0DB5E2C7-9C68-4D3B-95AD-9CBF65DE1E94\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:policy_automation_for_mobile_devices:10.4.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8FFEC4A8-E000-4921-8563-5BC3B0DC6C5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DDB7DE72-2E0D-427D-AF1E-2BC068D0756B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C64A19B-BC3D-4C84-AE38-75EEAE3B5BEA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5825956B-B0DD-4083-8E50-B8148F9F438E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"691A45D3-A594-4E95-9894-87B9FD6BE833\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F36C640-592C-4081-8B97-2432BF7DD1F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C477753B-2716-4266-815B-5BABDDFE1FDA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F94F4C7-8E3E-4D0E-A5E7-E8D4E2D21D6D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CBCF09A6-8A57-40F4-9EB3-48F4806B4803\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CBBE93A9-5628-4176-866E-88DE10B9778D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FDB71361-D75B-4937-A48E-C2C0064E09FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FEB68145-0577-472D-B310-A7BF065ADA9E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"56961578-6FCB-489C-8431-22F9D263DFFA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"93EA52BF-E710-4309-9272-8F81D5751ABA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.2.0\",\"versionEndIncluding\":\"16.2.11\",\"matchCriteriaId\":\"06CF27F6-ADC1-480C-9D2E-2BD1E7330C32\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"17.12.0\",\"versionEndIncluding\":\"17.12.7\",\"matchCriteriaId\":\"E4AA3854-C9FD-4287-85A0-EE7907D1E1ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:rapid_planning:12.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"19A0F1AF-F2E6-44E7-8E2D-190E103B72D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:rapid_planning:12.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D53690D-3390-4A27-988A-709CD89DD05B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_advanced_inventory_planning:14.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A25285DC-9E51-44F8-818A-86A79B3565DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_advanced_inventory_planning:15.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"517E0654-F1DE-43C4-90B5-FB90CA31734B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_clearance_optimization_engine:14.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE91D517-D85D-4A8D-90DC-4561BBF8670E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_extract_transform_and_load:13.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"202DE5CB-B3D4-4289-9AA2-24E9CE266EE3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_extract_transform_and_load:13.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F7D07CB-15D2-424D-8E25-7AC59ACFFD05\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_extract_transform_and_load:13.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AE02A69E-F820-4261-8D7E-9B1021E5A9AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_extract_transform_and_load:19.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E306B67-E1BD-4A67-A77D-A7DC72D5B957\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_integration_bus:14.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB5F56EC-8415-4BA1-9D8A-C77F4BB1AF62\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_integration_bus:14.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"965BCB93-2DED-41FD-972E-FF5958691A35\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_integration_bus:15.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"42064F46-3012-4FB1-89BA-F13C2E4CBB6B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_integration_bus:16.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F73E2EFA-0F43-4D92-8C7D-9E66811B76D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_open_commerce_platform:5.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07630491-0624-4C5C-A858-C5D3CDCD1B68\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_open_commerce_platform:6.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC9CA11F-F718-43E5-ADB9-6C348C75E37A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_open_commerce_platform:6.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9FBAAD32-1E9D-47F1-9F47-76FEA47EF54F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_predictive_application_server:15.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"24A3C819-5151-4543-A5C6-998C9387C8A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_service_backbone:14.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"378A6656-252B-4929-83EA-BC107FDFD357\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_service_backbone:15.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"363395FA-C296-4B2B-9D6F-BCB8DBE6FACE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_service_backbone:16.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F62A2144-5EF8-4319-B8C2-D7975F51E5FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:siebel_ui_framework:18.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EBAE649F-0389-4875-A995-E73E287AB342\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:siebel_ui_framework:18.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D5EC241-7D11-47F4-8B41-D362651A5E8B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:siebel_ui_framework:18.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8FCB6791-EBFA-4620-ABD4-D55CDCF3EA9D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:soa_suite:12.1.3.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF4C318C-5D1E-479B-9597-9FAD9E186111\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:soa_suite:12.2.1.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"65994DC4-C9C0-48B0-88AB-E2958B4EB9E3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:soa_suite:12.2.2.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4580A7AB-54A9-4784-9087-A3F107258593\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:tape_library_acsls:8.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"70D4467D-6968-4557-AF61-AFD42B2B48D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:timesten_in-memory_database:11.2.2.8.49:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F9EB3DE5-142C-43A5-9735-CB73C54D42E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:utilities_advanced_spatial_and_operational_analytics:2.7.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6FD0EC40-B96B-4E9C-9A81-4E65C4B9512E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:utilities_work_and_asset_management:1.9.1.2.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB1011D4-E5EE-4722-B644-D522EFC6337A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B40B13B7-68B3-4510-968C-6A730EB46462\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C93CC705-1F8C-4870-99E6-14BF264C3811\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F14A818F-AA16-4438-A3E4-E64C9287AC66\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4A5BB153-68E0-4DDA-87D1-0D9AB7F0A418\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"04BCDC24-4A21-473C-8733-0D9CFB38A752\"}]}]}],\"references\":[{\"url\":\"http://www.openwall.com/lists/oss-security/2019/12/19/2\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html\",\"source\":\"security@apache.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html\",\"source\":\"security@apache.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html\",\"source\":\"security@apache.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html\",\"source\":\"security@apache.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/97702\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1040200\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1041294\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:1417\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:1801\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:1802\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2423\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2633\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2635\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2636\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2637\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2638\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2808\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2809\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2810\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2811\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2888\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2889\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3244\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3399\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3400\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:1545\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://issues.apache.org/jira/browse/LOG4J2-1863\",\"source\":\"security@apache.org\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/0dcca05274d20ef2d72584edcf8c917bbb13dbbd7eb35cae909d02e9%40%3Cdev.logging.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/277b4b5c2b0e06a825ccec565fa65bd671f35a4d58e3e2ec5d0618e1%40%3Cdev.tika.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/44491fb9cc19acc901f7cff34acb7376619f15638439416e3e14761c%40%3Cdev.tika.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/479471e6debd608c837b9815b76eab24676657d4444fcfd5ef96d6e6%40%3Cdev.tika.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/6114ce566200d76e3cc45c521a62c2c5a4eac15738248f58a99f622c%40%3Cissues.activemq.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/84cc4266238e057b95eb95dfd8b29d46a2592e7672c12c92f68b2917%40%3Cannounce.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/8ab32b4c9f1826f20add7c40be08909de9f58a89dc1de9c09953f5ac%40%3Cissues.activemq.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe%40%3Ccommits.druid.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/e8fb7d76a244ee997ba4b217d6171227f7c2521af8c7c5b16cba27bc%40%3Cdev.logging.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/eea03d504b36e8f870e8321d908e1def1addda16adda04327fe7c125%40%3Cdev.logging.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r0831e2e52a390758ce39a6193f82c11c295175adce6e6307de28c287%40%3Cissues.beam.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r18f1c010b554a3a2d761e8ffffd8674fd4747bcbcf16c643d708318c%40%3Cissues.activemq.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r23369fd603eb6d62d3b883a0a28d12052dcbd1d6d531137124cd7f83%40%3Cgithub.beam.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r2ce8d26154bea939536e6cf27ed02d3192bf5c5d04df885a80fe89b3%40%3Cissues.activemq.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r2ff63f210842a3c5e42f03a35d8f3a345134d073c80a04077341c211%40%3Cissues.activemq.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r3784834e80df2f284577a5596340fb84346c91a2dea6a073e65e3397%40%3Cissues.activemq.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r3a85514a518f3080ab1fc2652cfe122c2ccf67cfb32356acb1b08fe8%40%3Cdev.tika.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r3d666e4e8905157f3c046d31398b04f2bfd4519e31f266de108c6919%40%3Cissues.activemq.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r4b25538be50126194cc646836c718b1a4d8f71bd9c912af5b59134ad%40%3Cdev.tika.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r61590890edcc64140e0c606954b29a063c3d08a2b41d447256d51a78%40%3Cissues.activemq.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r681b4432d0605f327b68b9f8a42662993e699d04614de4851c35ffd1%40%3Cdev.tika.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r746fbc3fc13aee292ae6851f7a5080f592fa3a67b983c6887cdb1fc5%40%3Cdev.tika.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r7bcdc710857725c311b856c0b82cee6207178af5dcde1bd43d289826%40%3Cissues.activemq.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r94b5aae09c4bcff5d06cf641be17b00bd83ba7e10cad737bf16a1b8f%40%3Cgithub.beam.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r9d5c1b558a15d374bd5abd2d3ae3ca7e50e796a0efdcf91e9c5b4cdd%40%3Cgithub.beam.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/ra38785cfc0e7f17f8e24bebf775dd032c033fadcaea29e5bc9fffc60%40%3Cdev.tika.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/ra9a682bc0a8dff1c5cefdef31c7c25f096d9121207cf2d74e2fc563d%40%3Ccommits.logging.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/raedd12dc24412b3780432bf202a2618a21a727788543e5337a458ead%40%3Cissues.activemq.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/rb1b29aee737e1c37fe1d48528cb0febac4f5deed51f5412e6fdfe2bf%40%3Cissues.activemq.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/rbfa7a0742be4981a3f9356a23d0e1a5f2e1eabde32a1a3d8e41420f8%40%3Cgithub.beam.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/rc1eaed7f7d774d5d02f66e49baced31e04827a1293d61a70bd003ca7%40%3Cdev.tika.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/rca24a281000fb681d7e26e5c031a21eb4b0593a7735f781b53dae4e2%40%3Cdev.tika.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/rcbb79023a7c8494cb389cd3d95420fa9e0d531ece0b780b8c1f99422%40%3Ccommits.doris.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/rd5dbeee4808c0f2b9b51479b50de3cc6adb1072c332a200d9107f13e%40%3Cissues.activemq.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/rdbd579dc223f06af826d7de340218ee2f80d8b43fa7e4decb2a63f44%40%3Cgithub.beam.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/rdec0d8ac1f03e6905b0de2df1d5fcdb98b94556e4f6cccf7519fdb26%40%3Cdev.tika.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/re8c21ed9dd218c217d242ffa90778428e446b082b5e1c29f567e8374%40%3Cissues.activemq.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/rf2567488cfc9212b42e34c6393cfa1c14e30e4838b98dda84d71041f%40%3Cdev.tika.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20180726-0002/\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20181107-0002/\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuApr2021.html\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2020.html\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2020.html\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2021.html\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2022.html\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujul2020.html\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuoct2020.html\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuoct2021.html\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html\",\"source\":\"security@apache.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html\",\"source\":\"security@apache.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html\",\"source\":\"security@apache.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html\",\"source\":\"security@apache.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2019/12/19/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/97702\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1040200\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1041294\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:1417\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:1801\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:1802\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2423\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2633\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2635\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2636\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2637\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2638\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2808\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2809\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2810\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2811\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2888\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2889\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3244\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3399\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3400\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:1545\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://issues.apache.org/jira/browse/LOG4J2-1863\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/0dcca05274d20ef2d72584edcf8c917bbb13dbbd7eb35cae909d02e9%40%3Cdev.logging.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/277b4b5c2b0e06a825ccec565fa65bd671f35a4d58e3e2ec5d0618e1%40%3Cdev.tika.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/44491fb9cc19acc901f7cff34acb7376619f15638439416e3e14761c%40%3Cdev.tika.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/479471e6debd608c837b9815b76eab24676657d4444fcfd5ef96d6e6%40%3Cdev.tika.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/6114ce566200d76e3cc45c521a62c2c5a4eac15738248f58a99f622c%40%3Cissues.activemq.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/84cc4266238e057b95eb95dfd8b29d46a2592e7672c12c92f68b2917%40%3Cannounce.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/8ab32b4c9f1826f20add7c40be08909de9f58a89dc1de9c09953f5ac%40%3Cissues.activemq.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe%40%3Ccommits.druid.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/e8fb7d76a244ee997ba4b217d6171227f7c2521af8c7c5b16cba27bc%40%3Cdev.logging.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/eea03d504b36e8f870e8321d908e1def1addda16adda04327fe7c125%40%3Cdev.logging.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r0831e2e52a390758ce39a6193f82c11c295175adce6e6307de28c287%40%3Cissues.beam.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r18f1c010b554a3a2d761e8ffffd8674fd4747bcbcf16c643d708318c%40%3Cissues.activemq.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r23369fd603eb6d62d3b883a0a28d12052dcbd1d6d531137124cd7f83%40%3Cgithub.beam.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r2ce8d26154bea939536e6cf27ed02d3192bf5c5d04df885a80fe89b3%40%3Cissues.activemq.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r2ff63f210842a3c5e42f03a35d8f3a345134d073c80a04077341c211%40%3Cissues.activemq.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r3784834e80df2f284577a5596340fb84346c91a2dea6a073e65e3397%40%3Cissues.activemq.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r3a85514a518f3080ab1fc2652cfe122c2ccf67cfb32356acb1b08fe8%40%3Cdev.tika.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r3d666e4e8905157f3c046d31398b04f2bfd4519e31f266de108c6919%40%3Cissues.activemq.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r4b25538be50126194cc646836c718b1a4d8f71bd9c912af5b59134ad%40%3Cdev.tika.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r61590890edcc64140e0c606954b29a063c3d08a2b41d447256d51a78%40%3Cissues.activemq.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r681b4432d0605f327b68b9f8a42662993e699d04614de4851c35ffd1%40%3Cdev.tika.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r746fbc3fc13aee292ae6851f7a5080f592fa3a67b983c6887cdb1fc5%40%3Cdev.tika.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r7bcdc710857725c311b856c0b82cee6207178af5dcde1bd43d289826%40%3Cissues.activemq.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r94b5aae09c4bcff5d06cf641be17b00bd83ba7e10cad737bf16a1b8f%40%3Cgithub.beam.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r9d5c1b558a15d374bd5abd2d3ae3ca7e50e796a0efdcf91e9c5b4cdd%40%3Cgithub.beam.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/ra38785cfc0e7f17f8e24bebf775dd032c033fadcaea29e5bc9fffc60%40%3Cdev.tika.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/ra9a682bc0a8dff1c5cefdef31c7c25f096d9121207cf2d74e2fc563d%40%3Ccommits.logging.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/raedd12dc24412b3780432bf202a2618a21a727788543e5337a458ead%40%3Cissues.activemq.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rb1b29aee737e1c37fe1d48528cb0febac4f5deed51f5412e6fdfe2bf%40%3Cissues.activemq.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rbfa7a0742be4981a3f9356a23d0e1a5f2e1eabde32a1a3d8e41420f8%40%3Cgithub.beam.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rc1eaed7f7d774d5d02f66e49baced31e04827a1293d61a70bd003ca7%40%3Cdev.tika.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rca24a281000fb681d7e26e5c031a21eb4b0593a7735f781b53dae4e2%40%3Cdev.tika.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rcbb79023a7c8494cb389cd3d95420fa9e0d531ece0b780b8c1f99422%40%3Ccommits.doris.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rd5dbeee4808c0f2b9b51479b50de3cc6adb1072c332a200d9107f13e%40%3Cissues.activemq.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rdbd579dc223f06af826d7de340218ee2f80d8b43fa7e4decb2a63f44%40%3Cgithub.beam.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rdec0d8ac1f03e6905b0de2df1d5fcdb98b94556e4f6cccf7519fdb26%40%3Cdev.tika.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/re8c21ed9dd218c217d242ffa90778428e446b082b5e1c29f567e8374%40%3Cissues.activemq.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rf2567488cfc9212b42e34c6393cfa1c14e30e4838b98dda84d71041f%40%3Cdev.tika.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20180726-0002/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20181107-0002/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuApr2021.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2021.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2022.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujul2020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuoct2020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuoct2021.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]}]}}"
}
}
VAR-201704-1589
Vulnerability from variot - Updated: 2026-03-09 20:56In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code. Apache Log4j Contains a vulnerability in the deserialization of unreliable data.Information is obtained, information is altered, and service operation is disrupted (DoS) An attack may be carried out. Apache Log4j is a Java-based open source logging tool developed by the Apache Software Foundation. A code issue vulnerability exists in Apache Log4j 2.x versions prior to 2.8.2. An attacker could exploit this vulnerability to execute arbitrary code.
Security Fix(es):
-
hawtio-osgi (CVE-2017-5645)
-
prometheus-jmx-exporter: snakeyaml (CVE-2017-18640)
-
apache-commons-compress (CVE-2019-12402)
-
karaf-transaction-manager-narayana: netty (CVE-2019-16869, CVE-2019-20445)
-
tomcat (CVE-2020-1935, CVE-2020-1938, CVE-2020-9484, CVE-2020-13934, CVE-2020-13935, CVE-2020-11996)
-
spring-cloud-config-server (CVE-2020-5410)
-
velocity (CVE-2020-13936)
-
httpclient: apache-httpclient (CVE-2020-13956)
-
shiro-core: shiro (CVE-2020-17510)
-
hibernate-core (CVE-2020-25638)
-
wildfly-openssl (CVE-2020-25644)
-
jetty (CVE-2020-27216, CVE-2021-28165)
-
bouncycastle (CVE-2020-28052)
-
wildfly (CVE-2019-14887, CVE-2020-25640)
-
resteasy-jaxrs: resteasy (CVE-2020-1695)
-
camel-olingo4 (CVE-2020-1925)
-
springframework (CVE-2020-5421)
-
jsf-impl: Mojarra (CVE-2020-6950)
-
resteasy (CVE-2020-10688)
-
hibernate-validator (CVE-2020-10693)
-
wildfly-elytron (CVE-2020-10714)
-
undertow (CVE-2020-10719)
-
activemq (CVE-2020-13920)
-
cxf-core: cxf (CVE-2020-13954)
-
fuse-apicurito-operator-container: golang.org/x/text (CVE-2020-14040)
-
jboss-ejb-client: wildfly (CVE-2020-14297)
-
xercesimpl: wildfly (CVE-2020-14338)
-
xnio (CVE-2020-14340)
-
flink: apache-flink (CVE-2020-17518)
-
resteasy-client (CVE-2020-25633)
-
xstream (CVE-2020-26258)
-
mybatis (CVE-2020-26945)
-
pdfbox (CVE-2021-27807, CVE-2021-27906)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bugs fixed (https://bugzilla.redhat.com/):
1443635 - CVE-2017-5645 log4j: Socket receiver deserialization vulnerability 1730462 - CVE-2020-1695 resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class 1758619 - CVE-2019-16869 netty: HTTP request smuggling by mishandled whitespace before the colon in HTTP headers 1764640 - CVE-2019-12402 apache-commons-compress: Infinite loop in name encoding algorithm 1772008 - CVE-2019-14887 wildfly: The 'enabled-protocols' value in legacy security is not respected if OpenSSL security provider is in use 1785376 - CVE-2017-18640 snakeyaml: Billion laughs attack via alias feature 1790309 - CVE-2020-1925 olingo-odata: Server side request forgery in AsyncResponseWrapperImpl 1798509 - CVE-2019-20445 netty: HttpObjectDecoder.java allows Content-Length header to accompanied by second Content-Length header 1805006 - CVE-2020-6950 Mojarra: Path traversal via either the loc parameter or the con parameter, incomplete fix of CVE-2018-14371 1805501 - CVE-2020-10693 hibernate-validator: Improper input validation in the interpolation of constraint error messages 1806398 - CVE-2020-1938 tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability 1806835 - CVE-2020-1935 tomcat: Mishandling of Transfer-Encoding header allows for HTTP request smuggling 1814974 - CVE-2020-10688 RESTEasy: RESTEASY003870 exception in RESTEasy can lead to a reflected XSS attack 1825714 - CVE-2020-10714 wildfly-elytron: session fixation when using FORM authentication 1828459 - CVE-2020-10719 undertow: invalid HTTP request with large chunk size 1838332 - CVE-2020-9484 tomcat: deserialization flaw in session persistence storage leading to RCE 1845626 - CVE-2020-5410 spring-cloud-config-server: sending a request using a specially crafted URL can lead to a directory traversal attack 1851420 - CVE-2020-11996 tomcat: specially crafted sequence of HTTP/2 requests can lead to DoS 1853595 - CVE-2020-14297 wildfly: Some EJB transaction objects may get accumulated causing Denial of Service 1853652 - CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash 1857024 - CVE-2020-13935 tomcat: multiple requests with invalid payload length in a WebSocket frame could lead to DoS 1857040 - CVE-2020-13934 tomcat: OutOfMemoryException caused by HTTP/2 connection leak could lead to DoS 1860054 - CVE-2020-14338 wildfly: XML validation manipulation due to incomplete application of use-grammar-pool-only in xercesImpl 1860218 - CVE-2020-14340 xnio: file descriptor leak caused by growing amounts of NIO Selector file handles may lead to DoS 1879042 - CVE-2020-25633 resteasy-client: potential sensitive information leakage in JAX-RS RESTEasy Client's WebApplicationException handling 1880101 - CVE-2020-13920 activemq: improper authentication allows MITM attack 1881158 - CVE-2020-5421 springframework: RFD protection bypass via jsessionid 1881353 - CVE-2020-25638 hibernate-core: SQL injection vulnerability when both hibernate.use_sql_comments and JPQL String literals are used 1881637 - CVE-2020-25640 wildfly: resource adapter logs plaintext JMS password at warning level on connection error 1885485 - CVE-2020-25644 wildfly-openssl: memory leak per HTTP session creation in WildFly OpenSSL 1886587 - CVE-2020-13956 apache-httpclient: incorrect handling of malformed authority component in request URIs 1887257 - CVE-2020-26945 mybatis: mishandles deserialization of object streams which could result in remote code execution 1891132 - CVE-2020-27216 jetty: local temporary directory hijacking vulnerability 1898235 - CVE-2020-13954 cxf: XSS via the styleSheetPath 1903727 - CVE-2020-17510 shiro: specially crafted HTTP request may cause an authentication bypass 1908832 - CVE-2020-26258 XStream: Server-Side Forgery Request vulnerability can be activated when unmarshalling 1912881 - CVE-2020-28052 bouncycastle: password bypass in OpenBSDBCrypt.checkPassword utility possible 1913312 - CVE-2020-17518 apache-flink: directory traversal attack allows remote file writing through the REST API 1937440 - CVE-2020-13936 velocity: arbitrary code execution when attacker is able to modify templates 1941050 - CVE-2021-27906 pdfbox: OutOfMemory-Exception while loading a crafted PDF file 1941055 - CVE-2021-27807 pdfbox: infinite loop while loading a crafted PDF file 1945714 - CVE-2021-28165 jetty: Resource exhaustion when receiving an invalid large TLS frame
The References section of this erratum contains a download link (you must log in to download the update).
This release of Red Hat JBoss Enterprise Application Platform 7.0.8 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.7, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. (CVE-2017-5645)
-
A vulnerability was found in Jasypt that would allow an attacker to perform a timing attack on password hash comparison. (CVE-2014-9970)
-
It was found that an information disclosure flaw in Bouncy Castle could enable a local malicious application to gain access to user's private information. (CVE-2015-6644)
-
It was found that while parsing the SAML messages the StaxParserUtil class of Picketlink replaces special strings for obtaining attribute values with system property. This could allow an attacker to determine values of system properties at the attacked system by formatting the SAML request ID field to be the chosen system property which could be obtained in the "InResponseTo" field in the response. (CVE-2017-2582)
-
It was found that when the security manager's reflective permissions, which allows it to access the private members of the class, are granted to Hibernate Validator, a potential privilege escalation can occur. By allowing the calling code to access those private members without the permission an attacker may be able to validate an invalid instance and access the private member value via ConstraintViolation#getInvalidValue(). Solution:
Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications. Bugs fixed (https://bugzilla.redhat.com/):
1410481 - CVE-2017-2582 picketlink, keycloak: SAML request parser replaces special strings with system properties 1443635 - CVE-2017-5645 log4j: Socket receiver deserialization vulnerability 1444015 - CVE-2015-6644 bouncycastle: Information disclosure in GCMBlockCipher 1455566 - CVE-2014-9970 jasypt: Vulnerable to timing attack against the password hash comparison 1465573 - CVE-2017-7536 hibernate-validator: Privilege escalation when running under the security manager
- JIRA issues fixed (https://issues.jboss.org/):
JBEAP-11485 - Tracker bug for the EAP 7.0.8 release for RHEL-7
Security Fix(es):
-
bsh2: remote code execution via deserialization (CVE-2016-2510)
-
log4j: Socket receiver deserialization vulnerability (CVE-2017-5645)
-
uima: XML external entity expansion (XXE) can allow attackers to execute arbitrary code (CVE-2017-15691)
-
mysql-connector-java: Connector/J unspecified vulnerability (CPU October 2018) (CVE-2018-3258)
-
thrift: Improper Access Control grants access to files outside the webservers docroot path (CVE-2018-11798)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Installation instructions are available from the Fuse 7.3.0 product documentation page: https://access.redhat.com/documentation/en-us/red_hat_fuse/7.3/
- Bugs fixed (https://bugzilla.redhat.com/):
1310647 - CVE-2016-2510 bsh2: remote code execution via deserialization 1443635 - CVE-2017-5645 log4j: Socket receiver deserialization vulnerability 1572463 - CVE-2017-15691 uima: XML external entity expansion (XXE) can allow attackers to execute arbitrary code 1640615 - CVE-2018-3258 mysql-connector-java: Connector/J unspecified vulnerability (CPU October 2018) 1667188 - CVE-2018-11798 thrift: Improper Access Control grants access to files outside the webservers docroot path
- -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: rh-java-common-log4j security update Advisory ID: RHSA-2017:1417-01 Product: Red Hat Software Collections Advisory URL: https://access.redhat.com/errata/RHSA-2017:1417 Issue date: 2017-06-08 CVE Names: CVE-2017-5645 =====================================================================
- Summary:
An update for rh-java-common-log4j is now available for Red Hat Software Collections.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6) - noarch Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - noarch Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7) - noarch Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3) - noarch Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6) - noarch Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - noarch
- Description:
Log4j is a tool to help the programmer output log statements to a variety of output targets. (CVE-2017-5645)
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1443635 - CVE-2017-5645 log4j: Socket receiver deserialization vulnerability
- Package List:
Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6):
Source: rh-java-common-log4j-1.2.17-15.15.el6.src.rpm
noarch: rh-java-common-log4j-1.2.17-15.15.el6.noarch.rpm rh-java-common-log4j-javadoc-1.2.17-15.15.el6.noarch.rpm rh-java-common-log4j-manual-1.2.17-15.15.el6.noarch.rpm
Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7):
Source: rh-java-common-log4j-1.2.17-15.15.el6.src.rpm
noarch: rh-java-common-log4j-1.2.17-15.15.el6.noarch.rpm rh-java-common-log4j-javadoc-1.2.17-15.15.el6.noarch.rpm rh-java-common-log4j-manual-1.2.17-15.15.el6.noarch.rpm
Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6):
Source: rh-java-common-log4j-1.2.17-15.15.el6.src.rpm
noarch: rh-java-common-log4j-1.2.17-15.15.el6.noarch.rpm rh-java-common-log4j-javadoc-1.2.17-15.15.el6.noarch.rpm rh-java-common-log4j-manual-1.2.17-15.15.el6.noarch.rpm
Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7):
Source: rh-java-common-log4j-1.2.17-15.15.el7.src.rpm
noarch: rh-java-common-log4j-1.2.17-15.15.el7.noarch.rpm rh-java-common-log4j-javadoc-1.2.17-15.15.el7.noarch.rpm rh-java-common-log4j-manual-1.2.17-15.15.el7.noarch.rpm
Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3):
Source: rh-java-common-log4j-1.2.17-15.15.el7.src.rpm
noarch: rh-java-common-log4j-1.2.17-15.15.el7.noarch.rpm rh-java-common-log4j-javadoc-1.2.17-15.15.el7.noarch.rpm rh-java-common-log4j-manual-1.2.17-15.15.el7.noarch.rpm
Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7):
Source: rh-java-common-log4j-1.2.17-15.15.el7.src.rpm
noarch: rh-java-common-log4j-1.2.17-15.15.el7.noarch.rpm rh-java-common-log4j-javadoc-1.2.17-15.15.el7.noarch.rpm rh-java-common-log4j-manual-1.2.17-15.15.el7.noarch.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2017-5645 https://access.redhat.com/security/updates/classification/#important
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFZOQMQXlSAg2UNWIIRAgwvAJ9zqVY6yvhkuO8Uqdtyu86+9P1VIgCgtBhf ceYEsokMPo3LCY/99DiysrI= =wZ5c -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . (CVE-2017-5645)
- A vulnerability was discovered in the error page mechanism in Tomcat's DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page. (CVE-2017-7525)
Red Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-7525
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "mysql enterprise monitor",
"scope": "gte",
"trust": 1.0,
"vendor": "oracle",
"version": "4.0.0.0"
},
{
"_id": null,
"model": "financial services hedge management and ifrs valuations",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "8.0.5"
},
{
"_id": null,
"model": "financial services regulatory reporting with agilereporter",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "8.0.9.2.0"
},
{
"_id": null,
"model": "mysql enterprise monitor",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "3.4.7.4297"
},
{
"_id": null,
"model": "policy automation",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.1.0"
},
{
"_id": null,
"model": "insurance rules palette",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "10.1"
},
{
"_id": null,
"model": "bi publisher",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.2.1.4.0"
},
{
"_id": null,
"model": "financial services loan loss forecasting and provisioning",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "8.0.5"
},
{
"_id": null,
"model": "communications online mediation controller",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "6.1"
},
{
"_id": null,
"model": "service level manager",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"_id": null,
"model": "communications interactive session recorder",
"scope": "gte",
"trust": 1.0,
"vendor": "oracle",
"version": "6.0"
},
{
"_id": null,
"model": "endeca information discovery studio",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "3.2.0"
},
{
"_id": null,
"model": "enterprise manager for peoplesoft",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "13.2.1.1"
},
{
"_id": null,
"model": "financial services analytical applications infrastructure",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "8.0.7.0.0"
},
{
"_id": null,
"model": "policy automation for mobile devices",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.2.5"
},
{
"_id": null,
"model": "retail integration bus",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "16.0"
},
{
"_id": null,
"model": "policy automation for mobile devices",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.2.9"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.5"
},
{
"_id": null,
"model": "insurance rules palette",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "10.0"
},
{
"_id": null,
"model": "oncommand api services",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"_id": null,
"model": "mysql enterprise monitor",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "4.0.4.5235"
},
{
"_id": null,
"model": "policy automation for mobile devices",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.2.6"
},
{
"_id": null,
"model": "primavera gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "oracle",
"version": "17.12.0"
},
{
"_id": null,
"model": "policy automation",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.2.4"
},
{
"_id": null,
"model": "mysql enterprise monitor",
"scope": "gte",
"trust": 1.0,
"vendor": "oracle",
"version": "8.0.0.0.0"
},
{
"_id": null,
"model": "financial services behavior detection platform",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "8.0.4.0.0"
},
{
"_id": null,
"model": "autovue vuelink integration",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "21.0.1"
},
{
"_id": null,
"model": "policy automation for mobile devices",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.2.8"
},
{
"_id": null,
"model": "goldengate application adapters",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.3.2.1.1"
},
{
"_id": null,
"model": "soa suite",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.2.2.0.0"
},
{
"_id": null,
"model": "instantis enterprisetrack",
"scope": "gte",
"trust": 1.0,
"vendor": "oracle",
"version": "17.1"
},
{
"_id": null,
"model": "insurance policy administration",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "10.2"
},
{
"_id": null,
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.6"
},
{
"_id": null,
"model": "enterprise manager for fusion middleware",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.1.0.5"
},
{
"_id": null,
"model": "financial services profitability management",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "8.0.7.0.0"
},
{
"_id": null,
"model": "communications interactive session recorder",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "6.2"
},
{
"_id": null,
"model": "utilities work and asset management",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "1.9.1.2.12"
},
{
"_id": null,
"model": "siebel ui framework",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "18.8"
},
{
"_id": null,
"model": "communications network integrity",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "7.3.6"
},
{
"_id": null,
"model": "timesten in-memory database",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "11.2.2.8.49"
},
{
"_id": null,
"model": "weblogic server",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.2.1.3.0"
},
{
"_id": null,
"model": "policy automation for mobile devices",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.2.2"
},
{
"_id": null,
"model": "policy automation for mobile devices",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.2.10"
},
{
"_id": null,
"model": "jdeveloper",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.2.1.3.0"
},
{
"_id": null,
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.6"
},
{
"_id": null,
"model": "policy automation",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.2.0"
},
{
"_id": null,
"model": "retail advanced inventory planning",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "14.0"
},
{
"_id": null,
"model": "retail extract transform and load",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "13.1"
},
{
"_id": null,
"model": "enterprise linux server eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.6"
},
{
"_id": null,
"model": "enterprise manager for fusion middleware",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "13.2.0.0"
},
{
"_id": null,
"model": "weblogic server",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "10.3.6.0.0"
},
{
"_id": null,
"model": "bi publisher",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "11.1.1.7.0"
},
{
"_id": null,
"model": "insurance calculation engine",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "10.1.1"
},
{
"_id": null,
"model": "financial services hedge management and ifrs valuations",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "8.0.4"
},
{
"_id": null,
"model": "retail predictive application server",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "15.0.3"
},
{
"_id": null,
"model": "identity manager connector",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "9.0"
},
{
"_id": null,
"model": "peoplesoft enterprise fin install",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "9.2"
},
{
"_id": null,
"model": "communications converged application server - service controller",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "6.1"
},
{
"_id": null,
"model": "financial services loan loss forecasting and provisioning",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "8.0.4"
},
{
"_id": null,
"model": "financial services lending and leasing",
"scope": "gte",
"trust": 1.0,
"vendor": "oracle",
"version": "14.1.0"
},
{
"_id": null,
"model": "in-memory performance-driven planning",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.1"
},
{
"_id": null,
"model": "jdeveloper",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.1.3.0.0"
},
{
"_id": null,
"model": "policy automation for mobile devices",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.2.4"
},
{
"_id": null,
"model": "retail open commerce platform",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "5.3.0"
},
{
"_id": null,
"model": "utilities advanced spatial and operational analytics",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "2.7.0.1"
},
{
"_id": null,
"model": "financial services analytical applications infrastructure",
"scope": "gte",
"trust": 1.0,
"vendor": "oracle",
"version": "7.3.3.0.0"
},
{
"_id": null,
"model": "weblogic server",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.2.1.4.0"
},
{
"_id": null,
"model": "policy automation",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.2.3"
},
{
"_id": null,
"model": "flexcube investor servicing",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.3.0"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"_id": null,
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.4"
},
{
"_id": null,
"model": "insurance rules palette",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "11.1"
},
{
"_id": null,
"model": "autovue vuelink integration",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "21.0.0"
},
{
"_id": null,
"model": "fuse",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "1.0"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.7"
},
{
"_id": null,
"model": "policy automation",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.1.1"
},
{
"_id": null,
"model": "api gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "11.1.2.4.0"
},
{
"_id": null,
"model": "tape library acsls",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "8.4"
},
{
"_id": null,
"model": "fusion middleware mapviewer",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.2.1.3"
},
{
"_id": null,
"model": "retail extract transform and load",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "13.2"
},
{
"_id": null,
"model": "log4j",
"scope": "lt",
"trust": 1.0,
"vendor": "apache",
"version": "2.8.2"
},
{
"_id": null,
"model": "policy automation for mobile devices",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.2.0"
},
{
"_id": null,
"model": "mysql enterprise monitor",
"scope": "gte",
"trust": 1.0,
"vendor": "oracle",
"version": "3.4.0.0"
},
{
"_id": null,
"model": "retail integration bus",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "15.0"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.3"
},
{
"_id": null,
"model": "enterprise manager for oracle database",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "13.2.2"
},
{
"_id": null,
"model": "retail advanced inventory planning",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "15.0"
},
{
"_id": null,
"model": "banking platform",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "2.6.2"
},
{
"_id": null,
"model": "configuration manager",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.1.2.0.2"
},
{
"_id": null,
"model": "retail extract transform and load",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "13.0"
},
{
"_id": null,
"model": "financial services lending and leasing",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "14.8.0"
},
{
"_id": null,
"model": "retail integration bus",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "14.0.0"
},
{
"_id": null,
"model": "insurance policy administration",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "11.0"
},
{
"_id": null,
"model": "banking platform",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "2.6.0"
},
{
"_id": null,
"model": "rapid planning",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.1"
},
{
"_id": null,
"model": "oncommand workflow automation",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"_id": null,
"model": "retail clearance optimization engine",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "14.0.5"
},
{
"_id": null,
"model": "goldengate",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.3.2.1.1"
},
{
"_id": null,
"model": "communications messaging server",
"scope": "lt",
"trust": 1.0,
"vendor": "oracle",
"version": "8.0.2"
},
{
"_id": null,
"model": "policy automation for mobile devices",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.1.0"
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"_id": null,
"model": "retail service backbone",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "16.0"
},
{
"_id": null,
"model": "enterprise manager base platform",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.1.0.5"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.6"
},
{
"_id": null,
"model": "communications pricing design center",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.0"
},
{
"_id": null,
"model": "enterprise manager for peoplesoft",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "13.1.1.1"
},
{
"_id": null,
"model": "weblogic server",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.1.3.0.0"
},
{
"_id": null,
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.4"
},
{
"_id": null,
"model": "enterprise data quality",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.2.1.3.0"
},
{
"_id": null,
"model": "flexcube investor servicing",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "14.0.0"
},
{
"_id": null,
"model": "primavera gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "oracle",
"version": "16.2.0"
},
{
"_id": null,
"model": "in-memory performance-driven planning",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.2"
},
{
"_id": null,
"model": "policy automation",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.2.9"
},
{
"_id": null,
"model": "policy automation for mobile devices",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.2.3"
},
{
"_id": null,
"model": "insurance policy administration",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "10.0"
},
{
"_id": null,
"model": "insurance rules palette",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "10.2"
},
{
"_id": null,
"model": "financial services behavior detection platform",
"scope": "gte",
"trust": 1.0,
"vendor": "oracle",
"version": "8.0.0.0.0"
},
{
"_id": null,
"model": "communications pricing design center",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "11.1"
},
{
"_id": null,
"model": "flexcube investor servicing",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.0.4"
},
{
"_id": null,
"model": "enterprise manager for oracle database",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.1.0.8"
},
{
"_id": null,
"model": "policy automation",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.2.1"
},
{
"_id": null,
"model": "policy automation for mobile devices",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.1.1"
},
{
"_id": null,
"model": "policy automation",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.2.7"
},
{
"_id": null,
"model": "retail open commerce platform",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "6.0.1"
},
{
"_id": null,
"model": "oncommand insight",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"_id": null,
"model": "configuration manager",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.1.2.0.5"
},
{
"_id": null,
"model": "financial services lending and leasing",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.5.0"
},
{
"_id": null,
"model": "policy automation",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "10.4.7"
},
{
"_id": null,
"model": "enterprise manager base platform",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "13.2.0.0"
},
{
"_id": null,
"model": "enterprise linux server eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.4"
},
{
"_id": null,
"model": "bi publisher",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "11.1.1.9.0"
},
{
"_id": null,
"model": "application testing suite",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "13.3.0.1"
},
{
"_id": null,
"model": "log4j",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "2.0"
},
{
"_id": null,
"model": "soa suite",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.2.1.3.0"
},
{
"_id": null,
"model": "retail service backbone",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "14.1"
},
{
"_id": null,
"model": "mysql enterprise monitor",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "8.0.0.8131"
},
{
"_id": null,
"model": "banking platform",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "2.6.1"
},
{
"_id": null,
"model": "jd edwards enterpriseone tools",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "9.2"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.4"
},
{
"_id": null,
"model": "jd edwards enterpriseone tools",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "4.0.1.0"
},
{
"_id": null,
"model": "snapcenter",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"_id": null,
"model": "rapid planning",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.2"
},
{
"_id": null,
"model": "financial services profitability management",
"scope": "gte",
"trust": 1.0,
"vendor": "oracle",
"version": "8.0.0.0.0"
},
{
"_id": null,
"model": "identity management suite",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "11.1.2.3.0"
},
{
"_id": null,
"model": "primavera gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "16.2.11"
},
{
"_id": null,
"model": "retail open commerce platform",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "6.0.0"
},
{
"_id": null,
"model": "weblogic server",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "14.1.1.0.0"
},
{
"_id": null,
"model": "insurance calculation engine",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "10.2.1"
},
{
"_id": null,
"model": "flexcube investor servicing",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.4.0"
},
{
"_id": null,
"model": "enterprise linux server eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.5"
},
{
"_id": null,
"model": "jdeveloper",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "11.1.1.9.0"
},
{
"_id": null,
"model": "enterprise manager for mysql database",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "13.2.2.0.0"
},
{
"_id": null,
"model": "identity management suite",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.2.1.3.0"
},
{
"_id": null,
"model": "instantis enterprisetrack",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "17.3"
},
{
"_id": null,
"model": "communications webrtc session controller",
"scope": "lt",
"trust": 1.0,
"vendor": "oracle",
"version": "7.2"
},
{
"_id": null,
"model": "fusion middleware mapviewer",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.2.1.2"
},
{
"_id": null,
"model": "identity analytics",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "11.1.1.5.8"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"_id": null,
"model": "insurance policy administration",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "10.1"
},
{
"_id": null,
"model": "soa suite",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.1.3.0.0"
},
{
"_id": null,
"model": "siebel ui framework",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "18.7"
},
{
"_id": null,
"model": "communications network integrity",
"scope": "gte",
"trust": 1.0,
"vendor": "oracle",
"version": "7.3.2"
},
{
"_id": null,
"model": "financial services profitability management",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "6.1.1"
},
{
"_id": null,
"model": "bi publisher",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.2.1.3.0"
},
{
"_id": null,
"model": "policy automation for mobile devices",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.2.1"
},
{
"_id": null,
"model": "communications instant messaging server",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "10.0.1.3.0"
},
{
"_id": null,
"model": "policy automation",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.2.5"
},
{
"_id": null,
"model": "policy automation for mobile devices",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.2.7"
},
{
"_id": null,
"model": "retail extract transform and load",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "19.0"
},
{
"_id": null,
"model": "policy automation for mobile devices",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "10.4.7"
},
{
"_id": null,
"model": "policy automation",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.2.6"
},
{
"_id": null,
"model": "primavera gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "17.12.7"
},
{
"_id": null,
"model": "retail service backbone",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "15.0"
},
{
"_id": null,
"model": "siebel ui framework",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "18.9"
},
{
"_id": null,
"model": "policy automation",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.2.8"
},
{
"_id": null,
"model": "communications service broker",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "6.0"
},
{
"_id": null,
"model": "flexcube investor servicing",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.1.0"
},
{
"_id": null,
"model": "financial services analytical applications infrastructure",
"scope": "gte",
"trust": 1.0,
"vendor": "oracle",
"version": "8.0.0.0.0"
},
{
"_id": null,
"model": "retail integration bus",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "14.1.0"
},
{
"_id": null,
"model": "insurance rules palette",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "11.0"
},
{
"_id": null,
"model": "financial services analytical applications infrastructure",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "7.3.3.0.2"
},
{
"_id": null,
"model": "policy automation",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.2.2"
},
{
"_id": null,
"model": "policy automation connector for siebel",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "10.4.6"
},
{
"_id": null,
"model": "storage automation store",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"_id": null,
"model": "policy automation",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.2.10"
},
{
"_id": null,
"model": "financial services behavior detection platform",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "6.1.1"
},
{
"_id": null,
"model": "log4j",
"scope": "eq",
"trust": 0.8,
"vendor": "apache",
"version": "2.8.2"
},
{
"_id": null,
"model": "log4j",
"scope": "lt",
"trust": 0.8,
"vendor": "apache",
"version": "2.x"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-003152"
},
{
"db": "NVD",
"id": "CVE-2017-5645"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:apache:log4j",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-003152"
}
]
},
"credits": {
"_id": null,
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "163798"
},
{
"db": "PACKETSTORM",
"id": "144347"
},
{
"db": "PACKETSTORM",
"id": "144358"
},
{
"db": "PACKETSTORM",
"id": "153344"
},
{
"db": "PACKETSTORM",
"id": "144360"
},
{
"db": "PACKETSTORM",
"id": "144013"
},
{
"db": "PACKETSTORM",
"id": "142856"
},
{
"db": "PACKETSTORM",
"id": "144018"
}
],
"trust": 0.8
},
"cve": "CVE-2017-5645",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2017-5645",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-113848",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2017-5645",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-5645",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-5645",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2017-5645",
"trust": 0.8,
"value": "Critical"
},
{
"author": "VULHUB",
"id": "VHN-113848",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2017-5645",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-113848"
},
{
"db": "VULMON",
"id": "CVE-2017-5645"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003152"
},
{
"db": "NVD",
"id": "CVE-2017-5645"
}
]
},
"description": {
"_id": null,
"data": "In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code. Apache Log4j Contains a vulnerability in the deserialization of unreliable data.Information is obtained, information is altered, and service operation is disrupted (DoS) An attack may be carried out. Apache Log4j is a Java-based open source logging tool developed by the Apache Software Foundation. A code issue vulnerability exists in Apache Log4j 2.x versions prior to 2.8.2. An attacker could exploit this vulnerability to execute arbitrary code. \n\nSecurity Fix(es):\n\n* hawtio-osgi (CVE-2017-5645)\n\n* prometheus-jmx-exporter: snakeyaml (CVE-2017-18640)\n\n* apache-commons-compress (CVE-2019-12402)\n\n* karaf-transaction-manager-narayana: netty (CVE-2019-16869,\nCVE-2019-20445)\n\n* tomcat (CVE-2020-1935, CVE-2020-1938, CVE-2020-9484, CVE-2020-13934,\nCVE-2020-13935, CVE-2020-11996)\n\n* spring-cloud-config-server (CVE-2020-5410)\n\n* velocity (CVE-2020-13936)\n\n* httpclient: apache-httpclient (CVE-2020-13956)\n\n* shiro-core: shiro (CVE-2020-17510)\n\n* hibernate-core (CVE-2020-25638)\n\n* wildfly-openssl (CVE-2020-25644)\n\n* jetty (CVE-2020-27216, CVE-2021-28165)\n\n* bouncycastle (CVE-2020-28052)\n\n* wildfly (CVE-2019-14887, CVE-2020-25640)\n\n* resteasy-jaxrs: resteasy (CVE-2020-1695)\n\n* camel-olingo4 (CVE-2020-1925)\n\n* springframework (CVE-2020-5421)\n\n* jsf-impl: Mojarra (CVE-2020-6950)\n\n* resteasy (CVE-2020-10688)\n\n* hibernate-validator (CVE-2020-10693)\n\n* wildfly-elytron (CVE-2020-10714)\n\n* undertow (CVE-2020-10719)\n\n* activemq (CVE-2020-13920)\n\n* cxf-core: cxf (CVE-2020-13954)\n\n* fuse-apicurito-operator-container: golang.org/x/text (CVE-2020-14040)\n\n* jboss-ejb-client: wildfly (CVE-2020-14297)\n\n* xercesimpl: wildfly (CVE-2020-14338)\n\n* xnio (CVE-2020-14340)\n\n* flink: apache-flink (CVE-2020-17518)\n\n* resteasy-client (CVE-2020-25633)\n\n* xstream (CVE-2020-26258)\n\n* mybatis (CVE-2020-26945)\n\n* pdfbox (CVE-2021-27807, CVE-2021-27906)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. Bugs fixed (https://bugzilla.redhat.com/):\n\n1443635 - CVE-2017-5645 log4j: Socket receiver deserialization vulnerability\n1730462 - CVE-2020-1695 resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class\n1758619 - CVE-2019-16869 netty: HTTP request smuggling by mishandled whitespace before the colon in HTTP headers\n1764640 - CVE-2019-12402 apache-commons-compress: Infinite loop in name encoding algorithm\n1772008 - CVE-2019-14887 wildfly: The \u0027enabled-protocols\u0027 value in legacy security is not respected if OpenSSL security provider is in use\n1785376 - CVE-2017-18640 snakeyaml: Billion laughs attack via alias feature\n1790309 - CVE-2020-1925 olingo-odata: Server side request forgery in AsyncResponseWrapperImpl\n1798509 - CVE-2019-20445 netty: HttpObjectDecoder.java allows Content-Length header to accompanied by second Content-Length header\n1805006 - CVE-2020-6950 Mojarra: Path traversal via either the loc parameter or the con parameter, incomplete fix of CVE-2018-14371\n1805501 - CVE-2020-10693 hibernate-validator: Improper input validation in the interpolation of constraint error messages\n1806398 - CVE-2020-1938 tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability\n1806835 - CVE-2020-1935 tomcat: Mishandling of Transfer-Encoding header allows for HTTP request smuggling\n1814974 - CVE-2020-10688 RESTEasy: RESTEASY003870 exception in RESTEasy can lead to a reflected XSS attack\n1825714 - CVE-2020-10714 wildfly-elytron: session fixation when using FORM authentication\n1828459 - CVE-2020-10719 undertow: invalid HTTP request with large chunk size\n1838332 - CVE-2020-9484 tomcat: deserialization flaw in session persistence storage leading to RCE\n1845626 - CVE-2020-5410 spring-cloud-config-server: sending a request using a specially crafted URL can lead to a directory traversal attack\n1851420 - CVE-2020-11996 tomcat: specially crafted sequence of HTTP/2 requests can lead to DoS\n1853595 - CVE-2020-14297 wildfly: Some EJB transaction objects may get accumulated causing Denial of Service\n1853652 - CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash\n1857024 - CVE-2020-13935 tomcat: multiple requests with invalid payload length in a WebSocket frame could lead to DoS\n1857040 - CVE-2020-13934 tomcat: OutOfMemoryException caused by HTTP/2 connection leak could lead to DoS\n1860054 - CVE-2020-14338 wildfly: XML validation manipulation due to incomplete application of use-grammar-pool-only in xercesImpl\n1860218 - CVE-2020-14340 xnio: file descriptor leak caused by growing amounts of NIO Selector file handles may lead to DoS\n1879042 - CVE-2020-25633 resteasy-client: potential sensitive information leakage in JAX-RS RESTEasy Client\u0027s WebApplicationException handling\n1880101 - CVE-2020-13920 activemq: improper authentication allows MITM attack\n1881158 - CVE-2020-5421 springframework: RFD protection bypass via jsessionid\n1881353 - CVE-2020-25638 hibernate-core: SQL injection vulnerability when both hibernate.use_sql_comments and JPQL String literals are used\n1881637 - CVE-2020-25640 wildfly: resource adapter logs plaintext JMS password at warning level on connection error\n1885485 - CVE-2020-25644 wildfly-openssl: memory leak per HTTP session creation in WildFly OpenSSL\n1886587 - CVE-2020-13956 apache-httpclient: incorrect handling of malformed authority component in request URIs\n1887257 - CVE-2020-26945 mybatis: mishandles deserialization of object streams which could result in remote code execution\n1891132 - CVE-2020-27216 jetty: local temporary directory hijacking vulnerability\n1898235 - CVE-2020-13954 cxf: XSS via the styleSheetPath\n1903727 - CVE-2020-17510 shiro: specially crafted HTTP request may cause an authentication bypass\n1908832 - CVE-2020-26258 XStream: Server-Side Forgery Request vulnerability can be activated when unmarshalling\n1912881 - CVE-2020-28052 bouncycastle: password bypass in OpenBSDBCrypt.checkPassword utility possible\n1913312 - CVE-2020-17518 apache-flink: directory traversal attack allows remote file writing through the REST API\n1937440 - CVE-2020-13936 velocity: arbitrary code execution when attacker is able to modify templates\n1941050 - CVE-2021-27906 pdfbox: OutOfMemory-Exception while loading a crafted PDF file\n1941055 - CVE-2021-27807 pdfbox: infinite loop while loading a crafted PDF file\n1945714 - CVE-2021-28165 jetty: Resource exhaustion when receiving an invalid large TLS frame\n\n5. \n\nThe References section of this erratum contains a download link (you must\nlog in to download the update). \n\nThis release of Red Hat JBoss Enterprise Application Platform 7.0.8 serves\nas a replacement for Red Hat JBoss Enterprise Application Platform 7.0.7,\nand includes bug fixes and enhancements, which are documented in the\nRelease Notes document linked to in the References. (CVE-2017-5645)\n\n* A vulnerability was found in Jasypt that would allow an attacker to\nperform a timing attack on password hash comparison. (CVE-2014-9970)\n\n* It was found that an information disclosure flaw in Bouncy Castle could\nenable a local malicious application to gain access to user\u0027s private\ninformation. (CVE-2015-6644)\n\n* It was found that while parsing the SAML messages the StaxParserUtil\nclass of Picketlink replaces special strings for obtaining attribute values\nwith system property. This could allow an attacker to determine values of\nsystem properties at the attacked system by formatting the SAML request ID\nfield to be the chosen system property which could be obtained in the\n\"InResponseTo\" field in the response. (CVE-2017-2582)\n\n* It was found that when the security manager\u0027s reflective permissions,\nwhich allows it to access the private members of the class, are granted to\nHibernate Validator, a potential privilege escalation can occur. By\nallowing the calling code to access those private members without the\npermission an attacker may be able to validate an invalid instance and\naccess the private member value via ConstraintViolation#getInvalidValue(). Solution:\n\nBefore applying this update, back up your existing Red Hat JBoss Enterprise\nApplication Platform installation and deployed applications. Bugs fixed (https://bugzilla.redhat.com/):\n\n1410481 - CVE-2017-2582 picketlink, keycloak: SAML request parser replaces special strings with system properties\n1443635 - CVE-2017-5645 log4j: Socket receiver deserialization vulnerability\n1444015 - CVE-2015-6644 bouncycastle: Information disclosure in GCMBlockCipher\n1455566 - CVE-2014-9970 jasypt: Vulnerable to timing attack against the password hash comparison\n1465573 - CVE-2017-7536 hibernate-validator: Privilege escalation when running under the security manager\n\n6. JIRA issues fixed (https://issues.jboss.org/):\n\nJBEAP-11485 - Tracker bug for the EAP 7.0.8 release for RHEL-7\n\n7. \n\nSecurity Fix(es):\n\n* bsh2: remote code execution via deserialization (CVE-2016-2510)\n\n* log4j: Socket receiver deserialization vulnerability (CVE-2017-5645)\n\n* uima: XML external entity expansion (XXE) can allow attackers to execute\narbitrary code (CVE-2017-15691)\n\n* mysql-connector-java: Connector/J unspecified vulnerability (CPU October\n2018) (CVE-2018-3258)\n\n* thrift: Improper Access Control grants access to files outside the\nwebservers docroot path (CVE-2018-11798)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, and other related information, refer to the CVE page(s) listed in\nthe References section. \n\nInstallation instructions are available from the Fuse 7.3.0 product\ndocumentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.3/\n\n4. Bugs fixed (https://bugzilla.redhat.com/):\n\n1310647 - CVE-2016-2510 bsh2: remote code execution via deserialization\n1443635 - CVE-2017-5645 log4j: Socket receiver deserialization vulnerability\n1572463 - CVE-2017-15691 uima: XML external entity expansion (XXE) can allow attackers to execute arbitrary code\n1640615 - CVE-2018-3258 mysql-connector-java: Connector/J unspecified vulnerability (CPU October 2018)\n1667188 - CVE-2018-11798 thrift: Improper Access Control grants access to files outside the webservers docroot path\n\n5. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: rh-java-common-log4j security update\nAdvisory ID: RHSA-2017:1417-01\nProduct: Red Hat Software Collections\nAdvisory URL: https://access.redhat.com/errata/RHSA-2017:1417\nIssue date: 2017-06-08\nCVE Names: CVE-2017-5645 \n=====================================================================\n\n1. Summary:\n\nAn update for rh-java-common-log4j is now available for Red Hat Software\nCollections. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Software Collections for Red Hat Enterprise Linux Server (v. 6) - noarch\nRed Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - noarch\nRed Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7) - noarch\nRed Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3) - noarch\nRed Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6) - noarch\nRed Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - noarch\n\n3. Description:\n\nLog4j is a tool to help the programmer output log statements to a variety\nof output targets. (CVE-2017-5645)\n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1443635 - CVE-2017-5645 log4j: Socket receiver deserialization vulnerability\n\n6. Package List:\n\nRed Hat Software Collections for Red Hat Enterprise Linux Server (v. 6):\n\nSource:\nrh-java-common-log4j-1.2.17-15.15.el6.src.rpm\n\nnoarch:\nrh-java-common-log4j-1.2.17-15.15.el6.noarch.rpm\nrh-java-common-log4j-javadoc-1.2.17-15.15.el6.noarch.rpm\nrh-java-common-log4j-manual-1.2.17-15.15.el6.noarch.rpm\n\nRed Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7):\n\nSource:\nrh-java-common-log4j-1.2.17-15.15.el6.src.rpm\n\nnoarch:\nrh-java-common-log4j-1.2.17-15.15.el6.noarch.rpm\nrh-java-common-log4j-javadoc-1.2.17-15.15.el6.noarch.rpm\nrh-java-common-log4j-manual-1.2.17-15.15.el6.noarch.rpm\n\nRed Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6):\n\nSource:\nrh-java-common-log4j-1.2.17-15.15.el6.src.rpm\n\nnoarch:\nrh-java-common-log4j-1.2.17-15.15.el6.noarch.rpm\nrh-java-common-log4j-javadoc-1.2.17-15.15.el6.noarch.rpm\nrh-java-common-log4j-manual-1.2.17-15.15.el6.noarch.rpm\n\nRed Hat Software Collections for Red Hat Enterprise Linux Server (v. 7):\n\nSource:\nrh-java-common-log4j-1.2.17-15.15.el7.src.rpm\n\nnoarch:\nrh-java-common-log4j-1.2.17-15.15.el7.noarch.rpm\nrh-java-common-log4j-javadoc-1.2.17-15.15.el7.noarch.rpm\nrh-java-common-log4j-manual-1.2.17-15.15.el7.noarch.rpm\n\nRed Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3):\n\nSource:\nrh-java-common-log4j-1.2.17-15.15.el7.src.rpm\n\nnoarch:\nrh-java-common-log4j-1.2.17-15.15.el7.noarch.rpm\nrh-java-common-log4j-javadoc-1.2.17-15.15.el7.noarch.rpm\nrh-java-common-log4j-manual-1.2.17-15.15.el7.noarch.rpm\n\nRed Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nrh-java-common-log4j-1.2.17-15.15.el7.src.rpm\n\nnoarch:\nrh-java-common-log4j-1.2.17-15.15.el7.noarch.rpm\nrh-java-common-log4j-javadoc-1.2.17-15.15.el7.noarch.rpm\nrh-java-common-log4j-manual-1.2.17-15.15.el7.noarch.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2017-5645\nhttps://access.redhat.com/security/updates/classification/#important\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2017 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFZOQMQXlSAg2UNWIIRAgwvAJ9zqVY6yvhkuO8Uqdtyu86+9P1VIgCgtBhf\nceYEsokMPo3LCY/99DiysrI=\n=wZ5c\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. (CVE-2017-5645)\n\n* A vulnerability was discovered in the error page mechanism in Tomcat\u0027s\nDefaultServlet implementation. A crafted HTTP request could cause undesired\nside effects, possibly including the removal or replacement of the custom\nerror page. \n(CVE-2017-7525)\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting\nCVE-2017-7525",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-5645"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003152"
},
{
"db": "VULHUB",
"id": "VHN-113848"
},
{
"db": "VULMON",
"id": "CVE-2017-5645"
},
{
"db": "PACKETSTORM",
"id": "163798"
},
{
"db": "PACKETSTORM",
"id": "144347"
},
{
"db": "PACKETSTORM",
"id": "144358"
},
{
"db": "PACKETSTORM",
"id": "153344"
},
{
"db": "PACKETSTORM",
"id": "144360"
},
{
"db": "PACKETSTORM",
"id": "144013"
},
{
"db": "PACKETSTORM",
"id": "142856"
},
{
"db": "PACKETSTORM",
"id": "144018"
}
],
"trust": 2.52
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2017-5645",
"trust": 2.8
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2019/12/19/2",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1041294",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1040200",
"trust": 1.1
},
{
"db": "BID",
"id": "97702",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003152",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "144018",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "144013",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "142856",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "145263",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "143500",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144014",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144017",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "143670",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144597",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144596",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "143499",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144019",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "145262",
"trust": 0.1
},
{
"db": "CNNVD",
"id": "CNNVD-201704-852",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-92965",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-113848",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2017-5645",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "163798",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144347",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144358",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "153344",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144360",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-113848"
},
{
"db": "VULMON",
"id": "CVE-2017-5645"
},
{
"db": "PACKETSTORM",
"id": "163798"
},
{
"db": "PACKETSTORM",
"id": "144347"
},
{
"db": "PACKETSTORM",
"id": "144358"
},
{
"db": "PACKETSTORM",
"id": "153344"
},
{
"db": "PACKETSTORM",
"id": "144360"
},
{
"db": "PACKETSTORM",
"id": "144013"
},
{
"db": "PACKETSTORM",
"id": "142856"
},
{
"db": "PACKETSTORM",
"id": "144018"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003152"
},
{
"db": "NVD",
"id": "CVE-2017-5645"
}
]
},
"id": "VAR-201704-1589",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-113848"
}
],
"trust": 0.01
},
"last_update_date": "2026-03-09T20:56:50.077000Z",
"patch": {
"_id": null,
"data": [
{
"title": "LOG4J2-1863",
"trust": 0.8,
"url": "https://issues.apache.org/jira/browse/LOG4J2-1863"
},
{
"title": "Red Hat: Important: Red Hat JBoss BRMS 6.4.6 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20172888 - Security Advisory"
},
{
"title": "Red Hat: Important: Red Hat JBoss BPM Suite 6.4.6 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20172889 - Security Advisory"
},
{
"title": "Red Hat: Important: Red Hat JBoss Enterprise Application Platform 5.2 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20173400 - Security Advisory"
},
{
"title": "Red Hat: Important: Red Hat JBoss Enterprise Application Platform 5.2 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20173399 - Security Advisory"
},
{
"title": "Red Hat: Important: rh-java-common-log4j security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20171417 - Security Advisory"
},
{
"title": "Red Hat: Important: Red Hat JBoss Data Grid 7.1.1 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20173244 - Security Advisory"
},
{
"title": "Debian CVElist Bug Report Logs: apache-log4j2: CVE-2017-5645: socket receiver deserialization vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=3fdfc30e441b98eacc4cae3c3c8416ea"
},
{
"title": "Red Hat: Important: Red Hat JBoss Enterprise Application Platform security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20172810 - Security Advisory"
},
{
"title": "Red Hat: Important: Red Hat JBoss Web Server Service Pack 1 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20171802 - Security Advisory"
},
{
"title": "Red Hat: Important: eap7-jboss-ec2-eap security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20172811 - Security Advisory"
},
{
"title": "Red Hat: Important: Red Hat JBoss Enterprise Application Platform security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20172808 - Security Advisory"
},
{
"title": "Red Hat: Important: Red Hat Fuse 7.3.1 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20191545 - Security Advisory"
},
{
"title": "Red Hat: Important: Red Hat JBoss Enterprise Application Platform security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20172809 - Security Advisory"
},
{
"title": "Red Hat: Important: Red Hat JBoss Web Server 3.1.0 Service Pack 1 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20171801 - Security Advisory"
},
{
"title": "Debian CVElist Bug Report Logs: apache-log4j1.2: CVE-2019-17571",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=9b1a2b3bcff03a4370bb153cc1e9d89e"
},
{
"title": "Red Hat: CVE-2017-5645",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2017-5645"
},
{
"title": "Amazon Linux AMI: ALAS-2022-1562",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2022-1562"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - July 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=5f8c525f1408011628af1792207b2099"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - January 2019",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=f655264a6935505d167bbf45f409a57b"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - April 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=4019ca77f50c7a34e4d97833e6f3321e"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=81c63752a6f26433af2128b2e8c02385"
},
{
"title": "Oracle Linux Bulletins: Oracle Linux Bulletin - July 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=549dc795290b298746065b62b4bb7928"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - January 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=e2a7f287e9acc8c64ab3df71130bc64d"
},
{
"title": "Log4J-RCE-Implementation",
"trust": 0.1,
"url": "https://github.com/Marcelektro/Log4J-RCE-Implementation "
},
{
"title": "CVE-2017-5645",
"trust": 0.1,
"url": "https://github.com/pimps/CVE-2017-5645 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/spmonkey/spassassin "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2017-5645"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003152"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-502",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-113848"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003152"
},
{
"db": "NVD",
"id": "CVE-2017-5645"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 1.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-5645"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2017:1417"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2017:2633"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2017:2637"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2017:2808"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2017:2809"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2017:2810"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2019:1545"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/97702"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"trust": 1.1,
"url": "https://issues.apache.org/jira/browse/log4j2-1863"
},
{
"trust": 1.1,
"url": "https://security.netapp.com/advisory/ntap-20180726-0002/"
},
{
"trust": 1.1,
"url": "https://security.netapp.com/advisory/ntap-20181107-0002/"
},
{
"trust": 1.1,
"url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
},
{
"trust": 1.1,
"url": "https://www.oracle.com/security-alerts/cpuapr2021.html"
},
{
"trust": 1.1,
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
},
{
"trust": 1.1,
"url": "https://www.oracle.com/security-alerts/cpujan2020.html"
},
{
"trust": 1.1,
"url": "https://www.oracle.com/security-alerts/cpujan2021.html"
},
{
"trust": 1.1,
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"trust": 1.1,
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"trust": 1.1,
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"trust": 1.1,
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"trust": 1.1,
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"trust": 1.1,
"url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
},
{
"trust": 1.1,
"url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
},
{
"trust": 1.1,
"url": "http://www.openwall.com/lists/oss-security/2019/12/19/2"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2017:1801"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2017:1802"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2017:2423"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2017:2635"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2017:2636"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2017:2638"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2017:2811"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2017:2888"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2017:2889"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2017:3244"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2017:3399"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2017:3400"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1040200"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1041294"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/eea03d504b36e8f870e8321d908e1def1addda16adda04327fe7c125%40%3cdev.logging.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/44491fb9cc19acc901f7cff34acb7376619f15638439416e3e14761c%40%3cdev.tika.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rca24a281000fb681d7e26e5c031a21eb4b0593a7735f781b53dae4e2%40%3cdev.tika.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r3a85514a518f3080ab1fc2652cfe122c2ccf67cfb32356acb1b08fe8%40%3cdev.tika.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r0831e2e52a390758ce39a6193f82c11c295175adce6e6307de28c287%40%3cissues.beam.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rbfa7a0742be4981a3f9356a23d0e1a5f2e1eabde32a1a3d8e41420f8%40%3cgithub.beam.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r746fbc3fc13aee292ae6851f7a5080f592fa3a67b983c6887cdb1fc5%40%3cdev.tika.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/8ab32b4c9f1826f20add7c40be08909de9f58a89dc1de9c09953f5ac%40%3cissues.activemq.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rf2567488cfc9212b42e34c6393cfa1c14e30e4838b98dda84d71041f%40%3cdev.tika.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r18f1c010b554a3a2d761e8ffffd8674fd4747bcbcf16c643d708318c%40%3cissues.activemq.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/e8fb7d76a244ee997ba4b217d6171227f7c2521af8c7c5b16cba27bc%40%3cdev.logging.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r2ff63f210842a3c5e42f03a35d8f3a345134d073c80a04077341c211%40%3cissues.activemq.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r23369fd603eb6d62d3b883a0a28d12052dcbd1d6d531137124cd7f83%40%3cgithub.beam.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r94b5aae09c4bcff5d06cf641be17b00bd83ba7e10cad737bf16a1b8f%40%3cgithub.beam.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/0dcca05274d20ef2d72584edcf8c917bbb13dbbd7eb35cae909d02e9%40%3cdev.logging.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3cissues.bookkeeper.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3cissues.geode.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r3784834e80df2f284577a5596340fb84346c91a2dea6a073e65e3397%40%3cissues.activemq.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rdec0d8ac1f03e6905b0de2df1d5fcdb98b94556e4f6cccf7519fdb26%40%3cdev.tika.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r7bcdc710857725c311b856c0b82cee6207178af5dcde1bd43d289826%40%3cissues.activemq.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/6114ce566200d76e3cc45c521a62c2c5a4eac15738248f58a99f622c%40%3cissues.activemq.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/raedd12dc24412b3780432bf202a2618a21a727788543e5337a458ead%40%3cissues.activemq.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rc1eaed7f7d774d5d02f66e49baced31e04827a1293d61a70bd003ca7%40%3cdev.tika.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe%40%3ccommits.druid.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rb1b29aee737e1c37fe1d48528cb0febac4f5deed51f5412e6fdfe2bf%40%3cissues.activemq.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r681b4432d0605f327b68b9f8a42662993e699d04614de4851c35ffd1%40%3cdev.tika.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/ra9a682bc0a8dff1c5cefdef31c7c25f096d9121207cf2d74e2fc563d%40%3ccommits.logging.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r2ce8d26154bea939536e6cf27ed02d3192bf5c5d04df885a80fe89b3%40%3cissues.activemq.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/ra38785cfc0e7f17f8e24bebf775dd032c033fadcaea29e5bc9fffc60%40%3cdev.tika.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rd5dbeee4808c0f2b9b51479b50de3cc6adb1072c332a200d9107f13e%40%3cissues.activemq.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/re8c21ed9dd218c217d242ffa90778428e446b082b5e1c29f567e8374%40%3cissues.activemq.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rcbb79023a7c8494cb389cd3d95420fa9e0d531ece0b780b8c1f99422%40%3ccommits.doris.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r4b25538be50126194cc646836c718b1a4d8f71bd9c912af5b59134ad%40%3cdev.tika.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/479471e6debd608c837b9815b76eab24676657d4444fcfd5ef96d6e6%40%3cdev.tika.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/84cc4266238e057b95eb95dfd8b29d46a2592e7672c12c92f68b2917%40%3cannounce.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/277b4b5c2b0e06a825ccec565fa65bd671f35a4d58e3e2ec5d0618e1%40%3cdev.tika.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r61590890edcc64140e0c606954b29a063c3d08a2b41d447256d51a78%40%3cissues.activemq.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r3d666e4e8905157f3c046d31398b04f2bfd4519e31f266de108c6919%40%3cissues.activemq.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rdbd579dc223f06af826d7de340218ee2f80d8b43fa7e4decb2a63f44%40%3cgithub.beam.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r9d5c1b558a15d374bd5abd2d3ae3ca7e50e796a0efdcf91e9c5b4cdd%40%3cgithub.beam.apache.org%3e"
},
{
"trust": 0.8,
"url": "https://access.redhat.com/security/cve/cve-2017-5645"
},
{
"trust": 0.8,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.8,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-5645"
},
{
"trust": 0.7,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.7,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-9970"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-7.0/"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-6644"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-2582"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2015-6644"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-7536"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2014-9970"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-7536"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-2582"
},
{
"trust": 0.2,
"url": "https://issues.jboss.org/):"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-7.0/installation-guide/"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2017-5664"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-5664"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2017-7525"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform?version=6.4/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-7525"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/8ab32b4c9f1826f20add7c40be08909de9f58a89dc1de9c09953f5ac@%3cissues.activemq.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/6114ce566200d76e3cc45c521a62c2c5a4eac15738248f58a99f622c@%3cissues.activemq.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r2ff63f210842a3c5e42f03a35d8f3a345134d073c80a04077341c211@%3cissues.activemq.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r7bcdc710857725c311b856c0b82cee6207178af5dcde1bd43d289826@%3cissues.activemq.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r3d666e4e8905157f3c046d31398b04f2bfd4519e31f266de108c6919@%3cissues.activemq.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rd5dbeee4808c0f2b9b51479b50de3cc6adb1072c332a200d9107f13e@%3cissues.activemq.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/raedd12dc24412b3780432bf202a2618a21a727788543e5337a458ead@%3cissues.activemq.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r61590890edcc64140e0c606954b29a063c3d08a2b41d447256d51a78@%3cissues.activemq.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r2ce8d26154bea939536e6cf27ed02d3192bf5c5d04df885a80fe89b3@%3cissues.activemq.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/re8c21ed9dd218c217d242ffa90778428e446b082b5e1c29f567e8374@%3cissues.activemq.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rb1b29aee737e1c37fe1d48528cb0febac4f5deed51f5412e6fdfe2bf@%3cissues.activemq.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r18f1c010b554a3a2d761e8ffffd8674fd4747bcbcf16c643d708318c@%3cissues.activemq.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r3784834e80df2f284577a5596340fb84346c91a2dea6a073e65e3397@%3cissues.activemq.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/84cc4266238e057b95eb95dfd8b29d46a2592e7672c12c92f68b2917@%3cannounce.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r9d5c1b558a15d374bd5abd2d3ae3ca7e50e796a0efdcf91e9c5b4cdd@%3cgithub.beam.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r94b5aae09c4bcff5d06cf641be17b00bd83ba7e10cad737bf16a1b8f@%3cgithub.beam.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rbfa7a0742be4981a3f9356a23d0e1a5f2e1eabde32a1a3d8e41420f8@%3cgithub.beam.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r23369fd603eb6d62d3b883a0a28d12052dcbd1d6d531137124cd7f83@%3cgithub.beam.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rdbd579dc223f06af826d7de340218ee2f80d8b43fa7e4decb2a63f44@%3cgithub.beam.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r0831e2e52a390758ce39a6193f82c11c295175adce6e6307de28c287@%3cissues.beam.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3cissues.bookkeeper.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rcbb79023a7c8494cb389cd3d95420fa9e0d531ece0b780b8c1f99422@%3ccommits.doris.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe@%3ccommits.druid.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3cissues.geode.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/ra9a682bc0a8dff1c5cefdef31c7c25f096d9121207cf2d74e2fc563d@%3ccommits.logging.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/e8fb7d76a244ee997ba4b217d6171227f7c2521af8c7c5b16cba27bc@%3cdev.logging.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/eea03d504b36e8f870e8321d908e1def1addda16adda04327fe7c125@%3cdev.logging.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/0dcca05274d20ef2d72584edcf8c917bbb13dbbd7eb35cae909d02e9@%3cdev.logging.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/277b4b5c2b0e06a825ccec565fa65bd671f35a4d58e3e2ec5d0618e1@%3cdev.tika.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/44491fb9cc19acc901f7cff34acb7376619f15638439416e3e14761c@%3cdev.tika.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/479471e6debd608c837b9815b76eab24676657d4444fcfd5ef96d6e6@%3cdev.tika.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rf2567488cfc9212b42e34c6393cfa1c14e30e4838b98dda84d71041f@%3cdev.tika.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r3a85514a518f3080ab1fc2652cfe122c2ccf67cfb32356acb1b08fe8@%3cdev.tika.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rc1eaed7f7d774d5d02f66e49baced31e04827a1293d61a70bd003ca7@%3cdev.tika.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r681b4432d0605f327b68b9f8a42662993e699d04614de4851c35ffd1@%3cdev.tika.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/ra38785cfc0e7f17f8e24bebf775dd032c033fadcaea29e5bc9fffc60@%3cdev.tika.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r746fbc3fc13aee292ae6851f7a5080f592fa3a67b983c6887cdb1fc5@%3cdev.tika.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rdec0d8ac1f03e6905b0de2df1d5fcdb98b94556e4f6cccf7519fdb26@%3cdev.tika.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rca24a281000fb681d7e26e5c031a21eb4b0593a7735f781b53dae4e2@%3cdev.tika.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r4b25538be50126194cc646836c718b1a4d8f71bd9c912af5b59134ad@%3cdev.tika.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-13936"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-1925"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-6950"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-1935"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-17510"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-13956"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-14040"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-14338"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-13920"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-13954"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2017-18640"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-14040"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:3140"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-13920"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-5410"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-13934"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-27216"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-10688"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-13934"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-14887"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-13935"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-28165"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-9484"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-14297"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-14338"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_fuse/7.9/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-10693"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-1695"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-10714"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-11996"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-12402"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-12402"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-1925"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-13954"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-26258"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-25640"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-25638"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-14340"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?downloadtype=distributions\u0026product=jboss.fuse\u0026version=7.9.0"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-14297"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-17510"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-11996"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-10719"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-13956"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-27807"
},
{
"trust": 0.1,
"url": "https://listman.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-16869"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-14340"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-25633"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-16869"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-18640"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-26945"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-25644"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-1935"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-13936"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-17518"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-27906"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-5421"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-1938"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-1938"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-20445"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-20445"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-10719"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-28052"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-10693"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-17518"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-10688"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-13935"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-1695"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-14887"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-10714"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en/jboss-enterprise-application-platform/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?product=appplatform\u0026downloadtype=securitypatches\u0026version=7.0"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2510"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-3258"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-15691"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?downloadtype=distributions\u0026product=jboss.fuse\u0026version=7.3.1"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-11798"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-11798"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2510"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_fuse/7.3"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-3258"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2017-15691"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_fuse/7.3/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?product=appplatform\u0026downloadtype=securitypatches\u0026version=6.4"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-113848"
},
{
"db": "PACKETSTORM",
"id": "163798"
},
{
"db": "PACKETSTORM",
"id": "144347"
},
{
"db": "PACKETSTORM",
"id": "144358"
},
{
"db": "PACKETSTORM",
"id": "153344"
},
{
"db": "PACKETSTORM",
"id": "144360"
},
{
"db": "PACKETSTORM",
"id": "144013"
},
{
"db": "PACKETSTORM",
"id": "142856"
},
{
"db": "PACKETSTORM",
"id": "144018"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003152"
},
{
"db": "NVD",
"id": "CVE-2017-5645"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "VULHUB",
"id": "VHN-113848",
"ident": null
},
{
"db": "VULMON",
"id": "CVE-2017-5645",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "163798",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "144347",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "144358",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "153344",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "144360",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "144013",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "142856",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "144018",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003152",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2017-5645",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2017-04-17T00:00:00",
"db": "VULHUB",
"id": "VHN-113848",
"ident": null
},
{
"date": "2017-04-17T00:00:00",
"db": "VULMON",
"id": "CVE-2017-5645",
"ident": null
},
{
"date": "2021-08-12T15:42:56",
"db": "PACKETSTORM",
"id": "163798",
"ident": null
},
{
"date": "2017-09-26T03:56:00",
"db": "PACKETSTORM",
"id": "144347",
"ident": null
},
{
"date": "2017-09-27T06:16:07",
"db": "PACKETSTORM",
"id": "144358",
"ident": null
},
{
"date": "2019-06-19T17:19:04",
"db": "PACKETSTORM",
"id": "153344",
"ident": null
},
{
"date": "2017-09-27T06:16:28",
"db": "PACKETSTORM",
"id": "144360",
"ident": null
},
{
"date": "2017-09-05T23:23:00",
"db": "PACKETSTORM",
"id": "144013",
"ident": null
},
{
"date": "2017-06-08T14:39:46",
"db": "PACKETSTORM",
"id": "142856",
"ident": null
},
{
"date": "2017-09-06T04:16:37",
"db": "PACKETSTORM",
"id": "144018",
"ident": null
},
{
"date": "2017-05-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-003152",
"ident": null
},
{
"date": "2017-04-17T21:59:00.373000",
"db": "NVD",
"id": "CVE-2017-5645",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2020-10-20T00:00:00",
"db": "VULHUB",
"id": "VHN-113848",
"ident": null
},
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2017-5645",
"ident": null
},
{
"date": "2017-05-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-003152",
"ident": null
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2017-5645",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "163798"
},
{
"db": "PACKETSTORM",
"id": "144347"
},
{
"db": "PACKETSTORM",
"id": "144358"
},
{
"db": "PACKETSTORM",
"id": "144360"
},
{
"db": "PACKETSTORM",
"id": "144013"
},
{
"db": "PACKETSTORM",
"id": "142856"
},
{
"db": "PACKETSTORM",
"id": "144018"
}
],
"trust": 0.7
},
"title": {
"_id": null,
"data": "Apache Log4j Vulnerable to unreliable data deserialization",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-003152"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "arbitrary",
"sources": [
{
"db": "PACKETSTORM",
"id": "144347"
},
{
"db": "PACKETSTORM",
"id": "144358"
},
{
"db": "PACKETSTORM",
"id": "144360"
},
{
"db": "PACKETSTORM",
"id": "144013"
},
{
"db": "PACKETSTORM",
"id": "142856"
},
{
"db": "PACKETSTORM",
"id": "144018"
}
],
"trust": 0.6
}
}
WID-SEC-W-2024-2008
Vulnerability from csaf_certbund - Published: 2018-01-16 23:00 - Updated: 2024-09-02 22:00Summary
Oracle Virtualization: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Oracle Secure Global Desktop bietet einen sicheren Zugang zu zentralisierten, serverbasierten Windows, UNIX und "leagacy" Applikationen von verschiedenen Client-Geräten.
Oracle VM Virtual Box ist eine Virtualisierungsplattform, die das Host Betriebssystem beinhaltet.
Angriff: Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Secure Global Desktop und Oracle VM Virtual Box ausnutzen, um die Verfügbarkeit, Vertraulichkeit und Integrität zu gefährden.
Betroffene Betriebssysteme: - Linux
- UNIX
- Windows
Es existieren mehrere Schwachstellen in Oracle Secure Global Desktop und Oracle VM Virtual Box. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Secure Global Desktop 5.3
Oracle / Secure Global Desktop
|
cpe:/a:oracle:secure_global_desktop:5.3
|
5.3 | |
|
Oracle VM Virtual Box <5.2.6
Oracle / VM Virtual Box
|
<5.2.6 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Oracle VM Virtual Box <5.1.32
Oracle / VM Virtual Box
|
<5.1.32 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Es existieren mehrere Schwachstellen in Oracle Secure Global Desktop und Oracle VM Virtual Box. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Secure Global Desktop 5.3
Oracle / Secure Global Desktop
|
cpe:/a:oracle:secure_global_desktop:5.3
|
5.3 | |
|
Oracle VM Virtual Box <5.2.6
Oracle / VM Virtual Box
|
<5.2.6 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Oracle VM Virtual Box <5.1.32
Oracle / VM Virtual Box
|
<5.1.32 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Es existieren mehrere Schwachstellen in Oracle Secure Global Desktop und Oracle VM Virtual Box. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Secure Global Desktop 5.3
Oracle / Secure Global Desktop
|
cpe:/a:oracle:secure_global_desktop:5.3
|
5.3 | |
|
Oracle VM Virtual Box <5.2.6
Oracle / VM Virtual Box
|
<5.2.6 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Oracle VM Virtual Box <5.1.32
Oracle / VM Virtual Box
|
<5.1.32 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Es existieren mehrere Schwachstellen in Oracle Secure Global Desktop und Oracle VM Virtual Box. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Secure Global Desktop 5.3
Oracle / Secure Global Desktop
|
cpe:/a:oracle:secure_global_desktop:5.3
|
5.3 | |
|
Oracle VM Virtual Box <5.2.6
Oracle / VM Virtual Box
|
<5.2.6 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Oracle VM Virtual Box <5.1.32
Oracle / VM Virtual Box
|
<5.1.32 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Es existieren mehrere Schwachstellen in Oracle Secure Global Desktop und Oracle VM Virtual Box. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Secure Global Desktop 5.3
Oracle / Secure Global Desktop
|
cpe:/a:oracle:secure_global_desktop:5.3
|
5.3 | |
|
Oracle VM Virtual Box <5.2.6
Oracle / VM Virtual Box
|
<5.2.6 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Oracle VM Virtual Box <5.1.32
Oracle / VM Virtual Box
|
<5.1.32 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Es existieren mehrere Schwachstellen in Oracle Secure Global Desktop und Oracle VM Virtual Box. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Secure Global Desktop 5.3
Oracle / Secure Global Desktop
|
cpe:/a:oracle:secure_global_desktop:5.3
|
5.3 | |
|
Oracle VM Virtual Box <5.2.6
Oracle / VM Virtual Box
|
<5.2.6 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Oracle VM Virtual Box <5.1.32
Oracle / VM Virtual Box
|
<5.1.32 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Es existieren mehrere Schwachstellen in Oracle Secure Global Desktop und Oracle VM Virtual Box. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Secure Global Desktop 5.3
Oracle / Secure Global Desktop
|
cpe:/a:oracle:secure_global_desktop:5.3
|
5.3 | |
|
Oracle VM Virtual Box <5.2.6
Oracle / VM Virtual Box
|
<5.2.6 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Oracle VM Virtual Box <5.1.32
Oracle / VM Virtual Box
|
<5.1.32 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Es existieren mehrere Schwachstellen in Oracle Secure Global Desktop und Oracle VM Virtual Box. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Secure Global Desktop 5.3
Oracle / Secure Global Desktop
|
cpe:/a:oracle:secure_global_desktop:5.3
|
5.3 | |
|
Oracle VM Virtual Box <5.2.6
Oracle / VM Virtual Box
|
<5.2.6 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Oracle VM Virtual Box <5.1.32
Oracle / VM Virtual Box
|
<5.1.32 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Es existieren mehrere Schwachstellen in Oracle Secure Global Desktop und Oracle VM Virtual Box. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Secure Global Desktop 5.3
Oracle / Secure Global Desktop
|
cpe:/a:oracle:secure_global_desktop:5.3
|
5.3 | |
|
Oracle VM Virtual Box <5.2.6
Oracle / VM Virtual Box
|
<5.2.6 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Oracle VM Virtual Box <5.1.32
Oracle / VM Virtual Box
|
<5.1.32 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Es existieren mehrere Schwachstellen in Oracle Secure Global Desktop und Oracle VM Virtual Box. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Secure Global Desktop 5.3
Oracle / Secure Global Desktop
|
cpe:/a:oracle:secure_global_desktop:5.3
|
5.3 | |
|
Oracle VM Virtual Box <5.2.6
Oracle / VM Virtual Box
|
<5.2.6 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Oracle VM Virtual Box <5.1.32
Oracle / VM Virtual Box
|
<5.1.32 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Es existieren mehrere Schwachstellen in Oracle Secure Global Desktop und Oracle VM Virtual Box. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Secure Global Desktop 5.3
Oracle / Secure Global Desktop
|
cpe:/a:oracle:secure_global_desktop:5.3
|
5.3 | |
|
Oracle VM Virtual Box <5.2.6
Oracle / VM Virtual Box
|
<5.2.6 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Oracle VM Virtual Box <5.1.32
Oracle / VM Virtual Box
|
<5.1.32 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Es existieren mehrere Schwachstellen in Oracle Secure Global Desktop und Oracle VM Virtual Box. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Secure Global Desktop 5.3
Oracle / Secure Global Desktop
|
cpe:/a:oracle:secure_global_desktop:5.3
|
5.3 | |
|
Oracle VM Virtual Box <5.2.6
Oracle / VM Virtual Box
|
<5.2.6 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Oracle VM Virtual Box <5.1.32
Oracle / VM Virtual Box
|
<5.1.32 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Es existieren mehrere Schwachstellen in Oracle Secure Global Desktop und Oracle VM Virtual Box. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Secure Global Desktop 5.3
Oracle / Secure Global Desktop
|
cpe:/a:oracle:secure_global_desktop:5.3
|
5.3 | |
|
Oracle VM Virtual Box <5.2.6
Oracle / VM Virtual Box
|
<5.2.6 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Oracle VM Virtual Box <5.1.32
Oracle / VM Virtual Box
|
<5.1.32 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Es existieren mehrere Schwachstellen in Oracle Secure Global Desktop und Oracle VM Virtual Box. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Secure Global Desktop 5.3
Oracle / Secure Global Desktop
|
cpe:/a:oracle:secure_global_desktop:5.3
|
5.3 | |
|
Oracle VM Virtual Box <5.2.6
Oracle / VM Virtual Box
|
<5.2.6 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Oracle VM Virtual Box <5.1.32
Oracle / VM Virtual Box
|
<5.1.32 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
References
10 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Oracle Secure Global Desktop bietet einen sicheren Zugang zu zentralisierten, serverbasierten Windows, UNIX und \"leagacy\" Applikationen von verschiedenen Client-Ger\u00e4ten.\r\nOracle VM Virtual Box ist eine Virtualisierungsplattform, die das Host Betriebssystem beinhaltet.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Secure Global Desktop und Oracle VM Virtual Box ausnutzen, um die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-2008 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2018/wid-sec-w-2024-2008.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-2008 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-2008"
},
{
"category": "external",
"summary": "Oracle Critical Patch Update Advisory - Januar 2018 - Virtualization vom 2018-01-16",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixOVIR"
},
{
"category": "external",
"summary": "NetApp Security Advisory NTAP-20180117-0002 vom 2018-01-18",
"url": "https://security.netapp.com/advisory/ntap-20180117-0002/"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2018-0093 vom 2018-01-18",
"url": "http://linux.oracle.com/errata/ELSA-2018-0093.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2018-4012 vom 2018-01-19",
"url": "http://linux.oracle.com/errata/ELSA-2018-4012.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2018:1196 vom 2018-04-24",
"url": "https://access.redhat.com/errata/RHSA-2018:1196"
},
{
"category": "external",
"summary": "Oracle VM Server f\u00fcr x86 Bulletin - Juli 2019",
"url": "https://www.oracle.com/technetwork/topics/security/ovmbulletinjul2019-5600406.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-12605 vom 2024-09-02",
"url": "https://linux.oracle.com/errata/ELSA-2024-12605.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-12604 vom 2024-09-02",
"url": "https://linux.oracle.com/errata/ELSA-2024-12604.html"
}
],
"source_lang": "en-US",
"title": "Oracle Virtualization: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-09-02T22:00:00.000+00:00",
"generator": {
"date": "2024-09-03T08:16:47.014+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.6"
}
},
"id": "WID-SEC-W-2024-2008",
"initial_release_date": "2018-01-16T23:00:00.000+00:00",
"revision_history": [
{
"date": "2018-01-16T23:00:00.000+00:00",
"number": "1",
"summary": "Initial Release"
},
{
"date": "2018-01-16T23:00:00.000+00:00",
"number": "2",
"summary": "Version nicht vorhanden"
},
{
"date": "2018-01-17T23:00:00.000+00:00",
"number": "3",
"summary": "New remediations available"
},
{
"date": "2018-01-21T23:00:00.000+00:00",
"number": "4",
"summary": "New remediations available"
},
{
"date": "2018-02-11T23:00:00.000+00:00",
"number": "5",
"summary": "Added references"
},
{
"date": "2018-06-05T22:00:00.000+00:00",
"number": "6",
"summary": "Added references"
},
{
"date": "2024-09-02T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Oracle Linux aufgenommen"
}
],
"status": "final",
"version": "7"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "5.3",
"product": {
"name": "Oracle Secure Global Desktop 5.3",
"product_id": "T011009",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:secure_global_desktop:5.3"
}
}
}
],
"category": "product_name",
"name": "Secure Global Desktop"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c5.1.32",
"product": {
"name": "Oracle VM Virtual Box \u003c5.1.32",
"product_id": "T011675"
}
},
{
"category": "product_version",
"name": "5.1.32",
"product": {
"name": "Oracle VM Virtual Box 5.1.32",
"product_id": "T011675-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:vm_virtualbox:5.1.32"
}
}
},
{
"category": "product_version_range",
"name": "\u003c5.2.6",
"product": {
"name": "Oracle VM Virtual Box \u003c5.2.6",
"product_id": "T011676"
}
},
{
"category": "product_version",
"name": "5.2.6",
"product": {
"name": "Oracle VM Virtual Box 5.2.6",
"product_id": "T011676-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:vm_virtualbox:5.2.6"
}
}
}
],
"category": "product_name",
"name": "VM Virtual Box"
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-3735",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Oracle Secure Global Desktop und Oracle VM Virtual Box. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T011009",
"T011676",
"67646",
"T011675",
"T004914"
]
},
"release_date": "2018-01-16T23:00:00.000+00:00",
"title": "CVE-2017-3735"
},
{
"cve": "CVE-2017-3736",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Oracle Secure Global Desktop und Oracle VM Virtual Box. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T011009",
"T011676",
"67646",
"T011675",
"T004914"
]
},
"release_date": "2018-01-16T23:00:00.000+00:00",
"title": "CVE-2017-3736"
},
{
"cve": "CVE-2017-5645",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Oracle Secure Global Desktop und Oracle VM Virtual Box. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T011009",
"T011676",
"67646",
"T011675",
"T004914"
]
},
"release_date": "2018-01-16T23:00:00.000+00:00",
"title": "CVE-2017-5645"
},
{
"cve": "CVE-2017-5715",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Oracle Secure Global Desktop und Oracle VM Virtual Box. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T011009",
"T011676",
"67646",
"T011675",
"T004914"
]
},
"release_date": "2018-01-16T23:00:00.000+00:00",
"title": "CVE-2017-5715"
},
{
"cve": "CVE-2018-2676",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Oracle Secure Global Desktop und Oracle VM Virtual Box. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T011009",
"T011676",
"67646",
"T011675",
"T004914"
]
},
"release_date": "2018-01-16T23:00:00.000+00:00",
"title": "CVE-2018-2676"
},
{
"cve": "CVE-2018-2685",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Oracle Secure Global Desktop und Oracle VM Virtual Box. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T011009",
"T011676",
"67646",
"T011675",
"T004914"
]
},
"release_date": "2018-01-16T23:00:00.000+00:00",
"title": "CVE-2018-2685"
},
{
"cve": "CVE-2018-2686",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Oracle Secure Global Desktop und Oracle VM Virtual Box. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T011009",
"T011676",
"67646",
"T011675",
"T004914"
]
},
"release_date": "2018-01-16T23:00:00.000+00:00",
"title": "CVE-2018-2686"
},
{
"cve": "CVE-2018-2687",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Oracle Secure Global Desktop und Oracle VM Virtual Box. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T011009",
"T011676",
"67646",
"T011675",
"T004914"
]
},
"release_date": "2018-01-16T23:00:00.000+00:00",
"title": "CVE-2018-2687"
},
{
"cve": "CVE-2018-2688",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Oracle Secure Global Desktop und Oracle VM Virtual Box. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T011009",
"T011676",
"67646",
"T011675",
"T004914"
]
},
"release_date": "2018-01-16T23:00:00.000+00:00",
"title": "CVE-2018-2688"
},
{
"cve": "CVE-2018-2689",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Oracle Secure Global Desktop und Oracle VM Virtual Box. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T011009",
"T011676",
"67646",
"T011675",
"T004914"
]
},
"release_date": "2018-01-16T23:00:00.000+00:00",
"title": "CVE-2018-2689"
},
{
"cve": "CVE-2018-2690",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Oracle Secure Global Desktop und Oracle VM Virtual Box. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T011009",
"T011676",
"67646",
"T011675",
"T004914"
]
},
"release_date": "2018-01-16T23:00:00.000+00:00",
"title": "CVE-2018-2690"
},
{
"cve": "CVE-2018-2693",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Oracle Secure Global Desktop und Oracle VM Virtual Box. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T011009",
"T011676",
"67646",
"T011675",
"T004914"
]
},
"release_date": "2018-01-16T23:00:00.000+00:00",
"title": "CVE-2018-2693"
},
{
"cve": "CVE-2018-2694",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Oracle Secure Global Desktop und Oracle VM Virtual Box. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T011009",
"T011676",
"67646",
"T011675",
"T004914"
]
},
"release_date": "2018-01-16T23:00:00.000+00:00",
"title": "CVE-2018-2694"
},
{
"cve": "CVE-2018-2698",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Oracle Secure Global Desktop und Oracle VM Virtual Box. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T011009",
"T011676",
"67646",
"T011675",
"T004914"
]
},
"release_date": "2018-01-16T23:00:00.000+00:00",
"title": "CVE-2018-2698"
}
]
}
WID-SEC-W-2024-2181
Vulnerability from csaf_certbund - Published: 2020-07-14 22:00 - Updated: 2024-09-18 22:00Summary
Oracle Fusion Middleware: Mehrere Schwachstellen
Severity
Kritisch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Oracle Fusion Middleware bündelt mehrere Produkte zur Erstellung, Betrieb und Management von intelligenten Business Anwendungen.
Angriff: Ein Angreifer kann mehrere Schwachstellen in Oracle Fusion Middleware ausnutzen, um die Verfügbarkeit, Vertraulichkeit und Integrität zu gefährden.
Betroffene Betriebssysteme: - Linux
- UNIX
- Windows
In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
References
4 references
{
"document": {
"aggregate_severity": {
"text": "kritisch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Oracle Fusion Middleware b\u00fcndelt mehrere Produkte zur Erstellung, Betrieb und Management von intelligenten Business Anwendungen.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in Oracle Fusion Middleware ausnutzen, um die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-2181 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2020/wid-sec-w-2024-2181.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-2181 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-2181"
},
{
"category": "external",
"summary": "Oracle Critical Patch Update Advisory - July 2020 vom 2020-07-14",
"url": "https://www.oracle.com/security-alerts/cpujul2020.html#AppendixFMW"
},
{
"category": "external",
"summary": "CISA Known Exploited Vulnerabilities Catalog vom 2024-09-18",
"url": "https://www.cisa.gov/news-events/alerts/2024/09/18/cisa-adds-five-known-exploited-vulnerabilities-catalog"
}
],
"source_lang": "en-US",
"title": "Oracle Fusion Middleware: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-09-18T22:00:00.000+00:00",
"generator": {
"date": "2024-09-19T08:07:01.724+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.8"
}
},
"id": "WID-SEC-W-2024-2181",
"initial_release_date": "2020-07-14T22:00:00.000+00:00",
"revision_history": [
{
"date": "2020-07-14T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2024-09-18T22:00:00.000+00:00",
"number": "2",
"summary": "Aktive Ausnutzung gemeldet"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Oracle Fusion Middleware",
"product": {
"name": "Oracle Fusion Middleware",
"product_id": "T006198",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:fusion_middleware:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-5645",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T006198"
]
},
"release_date": "2020-07-14T22:00:00.000+00:00",
"title": "CVE-2017-5645"
},
{
"cve": "CVE-2018-11058",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T006198"
]
},
"release_date": "2020-07-14T22:00:00.000+00:00",
"title": "CVE-2018-11058"
},
{
"cve": "CVE-2018-6616",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T006198"
]
},
"release_date": "2020-07-14T22:00:00.000+00:00",
"title": "CVE-2018-6616"
},
{
"cve": "CVE-2018-8032",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T006198"
]
},
"release_date": "2020-07-14T22:00:00.000+00:00",
"title": "CVE-2018-8032"
},
{
"cve": "CVE-2019-0227",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T006198"
]
},
"release_date": "2020-07-14T22:00:00.000+00:00",
"title": "CVE-2019-0227"
},
{
"cve": "CVE-2019-12415",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T006198"
]
},
"release_date": "2020-07-14T22:00:00.000+00:00",
"title": "CVE-2019-12415"
},
{
"cve": "CVE-2019-12973",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T006198"
]
},
"release_date": "2020-07-14T22:00:00.000+00:00",
"title": "CVE-2019-12973"
},
{
"cve": "CVE-2019-14862",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T006198"
]
},
"release_date": "2020-07-14T22:00:00.000+00:00",
"title": "CVE-2019-14862"
},
{
"cve": "CVE-2019-16943",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T006198"
]
},
"release_date": "2020-07-14T22:00:00.000+00:00",
"title": "CVE-2019-16943"
},
{
"cve": "CVE-2019-17267",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T006198"
]
},
"release_date": "2020-07-14T22:00:00.000+00:00",
"title": "CVE-2019-17267"
},
{
"cve": "CVE-2019-17359",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T006198"
]
},
"release_date": "2020-07-14T22:00:00.000+00:00",
"title": "CVE-2019-17359"
},
{
"cve": "CVE-2019-17531",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T006198"
]
},
"release_date": "2020-07-14T22:00:00.000+00:00",
"title": "CVE-2019-17531"
},
{
"cve": "CVE-2019-17571",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T006198"
]
},
"release_date": "2020-07-14T22:00:00.000+00:00",
"title": "CVE-2019-17571"
},
{
"cve": "CVE-2019-20330",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T006198"
]
},
"release_date": "2020-07-14T22:00:00.000+00:00",
"title": "CVE-2019-20330"
},
{
"cve": "CVE-2020-10650",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T006198"
]
},
"release_date": "2020-07-14T22:00:00.000+00:00",
"title": "CVE-2020-10650"
},
{
"cve": "CVE-2020-10672",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T006198"
]
},
"release_date": "2020-07-14T22:00:00.000+00:00",
"title": "CVE-2020-10672"
},
{
"cve": "CVE-2020-10673",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T006198"
]
},
"release_date": "2020-07-14T22:00:00.000+00:00",
"title": "CVE-2020-10673"
},
{
"cve": "CVE-2020-10968",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T006198"
]
},
"release_date": "2020-07-14T22:00:00.000+00:00",
"title": "CVE-2020-10968"
},
{
"cve": "CVE-2020-10969",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T006198"
]
},
"release_date": "2020-07-14T22:00:00.000+00:00",
"title": "CVE-2020-10969"
},
{
"cve": "CVE-2020-11111",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T006198"
]
},
"release_date": "2020-07-14T22:00:00.000+00:00",
"title": "CVE-2020-11111"
},
{
"cve": "CVE-2020-11112",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T006198"
]
},
"release_date": "2020-07-14T22:00:00.000+00:00",
"title": "CVE-2020-11112"
},
{
"cve": "CVE-2020-11113",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T006198"
]
},
"release_date": "2020-07-14T22:00:00.000+00:00",
"title": "CVE-2020-11113"
},
{
"cve": "CVE-2020-11619",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T006198"
]
},
"release_date": "2020-07-14T22:00:00.000+00:00",
"title": "CVE-2020-11619"
},
{
"cve": "CVE-2020-11620",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T006198"
]
},
"release_date": "2020-07-14T22:00:00.000+00:00",
"title": "CVE-2020-11620"
},
{
"cve": "CVE-2020-14530",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T006198"
]
},
"release_date": "2020-07-14T22:00:00.000+00:00",
"title": "CVE-2020-14530"
},
{
"cve": "CVE-2020-14548",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T006198"
]
},
"release_date": "2020-07-14T22:00:00.000+00:00",
"title": "CVE-2020-14548"
},
{
"cve": "CVE-2020-14552",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T006198"
]
},
"release_date": "2020-07-14T22:00:00.000+00:00",
"title": "CVE-2020-14552"
},
{
"cve": "CVE-2020-14557",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T006198"
]
},
"release_date": "2020-07-14T22:00:00.000+00:00",
"title": "CVE-2020-14557"
},
{
"cve": "CVE-2020-14565",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T006198"
]
},
"release_date": "2020-07-14T22:00:00.000+00:00",
"title": "CVE-2020-14565"
},
{
"cve": "CVE-2020-14570",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T006198"
]
},
"release_date": "2020-07-14T22:00:00.000+00:00",
"title": "CVE-2020-14570"
},
{
"cve": "CVE-2020-14571",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T006198"
]
},
"release_date": "2020-07-14T22:00:00.000+00:00",
"title": "CVE-2020-14571"
},
{
"cve": "CVE-2020-14572",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T006198"
]
},
"release_date": "2020-07-14T22:00:00.000+00:00",
"title": "CVE-2020-14572"
},
{
"cve": "CVE-2020-14584",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T006198"
]
},
"release_date": "2020-07-14T22:00:00.000+00:00",
"title": "CVE-2020-14584"
},
{
"cve": "CVE-2020-14585",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T006198"
]
},
"release_date": "2020-07-14T22:00:00.000+00:00",
"title": "CVE-2020-14585"
},
{
"cve": "CVE-2020-14588",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T006198"
]
},
"release_date": "2020-07-14T22:00:00.000+00:00",
"title": "CVE-2020-14588"
},
{
"cve": "CVE-2020-14589",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T006198"
]
},
"release_date": "2020-07-14T22:00:00.000+00:00",
"title": "CVE-2020-14589"
},
{
"cve": "CVE-2020-14607",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T006198"
]
},
"release_date": "2020-07-14T22:00:00.000+00:00",
"title": "CVE-2020-14607"
},
{
"cve": "CVE-2020-14608",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T006198"
]
},
"release_date": "2020-07-14T22:00:00.000+00:00",
"title": "CVE-2020-14608"
},
{
"cve": "CVE-2020-14609",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T006198"
]
},
"release_date": "2020-07-14T22:00:00.000+00:00",
"title": "CVE-2020-14609"
},
{
"cve": "CVE-2020-14611",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T006198"
]
},
"release_date": "2020-07-14T22:00:00.000+00:00",
"title": "CVE-2020-14611"
},
{
"cve": "CVE-2020-14613",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T006198"
]
},
"release_date": "2020-07-14T22:00:00.000+00:00",
"title": "CVE-2020-14613"
},
{
"cve": "CVE-2020-14622",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T006198"
]
},
"release_date": "2020-07-14T22:00:00.000+00:00",
"title": "CVE-2020-14622"
},
{
"cve": "CVE-2020-14625",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T006198"
]
},
"release_date": "2020-07-14T22:00:00.000+00:00",
"title": "CVE-2020-14625"
},
{
"cve": "CVE-2020-14626",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T006198"
]
},
"release_date": "2020-07-14T22:00:00.000+00:00",
"title": "CVE-2020-14626"
},
{
"cve": "CVE-2020-14636",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T006198"
]
},
"release_date": "2020-07-14T22:00:00.000+00:00",
"title": "CVE-2020-14636"
},
{
"cve": "CVE-2020-14637",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T006198"
]
},
"release_date": "2020-07-14T22:00:00.000+00:00",
"title": "CVE-2020-14637"
},
{
"cve": "CVE-2020-14638",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T006198"
]
},
"release_date": "2020-07-14T22:00:00.000+00:00",
"title": "CVE-2020-14638"
},
{
"cve": "CVE-2020-14639",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T006198"
]
},
"release_date": "2020-07-14T22:00:00.000+00:00",
"title": "CVE-2020-14639"
},
{
"cve": "CVE-2020-14640",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T006198"
]
},
"release_date": "2020-07-14T22:00:00.000+00:00",
"title": "CVE-2020-14640"
},
{
"cve": "CVE-2020-14642",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T006198"
]
},
"release_date": "2020-07-14T22:00:00.000+00:00",
"title": "CVE-2020-14642"
},
{
"cve": "CVE-2020-14644",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T006198"
]
},
"release_date": "2020-07-14T22:00:00.000+00:00",
"title": "CVE-2020-14644"
},
{
"cve": "CVE-2020-14645",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T006198"
]
},
"release_date": "2020-07-14T22:00:00.000+00:00",
"title": "CVE-2020-14645"
},
{
"cve": "CVE-2020-14652",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T006198"
]
},
"release_date": "2020-07-14T22:00:00.000+00:00",
"title": "CVE-2020-14652"
},
{
"cve": "CVE-2020-14655",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T006198"
]
},
"release_date": "2020-07-14T22:00:00.000+00:00",
"title": "CVE-2020-14655"
},
{
"cve": "CVE-2020-14687",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T006198"
]
},
"release_date": "2020-07-14T22:00:00.000+00:00",
"title": "CVE-2020-14687"
},
{
"cve": "CVE-2020-14690",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T006198"
]
},
"release_date": "2020-07-14T22:00:00.000+00:00",
"title": "CVE-2020-14690"
},
{
"cve": "CVE-2020-14696",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T006198"
]
},
"release_date": "2020-07-14T22:00:00.000+00:00",
"title": "CVE-2020-14696"
},
{
"cve": "CVE-2020-14723",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T006198"
]
},
"release_date": "2020-07-14T22:00:00.000+00:00",
"title": "CVE-2020-14723"
},
{
"cve": "CVE-2020-1941",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T006198"
]
},
"release_date": "2020-07-14T22:00:00.000+00:00",
"title": "CVE-2020-1941"
},
{
"cve": "CVE-2020-1945",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T006198"
]
},
"release_date": "2020-07-14T22:00:00.000+00:00",
"title": "CVE-2020-1945"
},
{
"cve": "CVE-2020-2966",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T006198"
]
},
"release_date": "2020-07-14T22:00:00.000+00:00",
"title": "CVE-2020-2966"
},
{
"cve": "CVE-2020-2967",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T006198"
]
},
"release_date": "2020-07-14T22:00:00.000+00:00",
"title": "CVE-2020-2967"
},
{
"cve": "CVE-2020-5397",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T006198"
]
},
"release_date": "2020-07-14T22:00:00.000+00:00",
"title": "CVE-2020-5397"
},
{
"cve": "CVE-2020-5398",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T006198"
]
},
"release_date": "2020-07-14T22:00:00.000+00:00",
"title": "CVE-2020-5398"
},
{
"cve": "CVE-2020-6851",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T006198"
]
},
"release_date": "2020-07-14T22:00:00.000+00:00",
"title": "CVE-2020-6851"
},
{
"cve": "CVE-2020-8112",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T006198"
]
},
"release_date": "2020-07-14T22:00:00.000+00:00",
"title": "CVE-2020-8112"
},
{
"cve": "CVE-2020-9488",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T006198"
]
},
"release_date": "2020-07-14T22:00:00.000+00:00",
"title": "CVE-2020-9488"
},
{
"cve": "CVE-2020-9546",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T006198"
]
},
"release_date": "2020-07-14T22:00:00.000+00:00",
"title": "CVE-2020-9546"
},
{
"cve": "CVE-2020-9547",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T006198"
]
},
"release_date": "2020-07-14T22:00:00.000+00:00",
"title": "CVE-2020-9547"
},
{
"cve": "CVE-2020-9548",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T006198"
]
},
"release_date": "2020-07-14T22:00:00.000+00:00",
"title": "CVE-2020-9548"
}
]
}
WID-SEC-W-2025-1212
Vulnerability from csaf_certbund - Published: 2019-04-16 22:00 - Updated: 2025-06-02 22:00Summary
Oracle Communications Applications: Mehrere Schwachstellen
Severity
Mittel
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Mit der Unified Communications Suite bietet Oracle eine Messaging- und Collaboration-Plattform an.
Oracle Communications Policy Management ist ein Produkt von Oracle und vereint mehrere Bereiche der Kommunikation.
Oracle Communications Unified Inventory Management (UIM) ist eine offene, standardbasierte Anwendung, die eine Bestandsaufnahme von Kommunikationsdiensten und -ressourcen ermöglicht.
Angriff: Ein Angreifer kann mehrere Schwachstellen in Oracle Communications Applications ausnutzen, um dadurch die Integrität, Vertraulichkeit und Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme: - Linux
- UNIX
- Windows
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
References
5 references
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Mit der Unified Communications Suite bietet Oracle eine Messaging- und Collaboration-Plattform an.\r\nOracle Communications Policy Management ist ein Produkt von Oracle und vereint mehrere Bereiche der Kommunikation.\r\nOracle Communications Unified Inventory Management (UIM) ist eine offene, standardbasierte Anwendung, die eine Bestandsaufnahme von Kommunikationsdiensten und -ressourcen erm\u00f6glicht.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in Oracle Communications Applications ausnutzen, um dadurch die Integrit\u00e4t, Vertraulichkeit und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-1212 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2019/wid-sec-w-2025-1212.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-1212 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1212"
},
{
"category": "external",
"summary": "Oracle Critical Patch Update Advisory - April 2019 vom 2019-04-16",
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixCGBU"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-4218-1 vom 2019-12-11",
"url": "https://usn.ubuntu.com/4218-1/"
},
{
"category": "external",
"summary": "XEROX Security Advisory XRX25-012 vom 2025-06-02",
"url": "https://security.business.xerox.com/wp-content/uploads/2025/06/Xerox-Security-Bulletin-XRX25-012-for-Xerox-FreeFlow-Print-Server-v9.pdf"
}
],
"source_lang": "en-US",
"title": "Oracle Communications Applications: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-06-02T22:00:00.000+00:00",
"generator": {
"date": "2025-06-03T09:23:36.426+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.12"
}
},
"id": "WID-SEC-W-2025-1212",
"initial_release_date": "2019-04-16T22:00:00.000+00:00",
"revision_history": [
{
"date": "2019-04-16T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2019-04-17T22:00:00.000+00:00",
"number": "2",
"summary": "Schreibfehler korrigiert"
},
{
"date": "2019-12-10T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-06-02T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von XEROX aufgenommen"
}
],
"status": "final",
"version": "4"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "10",
"product": {
"name": "Oracle Communications EAGLE LNP Application Processor 10.0",
"product_id": "T014014",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0"
}
}
},
{
"category": "product_version",
"name": "10.1",
"product": {
"name": "Oracle Communications EAGLE LNP Application Processor 10.1",
"product_id": "T014015",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1"
}
}
},
{
"category": "product_version",
"name": "10.2",
"product": {
"name": "Oracle Communications EAGLE LNP Application Processor 10.2",
"product_id": "T014016",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2"
}
}
}
],
"category": "product_name",
"name": "Communications EAGLE LNP Application Processor"
},
{
"branches": [
{
"category": "product_version",
"name": "13.1",
"product": {
"name": "Oracle Communications LSMS 13.1",
"product_id": "T006217",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_lsms:13.1"
}
}
},
{
"category": "product_version",
"name": "13.2",
"product": {
"name": "Oracle Communications LSMS 13.2",
"product_id": "T014017",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_lsms:13.2"
}
}
},
{
"category": "product_version",
"name": "13.3",
"product": {
"name": "Oracle Communications LSMS 13.3",
"product_id": "T014018",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_lsms:13.3"
}
}
}
],
"category": "product_name",
"name": "Communications LSMS"
},
{
"branches": [
{
"category": "product_version",
"name": "8.1",
"product": {
"name": "Oracle Communications Messaging Server 8.1",
"product_id": "T014019",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_messaging_server:8.1"
}
}
},
{
"category": "product_version",
"name": "8",
"product": {
"name": "Oracle Communications Messaging Server 8.0",
"product_id": "T014020",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_messaging_server:8.0"
}
}
}
],
"category": "product_name",
"name": "Communications Messaging Server"
},
{
"branches": [
{
"category": "product_version",
"name": "12.2",
"product": {
"name": "Oracle Communications Policy Management 12.2",
"product_id": "T009732",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_policy_management:12.2"
}
}
},
{
"category": "product_version",
"name": "12.1",
"product": {
"name": "Oracle Communications Policy Management 12.1",
"product_id": "T014021",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_policy_management:12.1"
}
}
},
{
"category": "product_version",
"name": "12.3",
"product": {
"name": "Oracle Communications Policy Management 12.3",
"product_id": "T014022",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_policy_management:12.3"
}
}
},
{
"category": "product_version",
"name": "12.4",
"product": {
"name": "Oracle Communications Policy Management 12.4",
"product_id": "T014023",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_policy_management:12.4"
}
}
}
],
"category": "product_name",
"name": "Communications Policy Management"
},
{
"branches": [
{
"category": "product_version",
"name": "6",
"product": {
"name": "Oracle Communications Service Broker 6.0",
"product_id": "329193",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_service_broker:6.0"
}
}
}
],
"category": "product_name",
"name": "Communications Service Broker"
},
{
"branches": [
{
"category": "product_version",
"name": "8.2.0",
"product": {
"name": "Oracle Communications Session Border Controller 8.2.0",
"product_id": "T014024",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_session_border_controller:8.2.0"
}
}
},
{
"category": "product_version",
"name": "8.1.0",
"product": {
"name": "Oracle Communications Session Border Controller 8.1.0",
"product_id": "T014025",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_session_border_controller:8.1.0"
}
}
},
{
"category": "product_version",
"name": "8.0.0",
"product": {
"name": "Oracle Communications Session Border Controller 8.0.0",
"product_id": "T014026",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_session_border_controller:8.0.0"
}
}
}
],
"category": "product_name",
"name": "Communications Session Border Controller"
},
{
"branches": [
{
"category": "product_version",
"name": "3.1.0",
"product": {
"name": "Oracle Enterprise Communications Broker 3.1.0",
"product_id": "T014030",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:enterprise_communications_broker:3.1.0"
}
}
},
{
"category": "product_version",
"name": "3.0.0",
"product": {
"name": "Oracle Enterprise Communications Broker 3.0.0",
"product_id": "T014031",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:enterprise_communications_broker:3.0.0"
}
}
}
],
"category": "product_name",
"name": "Enterprise Communications Broker"
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "9",
"product": {
"name": "Xerox FreeFlow Print Server 9",
"product_id": "T002977",
"product_identification_helper": {
"cpe": "cpe:/a:xerox:freeflow_print_server:9"
}
}
}
],
"category": "product_name",
"name": "FreeFlow Print Server"
}
],
"category": "vendor",
"name": "Xerox"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "7.4.0",
"product": {
"name": "Oracle Communications Unified Inventory Management 7.4.0",
"product_id": "T013407",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_unified_inventory_management:7.4.0"
}
}
},
{
"category": "product_version",
"name": "7.3.5",
"product": {
"name": "Oracle Communications Unified Inventory Management 7.3.5",
"product_id": "T014027",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_unified_inventory_management:7.3.5"
}
}
},
{
"category": "product_version",
"name": "7.3.2",
"product": {
"name": "Oracle Communications Unified Inventory Management 7.3.2",
"product_id": "T014028",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_unified_inventory_management:7.3.2"
}
}
},
{
"category": "product_version",
"name": "7.3.4",
"product": {
"name": "Oracle Communications Unified Inventory Management 7.3.4",
"product_id": "T014029",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_unified_inventory_management:7.3.4"
}
}
}
],
"category": "product_name",
"name": "communications_unified_inventory_management"
}
],
"category": "vendor",
"name": "oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-9251",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2015-9251"
},
{
"cve": "CVE-2016-1000031",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2016-1000031"
},
{
"cve": "CVE-2016-1181",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2016-1181"
},
{
"cve": "CVE-2016-1182",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2016-1182"
},
{
"cve": "CVE-2016-7055",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2016-7055"
},
{
"cve": "CVE-2016-8735",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2016-8735"
},
{
"cve": "CVE-2017-0861",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2017-0861"
},
{
"cve": "CVE-2017-12617",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2017-12617"
},
{
"cve": "CVE-2017-15265",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2017-15265"
},
{
"cve": "CVE-2017-3730",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2017-3730"
},
{
"cve": "CVE-2017-3731",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2017-3731"
},
{
"cve": "CVE-2017-3732",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2017-3732"
},
{
"cve": "CVE-2017-3733",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2017-3733"
},
{
"cve": "CVE-2017-3735",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2017-3735"
},
{
"cve": "CVE-2017-3736",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2017-3736"
},
{
"cve": "CVE-2017-3738",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2017-3738"
},
{
"cve": "CVE-2017-5645",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2017-5645"
},
{
"cve": "CVE-2017-5664",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2017-5664"
},
{
"cve": "CVE-2017-5753",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2017-5753"
},
{
"cve": "CVE-2017-5754",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2017-5754"
},
{
"cve": "CVE-2017-7525",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2017-7525"
},
{
"cve": "CVE-2018-0732",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-0732"
},
{
"cve": "CVE-2018-0733",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-0733"
},
{
"cve": "CVE-2018-0734",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-0734"
},
{
"cve": "CVE-2018-0737",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-0737"
},
{
"cve": "CVE-2018-0739",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-0739"
},
{
"cve": "CVE-2018-1000004",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-1000004"
},
{
"cve": "CVE-2018-1000180",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-1000180"
},
{
"cve": "CVE-2018-1000613",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-1000613"
},
{
"cve": "CVE-2018-10901",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-10901"
},
{
"cve": "CVE-2018-11039",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-11039"
},
{
"cve": "CVE-2018-11040",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-11040"
},
{
"cve": "CVE-2018-11218",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-11218"
},
{
"cve": "CVE-2018-11219",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-11219"
},
{
"cve": "CVE-2018-11236",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-11236"
},
{
"cve": "CVE-2018-11237",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-11237"
},
{
"cve": "CVE-2018-11784",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-11784"
},
{
"cve": "CVE-2018-12384",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-12384"
},
{
"cve": "CVE-2018-12404",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-12404"
},
{
"cve": "CVE-2018-1257",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-1257"
},
{
"cve": "CVE-2018-1258",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-1258"
},
{
"cve": "CVE-2018-16864",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-16864"
},
{
"cve": "CVE-2018-16865",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-16865"
},
{
"cve": "CVE-2018-16890",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-16890"
},
{
"cve": "CVE-2018-3620",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-3620"
},
{
"cve": "CVE-2018-3646",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-3646"
},
{
"cve": "CVE-2018-3693",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-3693"
},
{
"cve": "CVE-2018-6485",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-6485"
},
{
"cve": "CVE-2018-7489",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-7489"
},
{
"cve": "CVE-2018-7566",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-7566"
},
{
"cve": "CVE-2019-3822",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2019-3822"
},
{
"cve": "CVE-2019-3823",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2019-3823"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…