Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2022-2048 (GCVE-0-2022-2048)
Vulnerability from cvelistv5 – Published: 2022-07-07 20:35 – Updated: 2024-08-03 00:24
VLAI
EPSS
Summary
In Eclipse Jetty HTTP/2 server implementation, when encountering an invalid HTTP/2 request, the error handling has a bug that can wind up not properly cleaning up the active connections and associated resources. This can lead to a Denial of Service scenario where there are no enough resources left to process good requests.
Severity
7.5 (High)
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://github.com/eclipse/jetty.project/security… | x_refsource_CONFIRM |
| https://www.debian.org/security/2022/dsa-5198 | vendor-advisoryx_refsource_DEBIAN |
| https://lists.debian.org/debian-lts-announce/2022… | mailing-listx_refsource_MLIST |
| https://security.netapp.com/advisory/ntap-2022090… | x_refsource_CONFIRM |
| http://www.openwall.com/lists/oss-security/2022/09/09/2 | mailing-listx_refsource_MLIST |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| The Eclipse Foundation | Eclipse Jetty |
Affected:
9.4.0 , < unspecified
(custom)
Affected: unspecified , ≤ 9.4.46 (custom) Affected: 10.0.0 , < unspecified (custom) Affected: unspecified , ≤ 10.0.9 (custom) Affected: 11.0.0 , < unspecified (custom) Affected: unspecified , ≤ 11.0.9 (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T00:24:43.964Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-wgmr-mf83-7x4j"
},
{
"name": "DSA-5198",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5198"
},
{
"name": "[debian-lts-announce] 20220821 [SECURITY] [DLA 3079-1] jetty9 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00011.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20220901-0006/"
},
{
"name": "[oss-security] 20220909 Vulnerability in Jenkins",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2022/09/09/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Eclipse Jetty",
"vendor": "The Eclipse Foundation",
"versions": [
{
"lessThan": "unspecified",
"status": "affected",
"version": "9.4.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "9.4.46",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "10.0.9",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.0.9",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Eclipse Jetty HTTP/2 server implementation, when encountering an invalid HTTP/2 request, the error handling has a bug that can wind up not properly cleaning up the active connections and associated resources. This can lead to a Denial of Service scenario where there are no enough resources left to process good requests."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-410",
"description": "CWE-410",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-664",
"description": "CWE-664",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-09T14:06:11.000Z",
"orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
"shortName": "eclipse"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-wgmr-mf83-7x4j"
},
{
"name": "DSA-5198",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2022/dsa-5198"
},
{
"name": "[debian-lts-announce] 20220821 [SECURITY] [DLA 3079-1] jetty9 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00011.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20220901-0006/"
},
{
"name": "[oss-security] 20220909 Vulnerability in Jenkins",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2022/09/09/2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@eclipse.org",
"ID": "CVE-2022-2048",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Eclipse Jetty",
"version": {
"version_data": [
{
"version_affected": "\u003e=",
"version_value": "9.4.0"
},
{
"version_affected": "\u003c=",
"version_value": "9.4.46"
},
{
"version_affected": "\u003e=",
"version_value": "10.0.0"
},
{
"version_affected": "\u003c=",
"version_value": "10.0.9"
},
{
"version_affected": "\u003e=",
"version_value": "11.0.0"
},
{
"version_affected": "\u003c=",
"version_value": "11.0.9"
}
]
}
}
]
},
"vendor_name": "The Eclipse Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Eclipse Jetty HTTP/2 server implementation, when encountering an invalid HTTP/2 request, the error handling has a bug that can wind up not properly cleaning up the active connections and associated resources. This can lead to a Denial of Service scenario where there are no enough resources left to process good requests."
}
]
},
"impact": {
"cvss": {
"baseScore": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-410"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-664"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-wgmr-mf83-7x4j",
"refsource": "CONFIRM",
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-wgmr-mf83-7x4j"
},
{
"name": "DSA-5198",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2022/dsa-5198"
},
{
"name": "[debian-lts-announce] 20220821 [SECURITY] [DLA 3079-1] jetty9 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00011.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20220901-0006/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20220901-0006/"
},
{
"name": "[oss-security] 20220909 Vulnerability in Jenkins",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2022/09/09/2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
"assignerShortName": "eclipse",
"cveId": "CVE-2022-2048",
"datePublished": "2022-07-07T20:35:09.000Z",
"dateReserved": "2022-06-09T00:00:00.000Z",
"dateUpdated": "2024-08-03T00:24:43.964Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2022-2048",
"date": "2026-05-29",
"epss": "0.00668",
"percentile": "0.7162"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2022-2048\",\"sourceIdentifier\":\"emo@eclipse.org\",\"published\":\"2022-07-07T21:15:10.150\",\"lastModified\":\"2024-11-21T07:00:13.980\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In Eclipse Jetty HTTP/2 server implementation, when encountering an invalid HTTP/2 request, the error handling has a bug that can wind up not properly cleaning up the active connections and associated resources. This can lead to a Denial of Service scenario where there are no enough resources left to process good requests.\"},{\"lang\":\"es\",\"value\":\"En la implementaci\u00f3n del servidor Eclipse Jetty HTTP/2, cuando es encontrada una petici\u00f3n HTTP/2 no v\u00e1lida, el manejo de errores presenta un error que puede terminar por no limpiar apropiadamente las conexiones activas y los recursos asociados. Esto puede conllevar a un escenario de denegaci\u00f3n de servicio en el que no queden recursos suficientes para procesar las peticiones buenas\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"emo@eclipse.org\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"emo@eclipse.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-410\"},{\"lang\":\"en\",\"value\":\"CWE-664\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"9.4.47\",\"matchCriteriaId\":\"A055068C-4D71-4DDD-AEFF-E39982FD8DC7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.0.0\",\"versionEndExcluding\":\"10.0.9\",\"matchCriteriaId\":\"DB90B12D-86AF-4A9F-8C44-0213FA056919\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.0.0\",\"versionEndExcluding\":\"11.0.9\",\"matchCriteriaId\":\"FC65CE45-D006-4A65-81EA-B7D0397DCA2B\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA6FEEC2-9F11-4643-8827-749718254FED\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:element_plug-in_for_vcenter_server:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"214712B6-59AF-4B5E-84BF-AF3C74A390EA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:management_services_for_element_software_and_netapp_hci:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FDAC85F0-93AF-4BE3-AE1A-8ADAF1CDF9AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BDFB1169-41A0-4A86-8E4F-FDA9730B1E94\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:solidfire_\\\\\u0026_hci_storage_node:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D452B464-1200-4B72-9A89-42DC58486191\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD7447BC-F315-4298-A822-549942FC118B\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.263\",\"matchCriteriaId\":\"FB750FC4-A7B8-464B-9CF1-02BAC0A5121B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*\",\"versionEndExcluding\":\"2.361.1\",\"matchCriteriaId\":\"F1570EF2-F7AD-4D7A-B13C-5F729E218E0F\"}]}]}],\"references\":[{\"url\":\"http://www.openwall.com/lists/oss-security/2022/09/09/2\",\"source\":\"emo@eclipse.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/eclipse/jetty.project/security/advisories/GHSA-wgmr-mf83-7x4j\",\"source\":\"emo@eclipse.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2022/08/msg00011.html\",\"source\":\"emo@eclipse.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20220901-0006/\",\"source\":\"emo@eclipse.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2022/dsa-5198\",\"source\":\"emo@eclipse.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2022/09/09/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/eclipse/jetty.project/security/advisories/GHSA-wgmr-mf83-7x4j\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2022/08/msg00011.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20220901-0006/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2022/dsa-5198\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
}
}
RHSA-2023:0189
Vulnerability from csaf_redhat - Published: 2023-01-17 11:47 - Updated: 2026-03-27 00:56Summary
Red Hat Security Advisory: Red Hat AMQ Streams 2.3.0 release and security update
Severity
Moderate
Notes
Topic: Red Hat AMQ Streams 2.3.0 is now available from the Red Hat Customer Portal.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency.
This release of Red Hat AMQ Streams 2.3.0 serves as a replacement for Red Hat AMQ Streams 2.2.0, and includes security and bug fixes, and enhancements.
Security Fix(es):
* http2-server: Invalid HTTP/2 requests cause DoS (CVE-2022-2048)
* jetty-server: Improper release of ByteBuffers in SslConnections (CVE-2022-2191)
* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)
* jackson-databind: use of deeply nested arrays (CVE-2022-42004)
* jetty-http: improver hostname input handling (CVE-2022-2047)
* snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode (CVE-2022-38752)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Eclipse Jetty. When parsing the authority segment of an HTTP scheme URI, the Jetty HttpURI class improperly detects an invalid input as a hostname. This issue can lead to failures in a Proxy scenario.
CWE-20 - Improper Input ValidationAffected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat AMQ Streams 2.3.0
Red Hat / Red Hat JBoss AMQ
|
cpe:/a:redhat:amq_streams:2
|
— |
Vendor Fix
fix
|
Threats
Impact
Low
A flaw was found in the Eclipse Jetty http2-server package. This flaw allows an attacker to cause a denial of service in the server via HTTP/2 requests.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat AMQ Streams 2.3.0
Red Hat / Red Hat JBoss AMQ
|
cpe:/a:redhat:amq_streams:2
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the Jetty-server package. This flaw allows an attacker to send invalid requests, causing a denial of service in the Jetty Server.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat AMQ Streams 2.3.0
Red Hat / Red Hat JBoss AMQ
|
cpe:/a:redhat:amq_streams:2
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.
6.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat AMQ Streams 2.3.0
Red Hat / Red Hat JBoss AMQ
|
cpe:/a:redhat:amq_streams:2
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat AMQ Streams 2.3.0
Red Hat / Red Hat JBoss AMQ
|
cpe:/a:redhat:amq_streams:2
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat AMQ Streams 2.3.0
Red Hat / Red Hat JBoss AMQ
|
cpe:/a:redhat:amq_streams:2
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
38 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat AMQ Streams 2.3.0 is now available from the Red Hat Customer Portal.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency. \n\nThis release of Red Hat AMQ Streams 2.3.0 serves as a replacement for Red Hat AMQ Streams 2.2.0, and includes security and bug fixes, and enhancements.\n\nSecurity Fix(es):\n\n* http2-server: Invalid HTTP/2 requests cause DoS (CVE-2022-2048)\n\n* jetty-server: Improper release of ByteBuffers in SslConnections (CVE-2022-2191)\n\n* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)\n\n* jackson-databind: use of deeply nested arrays (CVE-2022-42004)\n\n* jetty-http: improver hostname input handling (CVE-2022-2047)\n\n* snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode (CVE-2022-38752)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:0189",
"url": "https://access.redhat.com/errata/RHSA-2023:0189"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=jboss.amq.streams\u0026version=2.3.0",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=jboss.amq.streams\u0026version=2.3.0"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_amq_streams/2.3",
"url": "https://access.redhat.com/documentation/en-us/red_hat_amq_streams/2.3"
},
{
"category": "external",
"summary": "2116949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2116949"
},
{
"category": "external",
"summary": "2116952",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2116952"
},
{
"category": "external",
"summary": "2116953",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2116953"
},
{
"category": "external",
"summary": "2129710",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129710"
},
{
"category": "external",
"summary": "2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0189.json"
}
],
"title": "Red Hat Security Advisory: Red Hat AMQ Streams 2.3.0 release and security update",
"tracking": {
"current_release_date": "2026-03-27T00:56:02+00:00",
"generator": {
"date": "2026-03-27T00:56:02+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.4"
}
},
"id": "RHSA-2023:0189",
"initial_release_date": "2023-01-17T11:47:38+00:00",
"revision_history": [
{
"date": "2023-01-17T11:47:38+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-01-17T11:47:38+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-03-27T00:56:02+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat AMQ Streams 2.3.0",
"product": {
"name": "Red Hat AMQ Streams 2.3.0",
"product_id": "Red Hat AMQ Streams 2.3.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:amq_streams:2"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss AMQ"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-2047",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2022-08-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2116949"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Eclipse Jetty. When parsing the authority segment of an HTTP scheme URI, the Jetty HttpURI class improperly detects an invalid input as a hostname. This issue can lead to failures in a Proxy scenario.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jetty-http: improver hostname input handling",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In Red Hat Satellite jetty was used to build index files to search documentation. Nowadays in Satellite 6.9 and 6.10 jetty dependency is not in use and there is no access to it, so there is no way this vulnerability can be exploitable. Therefore Satellite supported versions are not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ Streams 2.3.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-2047"
},
{
"category": "external",
"summary": "RHBZ#2116949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2116949"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-2047",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2047"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-2047",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2047"
},
{
"category": "external",
"summary": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-cj7v-27pg-wf7q",
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-cj7v-27pg-wf7q"
}
],
"release_date": "2022-07-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-17T11:47:38+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ Streams 2.3.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0189"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 2.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat AMQ Streams 2.3.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jetty-http: improver hostname input handling"
},
{
"cve": "CVE-2022-2048",
"cwe": {
"id": "CWE-410",
"name": "Insufficient Resource Pool"
},
"discovery_date": "2022-08-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2116952"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Eclipse Jetty http2-server package. This flaw allows an attacker to cause a denial of service in the server via HTTP/2 requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "http2-server: Invalid HTTP/2 requests cause DoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ Streams 2.3.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-2048"
},
{
"category": "external",
"summary": "RHBZ#2116952",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2116952"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-2048",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2048"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-2048",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2048"
},
{
"category": "external",
"summary": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-wgmr-mf83-7x4j",
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-wgmr-mf83-7x4j"
}
],
"release_date": "2022-07-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-17T11:47:38+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ Streams 2.3.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0189"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AMQ Streams 2.3.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "http2-server: Invalid HTTP/2 requests cause DoS"
},
{
"cve": "CVE-2022-2191",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"discovery_date": "2022-08-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2116953"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Jetty-server package. This flaw allows an attacker to send invalid requests, causing a denial of service in the Jetty Server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jetty-server: Improper release of ByteBuffers in SslConnections",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In Red Hat Satellite 6.9 we are using 9.4.x or below of jetty-server. Red Hat Satellite 6.10 is not using jetty-server anymore. This flaw only affects versions above 10.0.x or 11.0.x of jetty-server, therefore Red Hat Satellite 6.9 or 6.10 are not impacted by this vulnerability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ Streams 2.3.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-2191"
},
{
"category": "external",
"summary": "RHBZ#2116953",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2116953"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-2191",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2191"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-2191",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2191"
},
{
"category": "external",
"summary": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-8mpp-f3f7-xc28",
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-8mpp-f3f7-xc28"
}
],
"release_date": "2022-07-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-17T11:47:38+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ Streams 2.3.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0189"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AMQ Streams 2.3.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jetty-server: Improper release of ByteBuffers in SslConnections"
},
{
"cve": "CVE-2022-38752",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129710"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ Streams 2.3.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38752"
},
{
"category": "external",
"summary": "RHBZ#2129710",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129710"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38752",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38752"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38752",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38752"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-17T11:47:38+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ Streams 2.3.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0189"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AMQ Streams 2.3.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode"
},
{
"cve": "CVE-2022-42003",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135244"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ Streams 2.3.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42003"
},
{
"category": "external",
"summary": "RHBZ#2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-17T11:47:38+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ Streams 2.3.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0189"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AMQ Streams 2.3.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS"
},
{
"cve": "CVE-2022-42004",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135247"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: use of deeply nested arrays",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ Streams 2.3.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42004"
},
{
"category": "external",
"summary": "RHBZ#2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-17T11:47:38+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ Streams 2.3.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0189"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AMQ Streams 2.3.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: use of deeply nested arrays"
}
]
}
RHSA-2023:0777
Vulnerability from csaf_redhat - Published: 2023-02-23 00:01 - Updated: 2026-05-14 22:32Summary
Red Hat Security Advisory: OpenShift Container Platform 4.9.56 security update
Severity
Critical
Notes
Topic: Red Hat OpenShift Container Platform release 4.9.56 is now available with updates to packages and images that fix several bugs and add enhancements.
This release includes a security update for Red Hat OpenShift Container Platform 4.9.
Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.9.56. See the following advisory for the container images for this release:
https://access.redhat.com/errata/RHSA-2023:0778
Security Fix(es):
* jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin (CVE-2022-43401)
* jenkins-plugin/workflow-cps: Sandbox bypass vulnerabilities in Pipeline: Groovy Plugin (CVE-2022-43402)
* jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin (CVE-2022-43403)
* jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin (CVE-2022-43404)
* jenkins-plugin/pipeline-groovy-lib: Sandbox bypass vulnerability in Pipeline: Groovy Libraries Plugin (CVE-2022-43405)
* jenkins-plugin/workflow-cps-global-lib: Sandbox bypass vulnerability in Pipeline: Deprecated Groovy Libraries Plugin (CVE-2022-43406)
* google-oauth-client: missing PKCE support in accordance with the RFC for OAuth 2.0 for Native Apps can lead to improper authorization (CVE-2020-7692)
* SnakeYaml: Constructor Deserialization Remote Code Execution (CVE-2022-1471)
* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)
* jenkins-plugin/pipeline-input-step: CSRF protection for any URL can be bypassed in Pipeline: Input Step Plugin (CVE-2022-43407)
* mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)
* jenkins-plugin/script-security: Whole-script approval in Script Security Plugin vulnerable to SHA-1 collisions (CVE-2022-45379)
* jenkins-plugin/JUnit: Stored XSS vulnerability in JUnit Plugin (CVE-2022-45380)
* jenkins-plugin/pipeline-utility-steps: Arbitrary file read vulnerability in Pipeline Utility Steps Plugin (CVE-2022-45381)
* http2-server: Invalid HTTP/2 requests cause DoS (CVE-2022-2048)
* Jenkins plugin: CSRF vulnerability in Script Security Plugin (CVE-2022-30946)
* Jenkins plugin: User-scoped credentials exposed to other users by Pipeline SCM API for Blue Ocean Plugin (CVE-2022-30952)
* Jenkins plugin: CSRF vulnerability in Blue Ocean Plugin (CVE-2022-30953)
* Jenkins plugin: missing permission checks in Blue Ocean Plugin (CVE-2022-30954)
* jenkins: Observable timing discrepancy allows determining username validity (CVE-2022-34174)
* jenkins-plugin: Cross-site Request Forgery (CSRF) in org.jenkins-ci.plugins:git (CVE-2022-36882)
* jenkins plugin: Lack of authentication mechanism in Git Plugin webhook (CVE-2022-36883)
* jenkins plugin: Lack of authentication mechanism in Git Plugin webhook (CVE-2022-36884)
* jenkins plugin: Non-constant time webhook signature comparison in GitHub Plugin (CVE-2022-36885)
* jenkins-plugin/pipeline-stage-view: CSRF protection for any URL can be bypassed in Pipeline: Stage View Plugin (CVE-2022-43408)
* jenkins-plugin/workflow-support: Stored XSS vulnerability in Pipeline: Supporting APIs Plugin (CVE-2022-43409)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
All OpenShift Container Platform 4.9 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.9/updating/updating-cluster-cli.html
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
PKCE support is not implemented in accordance with the RFC for OAuth 2.0 for Native Apps. Without the use of PKCE, the authorization code returned by an authorization server is not enough to guarantee that the client that issued the initial authorization request is the one that will be authorized. An attacker is able to obtain the authorization code using a malicious app on the client-side and use it to gain authorization to the protected resource. This affects the package com.google.oauth-client:google-oauth-client before 1.31.0.
7.4 (High)
Affected products
Fixed
2 products
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src | — |
Threats
Impact
Moderate
A flaw was found in the SnakeYaml package. This flaw allows an attacker to benefit from remote code execution by sending malicious YAML content and this content being deserialized by the constructor. Deserialization is unsafe and leads to Remote Code Execution (RCE).
9.8 (Critical)
Affected products
Fixed
2 products
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src | — |
Threats
Impact
Important
A flaw was found in the Eclipse Jetty http2-server package. This flaw allows an attacker to cause a denial of service in the server via HTTP/2 requests.
7.5 (High)
Affected products
Fixed
2 products
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src | — |
Threats
Impact
Moderate
A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.
7.5 (High)
Affected products
Fixed
2 products
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src | — |
Threats
Impact
Important
A cross-site request forgery (CSRF) vulnerability in Jenkins Script Security Plugin 1158.v7c1b_73a_69a_08 and earlier allows attackers to have Jenkins send an HTTP request to an attacker-specified webserver.
4.3 (Medium)
Affected products
Fixed
2 products
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src | — |
Threats
Impact
Moderate
Jenkins Pipeline SCM API for Blue Ocean Plugin 1.25.3 and earlier allows attackers with Job/Configure permission to access credentials with attacker-specified IDs stored in the private per-user credentials stores of any attacker-specified user in Jenkins.
6.5 (Medium)
Affected products
Fixed
2 products
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src | — |
Threats
Impact
Moderate
A cross-site request forgery (CSRF) vulnerability in Jenkins Blue Ocean Plugin 1.25.3 and earlier allows attackers to connect to an attacker-specified HTTP server.
6.5 (Medium)
Affected products
Fixed
2 products
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src | — |
Threats
Impact
Moderate
Jenkins Blue Ocean Plugin 1.25.3 and earlier does not perform a permission check in several HTTP endpoints, allowing attackers with Overall/Read permission to connect to an attacker-specified HTTP server.
6.5 (Medium)
Affected products
Fixed
2 products
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src | — |
Threats
Impact
Moderate
In Jenkins 2.355 and earlier, LTS 2.332.3 and earlier, an observable timing discrepancy on the login form allows distinguishing between login attempts with an invalid username, and login attempts with a valid username and wrong password, when using the Jenkins user database security realm.
7.5 (High)
Affected products
Fixed
2 products
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src | — |
Threats
Impact
Moderate
A flaw was found in the Git Jenkins plugin. The affected versions of the Git Jenkins Plugin allow attackers to trigger the builds of jobs configured to use an attacker-specified Git repository and to cause them to check out an attacker-specified commit.
8.8 (High)
Affected products
Fixed
2 products
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src | — |
Threats
Impact
Moderate
A missing permission check in Jenkins Git Plugin 4.11.3 and earlier allows unauthenticated attackers to trigger builds of jobs configured to use an attacker-specified Git repository and to cause them to check out an attacker-specified commit.
7.5 (High)
Affected products
Fixed
2 products
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src | — |
Threats
Impact
Moderate
The webhook endpoint in Jenkins Git Plugin 4.11.3 and earlier provide unauthenticated attackers information about the existence of jobs configured to use an attacker-specified Git repository.
5.3 (Medium)
Affected products
Fixed
2 products
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src | — |
Threats
Impact
Moderate
Jenkins GitHub Plugin 1.34.4 and earlier uses a non-constant time comparison function when checking whether the provided and computed webhook signatures are equal, allowing attackers to use statistical methods to obtain a valid webhook signature.
5.3 (Medium)
Affected products
Fixed
2 products
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src | — |
Threats
Impact
Moderate
A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.
9.9 (Critical)
Affected products
Fixed
2 products
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src | — |
Threats
Impact
Critical
A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.
9.9 (Critical)
Affected products
Fixed
2 products
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src | — |
Threats
Impact
Critical
A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.
9.9 (Critical)
Affected products
Fixed
2 products
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src | — |
Threats
Impact
Critical
A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.
9.9 (Critical)
Affected products
Fixed
2 products
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src | — |
Threats
Impact
Critical
A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.
9.9 (Critical)
Affected products
Fixed
2 products
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src | — |
Threats
Impact
Critical
A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.
9.9 (Critical)
Affected products
Fixed
2 products
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src | — |
Threats
Impact
Critical
A cross-site request forgery (CSRF) vulnerability was found in a Jenkins plugin. This issue may allow an unauthenticated attacker to access Jenkins builds, bypassing CSRF protections. This could compromise the integrity, availability, and confidentiality of Jenkins.
8.8 (High)
Affected products
Fixed
2 products
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src | — |
Threats
Impact
Important
A Cross-site request forgery (CSRF) vulnerability was found in a Jenkins plugin. This issue may allow an authenticated attacker to access Jenkins builds, bypassing CSRF protections.
5.7 (Medium)
Affected products
Fixed
2 products
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src | — |
Threats
Impact
Moderate
A Cross-site scripting (XSS) vulnerability was found in a Jenkins plugin. This issue may allow an authenticated remote attacker to create Pipelines.
5.4 (Medium)
Affected products
Fixed
2 products
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src | — |
Threats
Impact
Moderate
A flaw was found in Apache MINA SSHD, when using Java deserialization to load a serialized java.security.PrivateKey. An attacker could benefit from unsafe deserialization by inserting unsecured data that may affect the application or server.
9.8 (Critical)
Affected products
Fixed
2 products
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src | — |
Workaround
|
Threats
Impact
Important
A flaw was found in the script-security Jenkins Plugin. SHA-1 no longer meets the security standards for producing a cryptographically secure message digest. The affected version of the script-security Plugin stores whole-script approvals as the SHA-1 hash of the approved script.
8.0 (High)
Affected products
Fixed
2 products
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src | — |
Threats
Impact
Important
A flaw was found in the JUnit Jenkins Plugin. The affected version of the JUnit plugin converts HTTP(S) URLs in test report output to clickable links, which leads to a stored Cross-site scripting (XSS) attack.
8.0 (High)
Affected products
Fixed
2 products
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src | — |
Threats
Impact
Important
A flaw was found in the Pipeline Utility Steps Jenkins Plugin. The affected version of the Pipeline Utility Steps Plugin does not restrict the set of enabled prefix interpolators and bundles versions of this library that enable the file: prefix interpolator by default. This flaw allows attackers who can configure Pipelines to read arbitrary files from the Jenkins controller file system.
8.1 (High)
Affected products
Fixed
2 products
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src | — |
Threats
Impact
Important
References
152 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Container Platform release 4.9.56 is now available with updates to packages and images that fix several bugs and add enhancements.\n\nThis release includes a security update for Red Hat OpenShift Container Platform 4.9.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.\n\nThis advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.9.56. See the following advisory for the container images for this release:\n\nhttps://access.redhat.com/errata/RHSA-2023:0778\n\nSecurity Fix(es):\n\n* jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin (CVE-2022-43401)\n\n* jenkins-plugin/workflow-cps: Sandbox bypass vulnerabilities in Pipeline: Groovy Plugin (CVE-2022-43402)\n\n* jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin (CVE-2022-43403)\n\n* jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin (CVE-2022-43404)\n\n* jenkins-plugin/pipeline-groovy-lib: Sandbox bypass vulnerability in Pipeline: Groovy Libraries Plugin (CVE-2022-43405)\n\n* jenkins-plugin/workflow-cps-global-lib: Sandbox bypass vulnerability in Pipeline: Deprecated Groovy Libraries Plugin (CVE-2022-43406)\n\n* google-oauth-client: missing PKCE support in accordance with the RFC for OAuth 2.0 for Native Apps can lead to improper authorization (CVE-2020-7692)\n\n* SnakeYaml: Constructor Deserialization Remote Code Execution (CVE-2022-1471)\n\n* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)\n\n* jenkins-plugin/pipeline-input-step: CSRF protection for any URL can be bypassed in Pipeline: Input Step Plugin (CVE-2022-43407)\n\n* mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)\n\n* jenkins-plugin/script-security: Whole-script approval in Script Security Plugin vulnerable to SHA-1 collisions (CVE-2022-45379)\n\n* jenkins-plugin/JUnit: Stored XSS vulnerability in JUnit Plugin (CVE-2022-45380)\n\n* jenkins-plugin/pipeline-utility-steps: Arbitrary file read vulnerability in Pipeline Utility Steps Plugin (CVE-2022-45381)\n\n* http2-server: Invalid HTTP/2 requests cause DoS (CVE-2022-2048)\n\n* Jenkins plugin: CSRF vulnerability in Script Security Plugin (CVE-2022-30946)\n\n* Jenkins plugin: User-scoped credentials exposed to other users by Pipeline SCM API for Blue Ocean Plugin (CVE-2022-30952)\n\n* Jenkins plugin: CSRF vulnerability in Blue Ocean Plugin (CVE-2022-30953)\n\n* Jenkins plugin: missing permission checks in Blue Ocean Plugin (CVE-2022-30954)\n\n* jenkins: Observable timing discrepancy allows determining username validity (CVE-2022-34174)\n\n* jenkins-plugin: Cross-site Request Forgery (CSRF) in org.jenkins-ci.plugins:git (CVE-2022-36882)\n\n* jenkins plugin: Lack of authentication mechanism in Git Plugin webhook (CVE-2022-36883)\n\n* jenkins plugin: Lack of authentication mechanism in Git Plugin webhook (CVE-2022-36884)\n\n* jenkins plugin: Non-constant time webhook signature comparison in GitHub Plugin (CVE-2022-36885)\n\n* jenkins-plugin/pipeline-stage-view: CSRF protection for any URL can be bypassed in Pipeline: Stage View Plugin (CVE-2022-43408)\n\n* jenkins-plugin/workflow-support: Stored XSS vulnerability in Pipeline: Supporting APIs Plugin (CVE-2022-43409)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAll OpenShift Container Platform 4.9 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.9/updating/updating-cluster-cli.html",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:0777",
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"url": "https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html"
},
{
"category": "external",
"summary": "1856376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1856376"
},
{
"category": "external",
"summary": "2116840",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2116840"
},
{
"category": "external",
"summary": "2116952",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2116952"
},
{
"category": "external",
"summary": "2119643",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119643"
},
{
"category": "external",
"summary": "2119645",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119645"
},
{
"category": "external",
"summary": "2119646",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119646"
},
{
"category": "external",
"summary": "2119647",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119647"
},
{
"category": "external",
"summary": "2119653",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119653"
},
{
"category": "external",
"summary": "2119656",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119656"
},
{
"category": "external",
"summary": "2119657",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119657"
},
{
"category": "external",
"summary": "2119658",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119658"
},
{
"category": "external",
"summary": "2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "2136370",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136370"
},
{
"category": "external",
"summary": "2136374",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136374"
},
{
"category": "external",
"summary": "2136379",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136379"
},
{
"category": "external",
"summary": "2136381",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136381"
},
{
"category": "external",
"summary": "2136382",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136382"
},
{
"category": "external",
"summary": "2136383",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136383"
},
{
"category": "external",
"summary": "2136386",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136386"
},
{
"category": "external",
"summary": "2136388",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136388"
},
{
"category": "external",
"summary": "2136391",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136391"
},
{
"category": "external",
"summary": "2143086",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143086"
},
{
"category": "external",
"summary": "2143089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143089"
},
{
"category": "external",
"summary": "2143090",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143090"
},
{
"category": "external",
"summary": "2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "2150009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150009"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0777.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Container Platform 4.9.56 security update",
"tracking": {
"current_release_date": "2026-05-14T22:32:57+00:00",
"generator": {
"date": "2026-05-14T22:32:57+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.0"
}
},
"id": "RHSA-2023:0777",
"initial_release_date": "2023-02-23T00:01:27+00:00",
"revision_history": [
{
"date": "2023-02-23T00:01:27+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-02-23T00:01:27+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-14T22:32:57+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.9",
"product": {
"name": "Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.9::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "jenkins-0:2.361.1.1675668150-1.el8.src",
"product": {
"name": "jenkins-0:2.361.1.1675668150-1.el8.src",
"product_id": "jenkins-0:2.361.1.1675668150-1.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins@2.361.1.1675668150-1.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "jenkins-2-plugins-0:4.9.1675668922-1.el8.src",
"product": {
"name": "jenkins-2-plugins-0:4.9.1675668922-1.el8.src",
"product_id": "jenkins-2-plugins-0:4.9.1675668922-1.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins-2-plugins@4.9.1675668922-1.el8?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "jenkins-0:2.361.1.1675668150-1.el8.noarch",
"product": {
"name": "jenkins-0:2.361.1.1675668150-1.el8.noarch",
"product_id": "jenkins-0:2.361.1.1675668150-1.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins@2.361.1.1675668150-1.el8?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"product": {
"name": "jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"product_id": "jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins-2-plugins@4.9.1675668922-1.el8?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-0:2.361.1.1675668150-1.el8.noarch as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch"
},
"product_reference": "jenkins-0:2.361.1.1675668150-1.el8.noarch",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-0:2.361.1.1675668150-1.el8.src as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
},
"product_reference": "jenkins-0:2.361.1.1675668150-1.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch"
},
"product_reference": "jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-2-plugins-0:4.9.1675668922-1.el8.src as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
},
"product_reference": "jenkins-2-plugins-0:4.9.1675668922-1.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.9"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-7692",
"cwe": {
"id": "CWE-306",
"name": "Missing Authentication for Critical Function"
},
"discovery_date": "2020-07-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1856376"
}
],
"notes": [
{
"category": "description",
"text": "PKCE support is not implemented in accordance with the RFC for OAuth 2.0 for Native Apps. Without the use of PKCE, the authorization code returned by an authorization server is not enough to guarantee that the client that issued the initial authorization request is the one that will be authorized. An attacker is able to obtain the authorization code using a malicious app on the client-side and use it to gain authorization to the protected resource. This affects the package com.google.oauth-client:google-oauth-client before 1.31.0.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "google-oauth-client: missing PKCE support in accordance with the RFC for OAuth 2.0 for Native Apps can lead to improper authorization",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-7692"
},
{
"category": "external",
"summary": "RHBZ#1856376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1856376"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-7692",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7692"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-7692",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7692"
}
],
"release_date": "2020-07-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "google-oauth-client: missing PKCE support in accordance with the RFC for OAuth 2.0 for Native Apps can lead to improper authorization"
},
{
"cve": "CVE-2022-1471",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-12-01T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2150009"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the SnakeYaml package. This flaw allows an attacker to benefit from remote code execution by sending malicious YAML content and this content being deserialized by the constructor. Deserialization is unsafe and leads to Remote Code Execution (RCE).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "SnakeYaml: Constructor Deserialization Remote Code Execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In the Red Hat Process Automation 7 (RHPAM) the untrusted, malicious YAML file for deserialization by the vulnerable Snakeyaml\u0027s SafeConstructor class must be provided intentionally by the RHPAM user which requires high privileges. The potential attack complexity is also high because it depends on conditions that are beyond the attacker\u0027s control. Due to that the impact for RHPAM is reduced to Low.\n\nRed Hat Fuse 7 does not expose by default any endpoint that passes incoming data/request into vulnerable Snakeyaml\u0027s Constructor class nor pass untrusted data to this class. When this class is used, it\u2019s still only used to parse internal configuration, hence the impact by this vulnerability to Red Hat Fuse 7 is reduced to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1471"
},
{
"category": "external",
"summary": "RHBZ#2150009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1471",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1471"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1471",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1471"
},
{
"category": "external",
"summary": "https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2",
"url": "https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2"
}
],
"release_date": "2022-10-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "SnakeYaml: Constructor Deserialization Remote Code Execution"
},
{
"cve": "CVE-2022-2048",
"cwe": {
"id": "CWE-410",
"name": "Insufficient Resource Pool"
},
"discovery_date": "2022-08-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2116952"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Eclipse Jetty http2-server package. This flaw allows an attacker to cause a denial of service in the server via HTTP/2 requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "http2-server: Invalid HTTP/2 requests cause DoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-2048"
},
{
"category": "external",
"summary": "RHBZ#2116952",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2116952"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-2048",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2048"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-2048",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2048"
},
{
"category": "external",
"summary": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-wgmr-mf83-7x4j",
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-wgmr-mf83-7x4j"
}
],
"release_date": "2022-07-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "http2-server: Invalid HTTP/2 requests cause DoS"
},
{
"cve": "CVE-2022-25857",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-09-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2126789"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Denial of Service due to missing nested depth limitation for collections",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For RHEL-8 it\u0027s downgraded to moderate because \"snakeyaml\" itself in RHEL 8 or RHEL-9 isn\u0027t shipped and \"prometheus-jmx-exporter\" is needed as build dependency. And it\u0027s not directly exploitable, hence severity marked as moderate.\nRed Hat Integration and AMQ products are not vulnerable to this flaw, so their severity has been lowered to moderate.\nRed Hat Single Sign-On uses snakeyaml from liquibase-core and is only used when performing migrations and would require administrator privileges to execute, hence severity marked as Low.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be present soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25857"
},
{
"category": "external",
"summary": "RHBZ#2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25857",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525"
}
],
"release_date": "2022-08-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "snakeyaml: Denial of Service due to missing nested depth limitation for collections"
},
{
"cve": "CVE-2022-30946",
"cwe": {
"id": "CWE-352",
"name": "Cross-Site Request Forgery (CSRF)"
},
"discovery_date": "2022-08-19T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2119643"
}
],
"notes": [
{
"category": "description",
"text": "A cross-site request forgery (CSRF) vulnerability in Jenkins Script Security Plugin 1158.v7c1b_73a_69a_08 and earlier allows attackers to have Jenkins send an HTTP request to an attacker-specified webserver.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "plugin: CSRF vulnerability in Script Security Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-30946"
},
{
"category": "external",
"summary": "RHBZ#2119643",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119643"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-30946",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30946"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30946",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30946"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-2116",
"url": "https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-2116"
}
],
"release_date": "2022-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "plugin: CSRF vulnerability in Script Security Plugin"
},
{
"cve": "CVE-2022-30952",
"cwe": {
"id": "CWE-1220",
"name": "Insufficient Granularity of Access Control"
},
"discovery_date": "2022-08-19T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2119645"
}
],
"notes": [
{
"category": "description",
"text": "Jenkins Pipeline SCM API for Blue Ocean Plugin 1.25.3 and earlier allows attackers with Job/Configure permission to access credentials with attacker-specified IDs stored in the private per-user credentials stores of any attacker-specified user in Jenkins.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "plugin: User-scoped credentials exposed to other users by Pipeline SCM API for Blue Ocean Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-30952"
},
{
"category": "external",
"summary": "RHBZ#2119645",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119645"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-30952",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30952"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30952",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30952"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-714",
"url": "https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-714"
}
],
"release_date": "2022-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "plugin: User-scoped credentials exposed to other users by Pipeline SCM API for Blue Ocean Plugin"
},
{
"cve": "CVE-2022-30953",
"cwe": {
"id": "CWE-352",
"name": "Cross-Site Request Forgery (CSRF)"
},
"discovery_date": "2022-08-19T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2119646"
}
],
"notes": [
{
"category": "description",
"text": "A cross-site request forgery (CSRF) vulnerability in Jenkins Blue Ocean Plugin 1.25.3 and earlier allows attackers to connect to an attacker-specified HTTP server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "plugin: CSRF vulnerability in Blue Ocean Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-30953"
},
{
"category": "external",
"summary": "RHBZ#2119646",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119646"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-30953",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30953"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30953",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30953"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-2502",
"url": "https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-2502"
}
],
"release_date": "2022-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "plugin: CSRF vulnerability in Blue Ocean Plugin"
},
{
"cve": "CVE-2022-30954",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"discovery_date": "2022-08-19T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2119647"
}
],
"notes": [
{
"category": "description",
"text": "Jenkins Blue Ocean Plugin 1.25.3 and earlier does not perform a permission check in several HTTP endpoints, allowing attackers with Overall/Read permission to connect to an attacker-specified HTTP server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "plugin: missing permission checks in Blue Ocean Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-30954"
},
{
"category": "external",
"summary": "RHBZ#2119647",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119647"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-30954",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30954"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30954",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30954"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-2502",
"url": "https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-2502"
}
],
"release_date": "2022-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "plugin: missing permission checks in Blue Ocean Plugin"
},
{
"cve": "CVE-2022-34174",
"cwe": {
"id": "CWE-208",
"name": "Observable Timing Discrepancy"
},
"discovery_date": "2022-08-19T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2119653"
}
],
"notes": [
{
"category": "description",
"text": "In Jenkins 2.355 and earlier, LTS 2.332.3 and earlier, an observable timing discrepancy on the login form allows distinguishing between login attempts with an invalid username, and login attempts with a valid username and wrong password, when using the Jenkins user database security realm.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins: Observable timing discrepancy allows determining username validity",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-34174"
},
{
"category": "external",
"summary": "RHBZ#2119653",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119653"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-34174",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34174"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-34174",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34174"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2566",
"url": "https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2566"
}
],
"release_date": "2022-06-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins: Observable timing discrepancy allows determining username validity"
},
{
"cve": "CVE-2022-36882",
"cwe": {
"id": "CWE-352",
"name": "Cross-Site Request Forgery (CSRF)"
},
"discovery_date": "2022-08-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2116840"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Git Jenkins plugin. The affected versions of the Git Jenkins Plugin allow attackers to trigger the builds of jobs configured to use an attacker-specified Git repository and to cause them to check out an attacker-specified commit.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin: Cross-site Request Forgery (CSRF) in org.jenkins-ci.plugins:git",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-36882"
},
{
"category": "external",
"summary": "RHBZ#2116840",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2116840"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-36882",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36882"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-36882",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-36882"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-284",
"url": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-284"
}
],
"release_date": "2022-08-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins-plugin: Cross-site Request Forgery (CSRF) in org.jenkins-ci.plugins:git"
},
{
"cve": "CVE-2022-36883",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"discovery_date": "2022-08-19T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2119656"
}
],
"notes": [
{
"category": "description",
"text": "A missing permission check in Jenkins Git Plugin 4.11.3 and earlier allows unauthenticated attackers to trigger builds of jobs configured to use an attacker-specified Git repository and to cause them to check out an attacker-specified commit.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "plugin: Lack of authentication mechanism in Git Plugin webhook",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-36883"
},
{
"category": "external",
"summary": "RHBZ#2119656",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119656"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-36883",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36883"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-36883",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-36883"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-284",
"url": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-284"
}
],
"release_date": "2022-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "plugin: Lack of authentication mechanism in Git Plugin webhook"
},
{
"cve": "CVE-2022-36884",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2022-08-19T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2119657"
}
],
"notes": [
{
"category": "description",
"text": "The webhook endpoint in Jenkins Git Plugin 4.11.3 and earlier provide unauthenticated attackers information about the existence of jobs configured to use an attacker-specified Git repository.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "plugin: Lack of authentication mechanism in Git Plugin webhook",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-36884"
},
{
"category": "external",
"summary": "RHBZ#2119657",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119657"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-36884",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36884"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-36884",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-36884"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-284",
"url": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-284"
}
],
"release_date": "2022-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "plugin: Lack of authentication mechanism in Git Plugin webhook"
},
{
"cve": "CVE-2022-36885",
"cwe": {
"id": "CWE-208",
"name": "Observable Timing Discrepancy"
},
"discovery_date": "2022-08-19T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2119658"
}
],
"notes": [
{
"category": "description",
"text": "Jenkins GitHub Plugin 1.34.4 and earlier uses a non-constant time comparison function when checking whether the provided and computed webhook signatures are equal, allowing attackers to use statistical methods to obtain a valid webhook signature.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "plugin: Non-constant time webhook signature comparison in GitHub Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-36885"
},
{
"category": "external",
"summary": "RHBZ#2119658",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119658"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-36885",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36885"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-36885",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-36885"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-1849",
"url": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-1849"
}
],
"release_date": "2022-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "plugin: Non-constant time webhook signature comparison in GitHub Plugin"
},
{
"cve": "CVE-2022-43401",
"cwe": {
"id": "CWE-693",
"name": "Protection Mechanism Failure"
},
"discovery_date": "2022-10-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136381"
}
],
"notes": [
{
"category": "description",
"text": "A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43401"
},
{
"category": "external",
"summary": "RHBZ#2136381",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136381"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43401",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43401"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43401",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43401"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(1)",
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(1)"
}
],
"release_date": "2022-10-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin"
},
{
"cve": "CVE-2022-43402",
"cwe": {
"id": "CWE-693",
"name": "Protection Mechanism Failure"
},
"discovery_date": "2022-10-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136379"
}
],
"notes": [
{
"category": "description",
"text": "A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin/workflow-cps: Sandbox bypass vulnerabilities in Pipeline: Groovy Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43402"
},
{
"category": "external",
"summary": "RHBZ#2136379",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136379"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43402",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43402"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43402",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43402"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(1)",
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(1)"
}
],
"release_date": "2022-10-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "jenkins-plugin/workflow-cps: Sandbox bypass vulnerabilities in Pipeline: Groovy Plugin"
},
{
"cve": "CVE-2022-43403",
"cwe": {
"id": "CWE-693",
"name": "Protection Mechanism Failure"
},
"discovery_date": "2022-10-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136382"
}
],
"notes": [
{
"category": "description",
"text": "A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43403"
},
{
"category": "external",
"summary": "RHBZ#2136382",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136382"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43403",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43403"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43403",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43403"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(1)",
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(1)"
}
],
"release_date": "2022-10-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin"
},
{
"cve": "CVE-2022-43404",
"cwe": {
"id": "CWE-693",
"name": "Protection Mechanism Failure"
},
"discovery_date": "2022-10-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136383"
}
],
"notes": [
{
"category": "description",
"text": "A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43404"
},
{
"category": "external",
"summary": "RHBZ#2136383",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136383"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43404",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43404"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43404",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43404"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(1)",
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(1)"
}
],
"release_date": "2022-10-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin"
},
{
"cve": "CVE-2022-43405",
"cwe": {
"id": "CWE-693",
"name": "Protection Mechanism Failure"
},
"discovery_date": "2022-10-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136374"
}
],
"notes": [
{
"category": "description",
"text": "A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin/pipeline-groovy-lib: Sandbox bypass vulnerability in Pipeline: Groovy Libraries Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43405"
},
{
"category": "external",
"summary": "RHBZ#2136374",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136374"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43405",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43405"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43405",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43405"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(2)",
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(2)"
}
],
"release_date": "2022-10-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "jenkins-plugin/pipeline-groovy-lib: Sandbox bypass vulnerability in Pipeline: Groovy Libraries Plugin"
},
{
"cve": "CVE-2022-43406",
"cwe": {
"id": "CWE-693",
"name": "Protection Mechanism Failure"
},
"discovery_date": "2022-10-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136370"
}
],
"notes": [
{
"category": "description",
"text": "A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin/workflow-cps-global-lib: Sandbox bypass vulnerability in Pipeline: Deprecated Groovy Libraries Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43406"
},
{
"category": "external",
"summary": "RHBZ#2136370",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136370"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43406",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43406"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43406",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43406"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(2)",
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(2)"
}
],
"release_date": "2022-10-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "jenkins-plugin/workflow-cps-global-lib: Sandbox bypass vulnerability in Pipeline: Deprecated Groovy Libraries Plugin"
},
{
"cve": "CVE-2022-43407",
"cwe": {
"id": "CWE-838",
"name": "Inappropriate Encoding for Output Context"
},
"discovery_date": "2022-10-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136386"
}
],
"notes": [
{
"category": "description",
"text": "A cross-site request forgery (CSRF) vulnerability was found in a Jenkins plugin. This issue may allow an unauthenticated attacker to access Jenkins builds, bypassing CSRF protections. This could compromise the integrity, availability, and confidentiality of Jenkins.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin/pipeline-input-step: CSRF protection for any URL can be bypassed in Pipeline: Input Step Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43407"
},
{
"category": "external",
"summary": "RHBZ#2136386",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136386"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43407",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43407"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43407",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43407"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2880",
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2880"
}
],
"release_date": "2022-10-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jenkins-plugin/pipeline-input-step: CSRF protection for any URL can be bypassed in Pipeline: Input Step Plugin"
},
{
"cve": "CVE-2022-43408",
"cwe": {
"id": "CWE-838",
"name": "Inappropriate Encoding for Output Context"
},
"discovery_date": "2022-10-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136388"
}
],
"notes": [
{
"category": "description",
"text": "A Cross-site request forgery (CSRF) vulnerability was found in a Jenkins plugin. This issue may allow an authenticated attacker to access Jenkins builds, bypassing CSRF protections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin/pipeline-stage-view: CSRF protection for any URL can be bypassed in Pipeline: Stage View Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43408"
},
{
"category": "external",
"summary": "RHBZ#2136388",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136388"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43408",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43408"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43408",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43408"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2828",
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2828"
}
],
"release_date": "2022-10-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins-plugin/pipeline-stage-view: CSRF protection for any URL can be bypassed in Pipeline: Stage View Plugin"
},
{
"cve": "CVE-2022-43409",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2022-10-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136391"
}
],
"notes": [
{
"category": "description",
"text": "A Cross-site scripting (XSS) vulnerability was found in a Jenkins plugin. This issue may allow an authenticated remote attacker to create Pipelines.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin/workflow-support: Stored XSS vulnerability in Pipeline: Supporting APIs Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43409"
},
{
"category": "external",
"summary": "RHBZ#2136391",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136391"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43409",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43409"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43409",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43409"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2881",
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2881"
}
],
"release_date": "2022-10-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins-plugin/workflow-support: Stored XSS vulnerability in Pipeline: Supporting APIs Plugin"
},
{
"cve": "CVE-2022-45047",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-11-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2145194"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache MINA SSHD, when using Java deserialization to load a serialized java.security.PrivateKey. An attacker could benefit from unsafe deserialization by inserting unsecured data that may affect the application or server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mina-sshd: Java unsafe deserialization vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Impact as High as there\u0027s a mitigation for minimizing the impact which the flaw requires org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to be impacted, which would require an external/public API for an attacker to benefit from it. \n\nRed Hat Fuse 7 and Red Hat JBoss Enterprise Application Platform 7 have a lower rate (moderate) as it\u0027s very unlikely to be exploited since those are for internal usage or use a custom implementation in their case.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45047"
},
{
"category": "external",
"summary": "RHBZ#2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45047",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45047"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047"
},
{
"category": "external",
"summary": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html",
"url": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html"
}
],
"release_date": "2022-11-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
},
{
"category": "workaround",
"details": "From the maintainer:\n\nFor Apache MINA SSHD \u003c= 2.9.1, do not use org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to generate and later load your server\u0027s host key. Use separately generated host key files, for instance in OpenSSH format, and load them via a org.apache.sshd.common.keyprovider.FileKeyPairProvider instead. Or use a custom implementation instead of \nSimpleGeneratorHostKeyProvider that uses the OpenSSH format for storing and loading the host key (via classes OpenSSHKeyPairResourceWriter and OpenSSHKeyPairResourceParser).",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "mina-sshd: Java unsafe deserialization vulnerability"
},
{
"cve": "CVE-2022-45379",
"cwe": {
"id": "CWE-328",
"name": "Use of Weak Hash"
},
"discovery_date": "2022-11-16T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2143090"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the script-security Jenkins Plugin. SHA-1 no longer meets the security standards for producing a cryptographically secure message digest. The affected version of the script-security Plugin stores whole-script approvals as the SHA-1 hash of the approved script.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin/script-security: Whole-script approval in Script Security Plugin vulnerable to SHA-1 collisions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is already in the ELS support model phase. The Jenkins components are out of scope of the ELS support; hence OpenShift 3.11 Jenkins component is marked in this CVE as out of support scope.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45379"
},
{
"category": "external",
"summary": "RHBZ#2143090",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143090"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45379",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45379"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45379",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45379"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2564",
"url": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2564"
}
],
"release_date": "2022-11-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jenkins-plugin/script-security: Whole-script approval in Script Security Plugin vulnerable to SHA-1 collisions"
},
{
"cve": "CVE-2022-45380",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2022-11-16T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2143086"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the JUnit Jenkins Plugin. The affected version of the JUnit plugin converts HTTP(S) URLs in test report output to clickable links, which leads to a stored Cross-site scripting (XSS) attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin/JUnit: Stored XSS vulnerability in JUnit Plugin",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is already in the ELS support model phase. The Jenkins components are out of scope of the ELS support; hence OpenShift 3.11 Jenkins component is marked in this CVE as Out of Support Scope.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45380"
},
{
"category": "external",
"summary": "RHBZ#2143086",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143086"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45380",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45380"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45380",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45380"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2888",
"url": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2888"
}
],
"release_date": "2022-11-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jenkins-plugin/JUnit: Stored XSS vulnerability in JUnit Plugin"
},
{
"cve": "CVE-2022-45381",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2022-11-16T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2143089"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Pipeline Utility Steps Jenkins Plugin. The affected version of the Pipeline Utility Steps Plugin does not restrict the set of enabled prefix interpolators and bundles versions of this library that enable the file: prefix interpolator by default. This flaw allows attackers who can configure Pipelines to read arbitrary files from the Jenkins controller file system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin/pipeline-utility-steps: Arbitrary file read vulnerability in Pipeline Utility Steps Plugin",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is already in the ELS support model phase. The Jenkins components are out of scope of the ELS support; hence the OpenShift 3.11 Jenkins component is marked in this CVE as out of support scope.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45381"
},
{
"category": "external",
"summary": "RHBZ#2143089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143089"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45381",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45381"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45381",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45381"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2949",
"url": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2949"
}
],
"release_date": "2022-11-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jenkins-plugin/pipeline-utility-steps: Arbitrary file read vulnerability in Pipeline Utility Steps Plugin"
}
]
}
RHSA-2023:3663
Vulnerability from csaf_redhat - Published: 2023-06-19 10:15 - Updated: 2026-05-16 23:26Summary
Red Hat Security Advisory: jenkins and jenkins-2-plugins security update
Severity
Important
Notes
Topic: An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.11.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron.
Security Fix(es):
* xstream: Denial of Service by injecting recursive collections or maps based on element's hash values raising a stack overflow (CVE-2022-41966)
* json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion) (CVE-2023-1370)
* springframework: Security Bypass With Un-Prefixed Double Wildcard Pattern (CVE-2023-20860)
* log4j1-chainsaw, log4j1-socketappender: DoS via hashmap logging (CVE-2023-26464)
* Jenkins: XSS vulnerability in plugin manager (CVE-2023-27898)
* Jenkins: Temporary plugin file created with insecure permissions (CVE-2023-27899)
* jenkins-2-plugin: workflow-job: Stored XSS vulnerability in Pipeline: Job Plugin (CVE-2023-32977)
* http2-server: Invalid HTTP/2 requests cause DoS (CVE-2022-2048)
* springframework: BCrypt skips salt rounds for work factor of 31 (CVE-2022-22976)
* jettison: parser crash by stackoverflow (CVE-2022-40149)
* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)
* jackson-databind: use of deeply nested arrays (CVE-2022-42004)
* jettison: Uncontrolled Recursion in JSONArray (CVE-2023-1436)
* jenkins-2-plugin: pipeline-utility-steps: Arbitrary file write vulnerability on agents in Pipeline Utility Steps Plugin (CVE-2023-32981)
* jettison: memory exhaustion via user-supplied XML or JSON data (CVE-2022-40150)
* Jenkins: Temporary file parameter created with insecure permissions (CVE-2023-27903)
* Jenkins: Information disclosure through error stack traces related to agents (CVE-2023-27904)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the Eclipse Jetty http2-server package. This flaw allows an attacker to cause a denial of service in the server via HTTP/2 requests.
7.5 (High)
Affected products
Fixed
2 products
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.noarch | — | ||
| Unresolved product id: 8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.src | — |
Threats
Impact
Moderate
A flaw was found in Spring Framework. The encoder does not perform any salt rounds when using the BCrypt class with the maximum work factor (31) due to an integer overflow error.
5.3 (Medium)
Affected products
Fixed
2 products
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.noarch | — | ||
| Unresolved product id: 8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.src | — |
Threats
Impact
Moderate
A stack-based buffer overflow vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. This flaw allows an attacker to supply content that causes the parser to crash by writing outside the memory bounds if the parser is running on user-supplied input, resulting in a denial of service attack.
7.5 (High)
Affected products
Fixed
2 products
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.noarch | — | ||
| Unresolved product id: 8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.src | — |
Threats
Impact
Moderate
A vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. If the parser is running on user-supplied input, an attacker may supply content that causes the parser to crash, causing memory exhaustion. This effect may support a denial of service attack.
7.5 (High)
Affected products
Fixed
2 products
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.noarch | — | ||
| Unresolved product id: 8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.src | — |
Threats
Impact
Low
A flaw was found in the xstream package. This flaw allows an attacker to cause a denial of service by injecting recursive collections or maps, raising a stack overflow.
7.5 (High)
Affected products
Fixed
2 products
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.noarch | — | ||
| Unresolved product id: 8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.src | — |
Threats
Impact
Important
A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.
7.5 (High)
Affected products
Fixed
2 products
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.noarch | — | ||
| Unresolved product id: 8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.src | — |
Threats
Impact
Moderate
A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.
7.5 (High)
Affected products
Fixed
2 products
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.noarch | — | ||
| Unresolved product id: 8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.src | — |
Threats
Impact
Moderate
A flaw was found in the json-smart package. This security flaw occurs when reaching a ‘[‘ or ‘{‘ character in the JSON input, and the code parses an array or an object, respectively. The 3PP does not have any limit to the nesting of such arrays or objects. Since nested arrays and objects are parsed recursively, nesting too many of them can cause stack exhaustion (stack overflow) and crash the software.
7.5 (High)
Affected products
Fixed
2 products
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.noarch | — | ||
| Unresolved product id: 8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.src | — |
Threats
Impact
Important
A flaw was found in Jettison. Infinite recursion is triggered in Jettison when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. This issue leads to a StackOverflowError exception being thrown.
7.5 (High)
Affected products
Fixed
2 products
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.noarch | — | ||
| Unresolved product id: 8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.src | — |
Threats
Impact
Moderate
A flaw was found in Spring Framework. In this vulnerability, a security bypass is possible due to the behavior of the wildcard pattern.
7.5 (High)
Affected products
Fixed
2 products
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.noarch | — | ||
| Unresolved product id: 8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.src | — |
Threats
Impact
Important
A flaw was found in Chainsaw and SocketAppender components with Log4j 1.x on JRE, less than 1.7. This issue may allow an attacker to use a logging entry with a specially-crafted hashmap or hashtable, depending on which logging component is in use, to process and exhaust the available memory in the virtual machine, resulting in a Denial of Service when the object is deserialized. This issue affects Apache Log4j before version 2.
7.5 (High)
Affected products
Fixed
2 products
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.src | — |
Workaround
|
Threats
Impact
Important
A flaw was found in Jenkins. Affected versions of Jenkins do not escape the Jenkins version that a plugin depends on when rendering the error message stating its incompatibility with the current version of Jenkins in the plugin manager. This issue results in a stored Cross-site scripting (XSS) vulnerability, exploitable by attackers able to provide plugins to the configured update sites and have this message shown by Jenkins instances.
8.8 (High)
Affected products
Fixed
2 products
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.noarch | — | ||
| Unresolved product id: 8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.src | — |
Threats
Impact
Important
A flaw was found in Jenkins. Jenkins creates a temporary file when a plugin is uploaded from an administrator’s computer. If these permissions are overly permissive, they may allow attackers with access to the Jenkins controller file system to read and write the file before it is installed in Jenkins, potentially resulting in arbitrary code execution.
7.0 (High)
Affected products
Fixed
2 products
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.noarch | — | ||
| Unresolved product id: 8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.src | — |
Threats
Impact
Important
A flaw was found in Jenkins. When triggering a build from the Jenkins CLI, Jenkins creates a temporary file on the controller if a file parameter is provided through the CLI’s standard input. Affected versions of Jenkins create this temporary file in the default temporary directory with the default permissions for newly created files. If these permissions are overly permissive, they may allow attackers with access to the Jenkins controller file system to read and write the file before it is used in the build.
4.4 (Medium)
Affected products
Fixed
2 products
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.noarch | — | ||
| Unresolved product id: 8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.src | — |
Threats
Impact
Low
A flaw was found in Jenkins. The affected version of Jenkins prints an error stack trace on agent-related pages when agent connections are broken. This stack trace may contain information about Jenkins configuration that is otherwise inaccessible to attackers.
5.3 (Medium)
Affected products
Fixed
2 products
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.noarch | — | ||
| Unresolved product id: 8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.src | — |
Threats
Impact
Low
A flaw was found in the Jenkins Pipeline: Job Plugin. Affected versions of Jenkins Pipeline: Job Plugin are vulnerable to Cross-site scripting caused by improper validation of user-supplied input. This flaw allows a remote authenticated attacker to inject malicious script into a Web page, which would then be executed in a victim's Web browser within the security context of the hosting Web site once the page is viewed. The attacker could use this vulnerability to steal the victim's cookie-based authentication credentials.
7.5 (High)
Affected products
Fixed
2 products
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.noarch | — | ||
| Unresolved product id: 8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.src | — |
Threats
Impact
Important
A flaw was found in the Jenkins Pipeline Utility Steps Plugin. This flaw allows a remote, authenticated attacker to traverse directories on the system, caused by improper archive file validation. The attacker can use a specially crafted archive file containing "dot dot" sequences (/../) to create or replace arbitrary files on the agent file system with attacker-specified content.
6.3 (Medium)
Affected products
Fixed
2 products
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.noarch | — | ||
| Unresolved product id: 8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.src | — |
Threats
Impact
Moderate
References
103 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.11.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron.\n\nSecurity Fix(es):\n\n* xstream: Denial of Service by injecting recursive collections or maps based on element\u0027s hash values raising a stack overflow (CVE-2022-41966)\n\n* json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion) (CVE-2023-1370)\n\n* springframework: Security Bypass With Un-Prefixed Double Wildcard Pattern (CVE-2023-20860)\n\n* log4j1-chainsaw, log4j1-socketappender: DoS via hashmap logging (CVE-2023-26464)\n\n* Jenkins: XSS vulnerability in plugin manager (CVE-2023-27898)\n\n* Jenkins: Temporary plugin file created with insecure permissions (CVE-2023-27899)\n\n* jenkins-2-plugin: workflow-job: Stored XSS vulnerability in Pipeline: Job Plugin (CVE-2023-32977)\n\n* http2-server: Invalid HTTP/2 requests cause DoS (CVE-2022-2048)\n\n* springframework: BCrypt skips salt rounds for work factor of 31 (CVE-2022-22976)\n\n* jettison: parser crash by stackoverflow (CVE-2022-40149)\n\n* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)\n\n* jackson-databind: use of deeply nested arrays (CVE-2022-42004)\n\n* jettison: Uncontrolled Recursion in JSONArray (CVE-2023-1436)\n\n* jenkins-2-plugin: pipeline-utility-steps: Arbitrary file write vulnerability on agents in Pipeline Utility Steps Plugin (CVE-2023-32981)\n\n* jettison: memory exhaustion via user-supplied XML or JSON data (CVE-2022-40150)\n\n* Jenkins: Temporary file parameter created with insecure permissions (CVE-2023-27903)\n\n* Jenkins: Information disclosure through error stack traces related to agents (CVE-2023-27904)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:3663",
"url": "https://access.redhat.com/errata/RHSA-2023:3663"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2087214",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2087214"
},
{
"category": "external",
"summary": "2116952",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2116952"
},
{
"category": "external",
"summary": "2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "2135770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770"
},
{
"category": "external",
"summary": "2135771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771"
},
{
"category": "external",
"summary": "2170431",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170431"
},
{
"category": "external",
"summary": "2177626",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177626"
},
{
"category": "external",
"summary": "2177629",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177629"
},
{
"category": "external",
"summary": "2177632",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177632"
},
{
"category": "external",
"summary": "2177634",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177634"
},
{
"category": "external",
"summary": "2180528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2180528"
},
{
"category": "external",
"summary": "2182788",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182788"
},
{
"category": "external",
"summary": "2182864",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182864"
},
{
"category": "external",
"summary": "2188542",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2188542"
},
{
"category": "external",
"summary": "2207830",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2207830"
},
{
"category": "external",
"summary": "2207835",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2207835"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_3663.json"
}
],
"title": "Red Hat Security Advisory: jenkins and jenkins-2-plugins security update",
"tracking": {
"current_release_date": "2026-05-16T23:26:22+00:00",
"generator": {
"date": "2026-05-16T23:26:22+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.0"
}
},
"id": "RHSA-2023:3663",
"initial_release_date": "2023-06-19T10:15:57+00:00",
"revision_history": [
{
"date": "2023-06-19T10:15:57+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-06-19T10:15:57+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-16T23:26:22+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenShift Developer Tools and Services for OCP 4.11 for RHEL 8",
"product": {
"name": "OpenShift Developer Tools and Services for OCP 4.11 for RHEL 8",
"product_id": "8Base-OCP-Tools-4.11",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ocp_tools:4.11::el8"
}
}
}
],
"category": "product_family",
"name": "OpenShift Developer Tools and Services"
},
{
"branches": [
{
"category": "product_version",
"name": "jenkins-0:2.401.1.1686831596-3.el8.src",
"product": {
"name": "jenkins-0:2.401.1.1686831596-3.el8.src",
"product_id": "jenkins-0:2.401.1.1686831596-3.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins@2.401.1.1686831596-3.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "jenkins-2-plugins-0:4.11.1686831822-1.el8.src",
"product": {
"name": "jenkins-2-plugins-0:4.11.1686831822-1.el8.src",
"product_id": "jenkins-2-plugins-0:4.11.1686831822-1.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins-2-plugins@4.11.1686831822-1.el8?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "jenkins-0:2.401.1.1686831596-3.el8.noarch",
"product": {
"name": "jenkins-0:2.401.1.1686831596-3.el8.noarch",
"product_id": "jenkins-0:2.401.1.1686831596-3.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins@2.401.1.1686831596-3.el8?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jenkins-2-plugins-0:4.11.1686831822-1.el8.noarch",
"product": {
"name": "jenkins-2-plugins-0:4.11.1686831822-1.el8.noarch",
"product_id": "jenkins-2-plugins-0:4.11.1686831822-1.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins-2-plugins@4.11.1686831822-1.el8?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-0:2.401.1.1686831596-3.el8.noarch as a component of OpenShift Developer Tools and Services for OCP 4.11 for RHEL 8",
"product_id": "8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.noarch"
},
"product_reference": "jenkins-0:2.401.1.1686831596-3.el8.noarch",
"relates_to_product_reference": "8Base-OCP-Tools-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-0:2.401.1.1686831596-3.el8.src as a component of OpenShift Developer Tools and Services for OCP 4.11 for RHEL 8",
"product_id": "8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.src"
},
"product_reference": "jenkins-0:2.401.1.1686831596-3.el8.src",
"relates_to_product_reference": "8Base-OCP-Tools-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-2-plugins-0:4.11.1686831822-1.el8.noarch as a component of OpenShift Developer Tools and Services for OCP 4.11 for RHEL 8",
"product_id": "8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.noarch"
},
"product_reference": "jenkins-2-plugins-0:4.11.1686831822-1.el8.noarch",
"relates_to_product_reference": "8Base-OCP-Tools-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-2-plugins-0:4.11.1686831822-1.el8.src as a component of OpenShift Developer Tools and Services for OCP 4.11 for RHEL 8",
"product_id": "8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.src"
},
"product_reference": "jenkins-2-plugins-0:4.11.1686831822-1.el8.src",
"relates_to_product_reference": "8Base-OCP-Tools-4.11"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-2048",
"cwe": {
"id": "CWE-410",
"name": "Insufficient Resource Pool"
},
"discovery_date": "2022-08-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2116952"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Eclipse Jetty http2-server package. This flaw allows an attacker to cause a denial of service in the server via HTTP/2 requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "http2-server: Invalid HTTP/2 requests cause DoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-2048"
},
{
"category": "external",
"summary": "RHBZ#2116952",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2116952"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-2048",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2048"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-2048",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2048"
},
{
"category": "external",
"summary": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-wgmr-mf83-7x4j",
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-wgmr-mf83-7x4j"
}
],
"release_date": "2022-07-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-19T10:15:57+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3663"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.src",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "http2-server: Invalid HTTP/2 requests cause DoS"
},
{
"cve": "CVE-2022-22976",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2022-05-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2087214"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Spring Framework. The encoder does not perform any salt rounds when using the BCrypt class with the maximum work factor (31) due to an integer overflow error.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "springframework: BCrypt skips salt rounds for work factor of 31",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-22976"
},
{
"category": "external",
"summary": "RHBZ#2087214",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2087214"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-22976",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22976"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-22976",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22976"
},
{
"category": "external",
"summary": "https://tanzu.vmware.com/security/cve-2022-22976",
"url": "https://tanzu.vmware.com/security/cve-2022-22976"
}
],
"release_date": "2022-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-19T10:15:57+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3663"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.src",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "springframework: BCrypt skips salt rounds for work factor of 31"
},
{
"cve": "CVE-2022-40149",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135771"
}
],
"notes": [
{
"category": "description",
"text": "A stack-based buffer overflow vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. This flaw allows an attacker to supply content that causes the parser to crash by writing outside the memory bounds if the parser is running on user-supplied input, resulting in a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: parser crash by stackoverflow",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40149"
},
{
"category": "external",
"summary": "RHBZ#2135771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40149",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40149"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149"
},
{
"category": "external",
"summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1",
"url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1"
}
],
"release_date": "2022-09-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-19T10:15:57+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3663"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.src",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jettison: parser crash by stackoverflow"
},
{
"cve": "CVE-2022-40150",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135770"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. If the parser is running on user-supplied input, an attacker may supply content that causes the parser to crash, causing memory exhaustion. This effect may support a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: memory exhaustion via user-supplied XML or JSON data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40150"
},
{
"category": "external",
"summary": "RHBZ#2135770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40150",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40150"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150"
},
{
"category": "external",
"summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1",
"url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1"
}
],
"release_date": "2022-09-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-19T10:15:57+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3663"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.src",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jettison: memory exhaustion via user-supplied XML or JSON data"
},
{
"cve": "CVE-2022-41966",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2023-02-16T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2170431"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the xstream package. This flaw allows an attacker to cause a denial of service by injecting recursive collections or maps, raising a stack overflow.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "xstream: Denial of Service by injecting recursive collections or maps based on element\u0027s hash values raising a stack overflow",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Fuse 7 ships an affected version of XStream. No endpoint in any flavor of Fuse is accepting by default an unverified input stream passed directly to XStream unmarshaller. Documentation always recommend all the endpoints (TCP/UDP/HTTP(S)/other listeners) to have at least one layer of authentication/authorization and Fuse in general itself in particular has a lot of mechanisms to protect the endpoints.\n\nRed Hat Single Sign-On contains XStream as a transitive dependency from Infinispan and the same is not affected as NO_REFERENCE is in use.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41966"
},
{
"category": "external",
"summary": "RHBZ#2170431",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170431"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41966",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41966"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41966",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41966"
},
{
"category": "external",
"summary": "https://github.com/x-stream/xstream/security/advisories/GHSA-j563-grx4-pjpv",
"url": "https://github.com/x-stream/xstream/security/advisories/GHSA-j563-grx4-pjpv"
}
],
"release_date": "2022-12-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-19T10:15:57+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3663"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.src",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "xstream: Denial of Service by injecting recursive collections or maps based on element\u0027s hash values raising a stack overflow"
},
{
"cve": "CVE-2022-42003",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135244"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42003"
},
{
"category": "external",
"summary": "RHBZ#2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-19T10:15:57+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3663"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.src",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS"
},
{
"cve": "CVE-2022-42004",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135247"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: use of deeply nested arrays",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42004"
},
{
"category": "external",
"summary": "RHBZ#2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-19T10:15:57+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3663"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.src",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: use of deeply nested arrays"
},
{
"cve": "CVE-2023-1370",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2023-04-21T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2188542"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the json-smart package. This security flaw occurs when reaching a \u2018[\u2018 or \u2018{\u2018 character in the JSON input, and the code parses an array or an object, respectively. The 3PP does not have any limit to the nesting of such arrays or objects. Since nested arrays and objects are parsed recursively, nesting too many of them can cause stack exhaustion (stack overflow) and crash the software.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-1370"
},
{
"category": "external",
"summary": "RHBZ#2188542",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2188542"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-1370",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1370"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-1370",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1370"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-493p-pfq6-5258",
"url": "https://github.com/advisories/GHSA-493p-pfq6-5258"
},
{
"category": "external",
"summary": "https://research.jfrog.com/vulnerabilities/stack-exhaustion-in-json-smart-leads-to-denial-of-service-when-parsing-malformed-json-xray-427633/",
"url": "https://research.jfrog.com/vulnerabilities/stack-exhaustion-in-json-smart-leads-to-denial-of-service-when-parsing-malformed-json-xray-427633/"
}
],
"release_date": "2023-03-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-19T10:15:57+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3663"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.src",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion)"
},
{
"cve": "CVE-2023-1436",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2023-03-29T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2182788"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jettison. Infinite recursion is triggered in Jettison when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. This issue leads to a StackOverflowError exception being thrown.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: Uncontrolled Recursion in JSONArray",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-1436"
},
{
"category": "external",
"summary": "RHBZ#2182788",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182788"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-1436",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1436"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-1436",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1436"
},
{
"category": "external",
"summary": "https://research.jfrog.com/vulnerabilities/jettison-json-array-dos-xray-427911/",
"url": "https://research.jfrog.com/vulnerabilities/jettison-json-array-dos-xray-427911/"
}
],
"release_date": "2023-03-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-19T10:15:57+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3663"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.src",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jettison: Uncontrolled Recursion in JSONArray"
},
{
"cve": "CVE-2023-20860",
"cwe": {
"id": "CWE-155",
"name": "Improper Neutralization of Wildcards or Matching Symbols"
},
"discovery_date": "2023-03-21T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2180528"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Spring Framework. In this vulnerability, a security bypass is possible due to the behavior of the wildcard pattern.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "springframework: Security Bypass With Un-Prefixed Double Wildcard Pattern",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-20860"
},
{
"category": "external",
"summary": "RHBZ#2180528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2180528"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-20860",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20860"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-20860",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-20860"
},
{
"category": "external",
"summary": "https://spring.io/blog/2023/03/20/spring-framework-6-0-7-and-5-3-26-fix-cve-2023-20860-and-cve-2023-20861",
"url": "https://spring.io/blog/2023/03/20/spring-framework-6-0-7-and-5-3-26-fix-cve-2023-20860-and-cve-2023-20861"
}
],
"release_date": "2023-03-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-19T10:15:57+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3663"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.src",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "springframework: Security Bypass With Un-Prefixed Double Wildcard Pattern"
},
{
"cve": "CVE-2023-26464",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-03-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2182864"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Chainsaw and SocketAppender components with Log4j 1.x on JRE, less than 1.7. This issue may allow an attacker to use a logging entry with a specially-crafted hashmap or hashtable, depending on which logging component is in use, to process and exhaust the available memory in the virtual machine, resulting in a Denial of Service when the object is deserialized. This issue affects Apache Log4j before version 2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j1-socketappender: DoS via hashmap logging",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 8 and 9 security impacts have been reduced to Low as they do not enable the vulnerable JDK by default.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-26464"
},
{
"category": "external",
"summary": "RHBZ#2182864",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182864"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-26464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26464"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-26464",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26464"
},
{
"category": "external",
"summary": "https://www.ibm.com/support/pages/security-bulletin-vulnerability-log4j-1216jar-affect-ibm-operations-analytics-log-analysis-cve-2023-26464",
"url": "https://www.ibm.com/support/pages/security-bulletin-vulnerability-log4j-1216jar-affect-ibm-operations-analytics-log-analysis-cve-2023-26464"
}
],
"release_date": "2023-03-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-19T10:15:57+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3663"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.src",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.src",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "log4j1-socketappender: DoS via hashmap logging"
},
{
"cve": "CVE-2023-27898",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2023-03-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2177629"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jenkins. Affected versions of Jenkins do not escape the Jenkins version that a plugin depends on when rendering the error message stating its incompatibility with the current version of Jenkins in the plugin manager. This issue results in a stored Cross-site scripting (XSS) vulnerability, exploitable by attackers able to provide plugins to the configured update sites and have this message shown by Jenkins instances.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Jenkins: XSS vulnerability in plugin manager",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is already in the ELS support model phase. The Jenkins components are out of the scope of the ELS support; hence OpenShift 3.11 Jenkins component is marked in this CVE as Out of Support Scope.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-27898"
},
{
"category": "external",
"summary": "RHBZ#2177629",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177629"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-27898",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27898"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-27898",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27898"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-03-08/#SECURITY-3037",
"url": "https://www.jenkins.io/security/advisory/2023-03-08/#SECURITY-3037"
}
],
"release_date": "2023-03-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-19T10:15:57+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3663"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.src",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Jenkins: XSS vulnerability in plugin manager"
},
{
"cve": "CVE-2023-27899",
"cwe": {
"id": "CWE-378",
"name": "Creation of Temporary File With Insecure Permissions"
},
"discovery_date": "2023-03-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2177626"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jenkins. Jenkins creates a temporary file when a plugin is uploaded from an administrator\u2019s computer. If these permissions are overly permissive, they may allow attackers with access to the Jenkins controller file system to read and write the file before it is installed in Jenkins, potentially resulting in arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Jenkins: Temporary plugin file created with insecure permissions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is already in the ELS support model phase. The Jenkins components are out of the scope of the ELS support; hence OpenShift 3.11 Jenkins component is marked in this CVE as Out of Support Scope.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-27899"
},
{
"category": "external",
"summary": "RHBZ#2177626",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177626"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-27899",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27899"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-27899",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27899"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-03-08/#SECURITY-2823",
"url": "https://www.jenkins.io/security/advisory/2023-03-08/#SECURITY-2823"
}
],
"release_date": "2023-03-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-19T10:15:57+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3663"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.src",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Jenkins: Temporary plugin file created with insecure permissions"
},
{
"cve": "CVE-2023-27903",
"cwe": {
"id": "CWE-266",
"name": "Incorrect Privilege Assignment"
},
"discovery_date": "2023-03-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2177632"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jenkins. When triggering a build from the Jenkins CLI, Jenkins creates a temporary file on the controller if a file parameter is provided through the CLI\u2019s standard input. Affected versions of Jenkins create this temporary file in the default temporary directory with the default permissions for newly created files. If these permissions are overly permissive, they may allow attackers with access to the Jenkins controller file system to read and write the file before it is used in the build.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Jenkins: Temporary file parameter created with insecure permissions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is already in the ELS support model phase. The Jenkins components are out of the scope of the ELS support; hence OpenShift 3.11 Jenkins component is marked in this CVE as Out of Support Scope.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-27903"
},
{
"category": "external",
"summary": "RHBZ#2177632",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177632"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-27903",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27903"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-27903",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27903"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-03-08/#SECURITY-3058",
"url": "https://www.jenkins.io/security/advisory/2023-03-08/#SECURITY-3058"
}
],
"release_date": "2023-03-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-19T10:15:57+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3663"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.src",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "Jenkins: Temporary file parameter created with insecure permissions"
},
{
"cve": "CVE-2023-27904",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2023-03-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2177634"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jenkins. The affected version of Jenkins prints an error stack trace on agent-related pages when agent connections are broken. This stack trace may contain information about Jenkins configuration that is otherwise inaccessible to attackers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Jenkins: Information disclosure through error stack traces related to agents",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is already in the ELS support model phase. The Jenkins components are out of the scope of the ELS support; hence OpenShift 3.11 Jenkins component is marked in this CVE as Out of Support Scope.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-27904"
},
{
"category": "external",
"summary": "RHBZ#2177634",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177634"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-27904",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27904"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-27904",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27904"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-03-08/#SECURITY-2120",
"url": "https://www.jenkins.io/security/advisory/2023-03-08/#SECURITY-2120"
}
],
"release_date": "2023-03-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-19T10:15:57+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3663"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.src",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "Jenkins: Information disclosure through error stack traces related to agents"
},
{
"cve": "CVE-2023-32977",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2023-05-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2207830"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Jenkins Pipeline: Job Plugin. Affected versions of Jenkins Pipeline: Job Plugin are vulnerable to Cross-site scripting caused by improper validation of user-supplied input. This flaw allows a remote authenticated attacker to inject malicious script into a Web page, which would then be executed in a victim\u0027s Web browser within the security context of the hosting Web site once the page is viewed. The attacker could use this vulnerability to steal the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-2-plugin: workflow-job: Stored XSS vulnerability in Pipeline: Job Plugin",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is in ELS. Jenkins and its related technologies will not be supported under ELS. Hence, OpenShift 3.11 is marked as affected/won\u0027tfix.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-32977"
},
{
"category": "external",
"summary": "RHBZ#2207830",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2207830"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-32977",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32977"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-32977",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-32977"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-05-16/#SECURITY-3042",
"url": "https://www.jenkins.io/security/advisory/2023-05-16/#SECURITY-3042"
}
],
"release_date": "2023-05-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-19T10:15:57+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3663"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.src",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jenkins-2-plugin: workflow-job: Stored XSS vulnerability in Pipeline: Job Plugin"
},
{
"cve": "CVE-2023-32981",
"discovery_date": "2023-05-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2207835"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Jenkins Pipeline Utility Steps Plugin. This flaw allows a remote, authenticated attacker to traverse directories on the system, caused by improper archive file validation. The attacker can use a specially crafted archive file containing \"dot dot\" sequences (/../) to create or replace arbitrary files on the agent file system with attacker-specified content.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-2-plugin: pipeline-utility-steps: Arbitrary file write vulnerability on agents in Pipeline Utility Steps Plugin",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is in ELS. Jenkins and its related technologies will not be supported under ELS. Hence, OpenShift 3.11 is marked as affected/won\u0027tfix.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-32981"
},
{
"category": "external",
"summary": "RHBZ#2207835",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2207835"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-32981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32981"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-32981",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-32981"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-05-16/#SECURITY-2196",
"url": "https://www.jenkins.io/security/advisory/2023-05-16/#SECURITY-2196"
}
],
"release_date": "2023-05-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-19T10:15:57+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3663"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.401.1.1686831596-3.el8.src",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1686831822-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins-2-plugin: pipeline-utility-steps: Arbitrary file write vulnerability on agents in Pipeline Utility Steps Plugin"
}
]
}
WID-SEC-W-2022-0614
Vulnerability from csaf_certbund - Published: 2022-07-07 22:00 - Updated: 2025-04-23 22:00Summary
Eclipse Jetty: Mehrere Schwachstellen
Severity
Mittel
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Eclipse Jetty ist ein Java-HTTP-Server und Java-Servlet-Container.
Angriff: Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Eclipse Jetty ausnutzen, um einen Denial of Service Angriff durchzuführen und Informationen zu manipulieren.
Betroffene Betriebssysteme: - Linux
- Sonstiges
- UNIX
- Windows
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Broadcom Brocade SANnav <2.3.1a
Broadcom / Brocade SANnav
|
<2.3.1a | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM Integration Bus
IBM
|
cpe:/a:ibm:integration_bus:-
|
— | |
|
Hitachi Ops Center
Hitachi
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
IBM QRadar SIEM 7.5
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5
|
7.5 | |
|
IBM Tivoli Netcool/OMNIbus 8.1.0
IBM / Tivoli Netcool/OMNIbus
|
cpe:/a:ibm:tivoli_netcool%2fomnibus:8.1.0
|
8.1.0 | |
|
IBM Installation Manager 1.4-1.10.1.0
IBM / Installation Manager
|
cpe:/a:ibm:installation_manager:1.4_-_1.10.1.0
|
1.4-1.10.1.0 | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
IBM InfoSphere Information Server 11.7
IBM / InfoSphere Information Server
|
cpe:/a:ibm:infosphere_information_server:11.7
|
11.7 | |
|
Eclipse Jetty <9.4.48
Eclipse / Jetty
|
<9.4.48 | ||
|
IBM Rational Change 5.3.2.4
IBM / Rational Change
|
cpe:/a:ibm:rational_change:5.3.2.4
|
5.3.2.4 | |
|
IBM Tivoli Network Manager 4.2.0
IBM / Tivoli Network Manager
|
cpe:/a:ibm:tivoli_network_manager:4.2.0
|
4.2.0 | |
|
Eclipse Jetty <10.0.11
Eclipse / Jetty
|
<10.0.11 | ||
|
JFrog Artifactory <7.46.3
JFrog / Artifactory
|
<7.46.3 | ||
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 | |
|
Eclipse Jetty <11.0.11
Eclipse / Jetty
|
<11.0.11 | ||
|
IBM Maximo Asset Management 7.6.1.3
IBM / Maximo Asset Management
|
cpe:/a:ibm:maximo_asset_management:7.6.1.3
|
7.6.1.3 | |
|
IBM Spectrum Protect <10.1.14
IBM / Spectrum Protect
|
<10.1.14 |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Broadcom Brocade SANnav <2.3.1a
Broadcom / Brocade SANnav
|
<2.3.1a | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM Integration Bus
IBM
|
cpe:/a:ibm:integration_bus:-
|
— | |
|
Hitachi Ops Center
Hitachi
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
IBM QRadar SIEM 7.5
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5
|
7.5 | |
|
IBM Tivoli Netcool/OMNIbus 8.1.0
IBM / Tivoli Netcool/OMNIbus
|
cpe:/a:ibm:tivoli_netcool%2fomnibus:8.1.0
|
8.1.0 | |
|
IBM Installation Manager 1.4-1.10.1.0
IBM / Installation Manager
|
cpe:/a:ibm:installation_manager:1.4_-_1.10.1.0
|
1.4-1.10.1.0 | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
IBM InfoSphere Information Server 11.7
IBM / InfoSphere Information Server
|
cpe:/a:ibm:infosphere_information_server:11.7
|
11.7 | |
|
Eclipse Jetty <9.4.48
Eclipse / Jetty
|
<9.4.48 | ||
|
IBM Rational Change 5.3.2.4
IBM / Rational Change
|
cpe:/a:ibm:rational_change:5.3.2.4
|
5.3.2.4 | |
|
IBM Tivoli Network Manager 4.2.0
IBM / Tivoli Network Manager
|
cpe:/a:ibm:tivoli_network_manager:4.2.0
|
4.2.0 | |
|
Eclipse Jetty <10.0.11
Eclipse / Jetty
|
<10.0.11 | ||
|
JFrog Artifactory <7.46.3
JFrog / Artifactory
|
<7.46.3 | ||
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 | |
|
Eclipse Jetty <11.0.11
Eclipse / Jetty
|
<11.0.11 | ||
|
IBM Maximo Asset Management 7.6.1.3
IBM / Maximo Asset Management
|
cpe:/a:ibm:maximo_asset_management:7.6.1.3
|
7.6.1.3 | |
|
IBM Spectrum Protect <10.1.14
IBM / Spectrum Protect
|
<10.1.14 |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Broadcom Brocade SANnav <2.3.1a
Broadcom / Brocade SANnav
|
<2.3.1a | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM Integration Bus
IBM
|
cpe:/a:ibm:integration_bus:-
|
— | |
|
Hitachi Ops Center
Hitachi
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
IBM QRadar SIEM 7.5
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5
|
7.5 | |
|
IBM Tivoli Netcool/OMNIbus 8.1.0
IBM / Tivoli Netcool/OMNIbus
|
cpe:/a:ibm:tivoli_netcool%2fomnibus:8.1.0
|
8.1.0 | |
|
IBM Installation Manager 1.4-1.10.1.0
IBM / Installation Manager
|
cpe:/a:ibm:installation_manager:1.4_-_1.10.1.0
|
1.4-1.10.1.0 | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
IBM InfoSphere Information Server 11.7
IBM / InfoSphere Information Server
|
cpe:/a:ibm:infosphere_information_server:11.7
|
11.7 | |
|
Eclipse Jetty <9.4.48
Eclipse / Jetty
|
<9.4.48 | ||
|
IBM Rational Change 5.3.2.4
IBM / Rational Change
|
cpe:/a:ibm:rational_change:5.3.2.4
|
5.3.2.4 | |
|
IBM Tivoli Network Manager 4.2.0
IBM / Tivoli Network Manager
|
cpe:/a:ibm:tivoli_network_manager:4.2.0
|
4.2.0 | |
|
Eclipse Jetty <10.0.11
Eclipse / Jetty
|
<10.0.11 | ||
|
JFrog Artifactory <7.46.3
JFrog / Artifactory
|
<7.46.3 | ||
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 | |
|
Eclipse Jetty <11.0.11
Eclipse / Jetty
|
<11.0.11 | ||
|
IBM Maximo Asset Management 7.6.1.3
IBM / Maximo Asset Management
|
cpe:/a:ibm:maximo_asset_management:7.6.1.3
|
7.6.1.3 | |
|
IBM Spectrum Protect <10.1.14
IBM / Spectrum Protect
|
<10.1.14 |
References
21 references
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Eclipse Jetty ist ein Java-HTTP-Server und Java-Servlet-Container.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Eclipse Jetty ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren und Informationen zu manipulieren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2022-0614 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-0614.json"
},
{
"category": "self",
"summary": "WID-SEC-2022-0614 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0614"
},
{
"category": "external",
"summary": "Eclipse Jetty Security Advisory vom 2022-07-07",
"url": "https://www.eclipse.org/lists/jetty-announce/msg00171.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-5198 vom 2022-08-02",
"url": "https://lists.debian.org/debian-security-announce/2022/msg00167.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-3079 vom 2022-08-22",
"url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00011.html"
},
{
"category": "external",
"summary": "JFrog Fixed Security Vulnerabilities",
"url": "https://www.jfrog.com/confluence/display/JFROG/Fixed+Security+Vulnerabilities"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6825513 vom 2022-10-01",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-rational-change-fix-pack-04-for-5-3-2/"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6829321 vom 2022-10-15",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-eclipse-jetty-affect-ibm-infosphere-information-server/"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6831855 vom 2022-10-26",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-qradar-siem-is-vulnerable-to-using-components-with-known-vulnerabilities-14/"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:8652 vom 2022-11-28",
"url": "https://access.redhat.com/errata/RHSA-2022:8652"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6852233 vom 2022-12-30",
"url": "https://www.ibm.com/support/pages/node/6852233"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:0189 vom 2023-01-17",
"url": "https://access.redhat.com/errata/RHSA-2023:0189"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6959601 vom 2023-03-02",
"url": "https://www.ibm.com/support/pages/node/6959601"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6965698 vom 2023-03-23",
"url": "https://www.ibm.com/support/pages/node/6965698"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6965816 vom 2023-03-24",
"url": "https://www.ibm.com/support/pages/node/6965816"
},
{
"category": "external",
"summary": "Hitachi Software Vulnerability Information hitachi-sec-2023-117 vom 2023-05-23",
"url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-117/index.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7014699 vom 2023-07-26",
"url": "https://www.ibm.com/support/pages/node/7014699"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7082766 vom 2023-11-28",
"url": "https://www.ibm.com/support/pages/node/7082766"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7153639 vom 2024-05-17",
"url": "https://www.ibm.com/support/pages/node/7153639"
},
{
"category": "external",
"summary": "Brocade Security Advisory BSA-2024-2756 vom 2024-11-02",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25087"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7231640 vom 2025-04-23",
"url": "https://www.ibm.com/support/pages/node/7231640"
}
],
"source_lang": "en-US",
"title": "Eclipse Jetty: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-04-23T22:00:00.000+00:00",
"generator": {
"date": "2025-04-24T08:12:11.586+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.12"
}
},
"id": "WID-SEC-W-2022-0614",
"initial_release_date": "2022-07-07T22:00:00.000+00:00",
"revision_history": [
{
"date": "2022-07-07T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2022-08-02T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2022-08-21T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2022-10-03T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2022-10-16T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2022-10-25T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2022-11-28T23:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-01-01T23:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2023-01-17T23:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-03-02T23:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2023-03-22T23:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2023-03-23T23:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2023-05-22T22:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von HITACHI aufgenommen"
},
{
"date": "2023-07-26T22:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2023-11-27T23:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-05-16T22:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-11-03T23:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von BROCADE aufgenommen"
},
{
"date": "2025-04-23T22:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von IBM aufgenommen"
}
],
"status": "final",
"version": "18"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c2.3.1a",
"product": {
"name": "Broadcom Brocade SANnav \u003c2.3.1a",
"product_id": "T038317"
}
},
{
"category": "product_version",
"name": "2.3.1a",
"product": {
"name": "Broadcom Brocade SANnav 2.3.1a",
"product_id": "T038317-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:broadcom:brocade_sannav:2.3.1a"
}
}
}
],
"category": "product_name",
"name": "Brocade SANnav"
}
],
"category": "vendor",
"name": "Broadcom"
},
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c9.4.48",
"product": {
"name": "Eclipse Jetty \u003c9.4.48",
"product_id": "T023771"
}
},
{
"category": "product_version",
"name": "9.4.48",
"product": {
"name": "Eclipse Jetty 9.4.48",
"product_id": "T023771-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:eclipse:jetty:9.4.48"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.0.11",
"product": {
"name": "Eclipse Jetty \u003c10.0.11",
"product_id": "T023772"
}
},
{
"category": "product_version",
"name": "10.0.11",
"product": {
"name": "Eclipse Jetty 10.0.11",
"product_id": "T023772-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:eclipse:jetty:10.0.11"
}
}
},
{
"category": "product_version_range",
"name": "\u003c11.0.11",
"product": {
"name": "Eclipse Jetty \u003c11.0.11",
"product_id": "T023773"
}
},
{
"category": "product_version",
"name": "11.0.11",
"product": {
"name": "Eclipse Jetty 11.0.11",
"product_id": "T023773-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:eclipse:jetty:11.0.11"
}
}
}
],
"category": "product_name",
"name": "Jetty"
}
],
"category": "vendor",
"name": "Eclipse"
},
{
"branches": [
{
"category": "product_name",
"name": "Hitachi Ops Center",
"product": {
"name": "Hitachi Ops Center",
"product_id": "T017562",
"product_identification_helper": {
"cpe": "cpe:/a:hitachi:ops_center:-"
}
}
}
],
"category": "vendor",
"name": "Hitachi"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "11.7",
"product": {
"name": "IBM InfoSphere Information Server 11.7",
"product_id": "444803",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:infosphere_information_server:11.7"
}
}
}
],
"category": "product_name",
"name": "InfoSphere Information Server"
},
{
"branches": [
{
"category": "product_version",
"name": "1.4-1.10.1.0",
"product": {
"name": "IBM Installation Manager 1.4-1.10.1.0",
"product_id": "T043115",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:installation_manager:1.4_-_1.10.1.0"
}
}
}
],
"category": "product_name",
"name": "Installation Manager"
},
{
"category": "product_name",
"name": "IBM Integration Bus",
"product": {
"name": "IBM Integration Bus",
"product_id": "T011169",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:integration_bus:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "7.6.1.3",
"product": {
"name": "IBM Maximo Asset Management 7.6.1.3",
"product_id": "1234217",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:maximo_asset_management:7.6.1.3"
}
}
}
],
"category": "product_name",
"name": "Maximo Asset Management"
},
{
"branches": [
{
"category": "product_version",
"name": "7.5",
"product": {
"name": "IBM QRadar SIEM 7.5",
"product_id": "T022954",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:qradar_siem:7.5"
}
}
},
{
"category": "product_version",
"name": "7.4",
"product": {
"name": "IBM QRadar SIEM 7.4",
"product_id": "T024775",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:qradar_siem:7.4"
}
}
}
],
"category": "product_name",
"name": "QRadar SIEM"
},
{
"branches": [
{
"category": "product_version",
"name": "5.3.2.4",
"product": {
"name": "IBM Rational Change 5.3.2.4",
"product_id": "T024761",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:rational_change:5.3.2.4"
}
}
}
],
"category": "product_name",
"name": "Rational Change"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.1.14",
"product": {
"name": "IBM Spectrum Protect \u003c10.1.14",
"product_id": "T026783"
}
},
{
"category": "product_version",
"name": "10.1.14",
"product": {
"name": "IBM Spectrum Protect 10.1.14",
"product_id": "T026783-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:spectrum_protect:10.1.14"
}
}
}
],
"category": "product_name",
"name": "Spectrum Protect"
},
{
"branches": [
{
"category": "product_version",
"name": "8.1.0",
"product": {
"name": "IBM Tivoli Netcool/OMNIbus 8.1.0",
"product_id": "T025729",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_netcool%2fomnibus:8.1.0"
}
}
}
],
"category": "product_name",
"name": "Tivoli Netcool/OMNIbus"
},
{
"branches": [
{
"category": "product_version",
"name": "4.2.0",
"product": {
"name": "IBM Tivoli Network Manager 4.2.0",
"product_id": "T025751",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_network_manager:4.2.0"
}
}
}
],
"category": "product_name",
"name": "Tivoli Network Manager"
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c7.46.3",
"product": {
"name": "JFrog Artifactory \u003c7.46.3",
"product_id": "T024764"
}
},
{
"category": "product_version",
"name": "7.46.3",
"product": {
"name": "JFrog Artifactory 7.46.3",
"product_id": "T024764-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:jfrog:artifactory:7.46.3"
}
}
}
],
"category": "product_name",
"name": "Artifactory"
}
],
"category": "vendor",
"name": "JFrog"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-2048",
"product_status": {
"known_affected": [
"T038317",
"67646",
"T011169",
"T017562",
"T022954",
"T025729",
"T043115",
"2951",
"444803",
"T023771",
"T024761",
"T025751",
"T023772",
"T024764",
"T024775",
"T023773",
"1234217",
"T026783"
]
},
"release_date": "2022-07-07T22:00:00.000+00:00",
"title": "CVE-2022-2048"
},
{
"cve": "CVE-2022-2191",
"product_status": {
"known_affected": [
"T038317",
"67646",
"T011169",
"T017562",
"T022954",
"T025729",
"T043115",
"2951",
"444803",
"T023771",
"T024761",
"T025751",
"T023772",
"T024764",
"T024775",
"T023773",
"1234217",
"T026783"
]
},
"release_date": "2022-07-07T22:00:00.000+00:00",
"title": "CVE-2022-2191"
},
{
"cve": "CVE-2022-2047",
"product_status": {
"known_affected": [
"T038317",
"67646",
"T011169",
"T017562",
"T022954",
"T025729",
"T043115",
"2951",
"444803",
"T023771",
"T024761",
"T025751",
"T023772",
"T024764",
"T024775",
"T023773",
"1234217",
"T026783"
]
},
"release_date": "2022-07-07T22:00:00.000+00:00",
"title": "CVE-2022-2047"
}
]
}
WID-SEC-W-2022-1373
Vulnerability from csaf_certbund - Published: 2022-09-11 22:00 - Updated: 2023-06-19 22:00Summary
Jenkins: Schwachstelle ermöglicht Denial of Service
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Jenkins ist ein erweiterbarer, webbasierter Integration Server zur kontinuierlichen Unterstützung bei Softwareentwicklungen aller Art.
Angriff: Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Jenkins ausnutzen, um einen Denial of Service Angriff durchzuführen.
Betroffene Betriebssysteme: - UNIX
- Linux
- Windows
- Sonstiges
Es existiert eine Schwachstelle in Jenkins. Der Fehler liegt in der Behandlung von ungültigen HTTP/2-Anfragen durch Jetty. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu verursachen.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
JFrog Artifactory < 7.46.3
JFrog
|
cpe:/a:jfrog:artifactory:7.46.3
|
— |
References
6 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Jenkins ist ein erweiterbarer, webbasierter Integration Server zur kontinuierlichen Unterst\u00fctzung bei Softwareentwicklungen aller Art.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Jenkins ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- UNIX\n- Linux\n- Windows\n- Sonstiges",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2022-1373 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-1373.json"
},
{
"category": "self",
"summary": "WID-SEC-2022-1373 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1373"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:3663 vom 2023-06-19",
"url": "https://access.redhat.com/errata/RHSA-2023:3663"
},
{
"category": "external",
"summary": "Jenkins Security Advisory 2022-09-09 vom 2022-09-11",
"url": "https://www.jenkins.io/security/advisory/2022-09-09/"
},
{
"category": "external",
"summary": "JFrog Fixed Security Vulnerabilities",
"url": "https://www.jfrog.com/confluence/display/JFROG/Fixed+Security+Vulnerabilities"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:0017 vom 2023-01-12",
"url": "https://access.redhat.com/errata/RHSA-2023:0017"
}
],
"source_lang": "en-US",
"title": "Jenkins: Schwachstelle erm\u00f6glicht Denial of Service",
"tracking": {
"current_release_date": "2023-06-19T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:34:58.348+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2022-1373",
"initial_release_date": "2022-09-11T22:00:00.000+00:00",
"revision_history": [
{
"date": "2022-09-11T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2022-10-03T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2023-01-12T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-06-19T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Red Hat aufgenommen"
}
],
"status": "final",
"version": "4"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "JFrog Artifactory \u003c 7.46.3",
"product": {
"name": "JFrog Artifactory \u003c 7.46.3",
"product_id": "T024764",
"product_identification_helper": {
"cpe": "cpe:/a:jfrog:artifactory:7.46.3"
}
}
}
],
"category": "vendor",
"name": "JFrog"
},
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Jenkins Jenkins weekly \u003c 2.363",
"product": {
"name": "Jenkins Jenkins weekly \u003c 2.363",
"product_id": "T024525",
"product_identification_helper": {
"cpe": "cpe:/a:cloudbees:jenkins:weekly__2.363"
}
}
},
{
"category": "product_name",
"name": "Jenkins Jenkins LTS \u003c 2.361.1",
"product": {
"name": "Jenkins Jenkins LTS \u003c 2.361.1",
"product_id": "T024526",
"product_identification_helper": {
"cpe": "cpe:/a:cloudbees:jenkins:lts__2.361.1"
}
}
}
],
"category": "product_name",
"name": "Jenkins"
}
],
"category": "vendor",
"name": "Jenkins"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-2048",
"notes": [
{
"category": "description",
"text": "Es existiert eine Schwachstelle in Jenkins. Der Fehler liegt in der Behandlung von ung\u00fcltigen HTTP/2-Anfragen durch Jetty. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu verursachen."
}
],
"product_status": {
"known_affected": [
"67646",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2022-2048"
}
]
}
WID-SEC-W-2023-0027
Vulnerability from csaf_certbund - Published: 2023-01-04 23:00 - Updated: 2023-02-23 23:00Summary
IBM Tivoli Network Manager: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: IBM Tivoli Network Manager ist eine Netzanalysesoftware für das Management komplexer Netze. Diese Software erfasst und verteilt Layer-2- und Layer-3-Netzdaten.
Angriff: Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in IBM Tivoli Network Manager ausnutzen, um Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen und nicht spezifizierte Auswirkungen zu verursachen.
Betroffene Betriebssysteme: - Linux
- Sonstiges
In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen in verschiedenen Komponenten von Drittanbietern wie Google Web Toolkit, Eclipse BIRT, Apache Batik, Apache Derby, Eclipse Equinox, FasterXML jackson-databind, Eclipse Jetty, Netty und JDBC. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen und nicht spezifizierte Auswirkungen zu verursachen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Tivoli Network Manager 4.2.0
IBM / Tivoli Network Manager
|
cpe:/a:ibm:tivoli_network_manager:4.2.0
|
— |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Tivoli Network Manager <= 4.2.0.15
IBM / Tivoli Network Manager
|
cpe:/a:ibm:tivoli_network_manager:4.2.0.15
|
— |
In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen in verschiedenen Komponenten von Drittanbietern wie Google Web Toolkit, Eclipse BIRT, Apache Batik, Apache Derby, Eclipse Equinox, FasterXML jackson-databind, Eclipse Jetty, Netty und JDBC. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen und nicht spezifizierte Auswirkungen zu verursachen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Tivoli Network Manager 4.2.0
IBM / Tivoli Network Manager
|
cpe:/a:ibm:tivoli_network_manager:4.2.0
|
— |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Tivoli Network Manager <= 4.2.0.15
IBM / Tivoli Network Manager
|
cpe:/a:ibm:tivoli_network_manager:4.2.0.15
|
— |
In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen in verschiedenen Komponenten von Drittanbietern wie Google Web Toolkit, Eclipse BIRT, Apache Batik, Apache Derby, Eclipse Equinox, FasterXML jackson-databind, Eclipse Jetty, Netty und JDBC. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen und nicht spezifizierte Auswirkungen zu verursachen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Tivoli Network Manager 4.2.0
IBM / Tivoli Network Manager
|
cpe:/a:ibm:tivoli_network_manager:4.2.0
|
— |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Tivoli Network Manager <= 4.2.0.15
IBM / Tivoli Network Manager
|
cpe:/a:ibm:tivoli_network_manager:4.2.0.15
|
— |
In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen in verschiedenen Komponenten von Drittanbietern wie Google Web Toolkit, Eclipse BIRT, Apache Batik, Apache Derby, Eclipse Equinox, FasterXML jackson-databind, Eclipse Jetty, Netty und JDBC. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen und nicht spezifizierte Auswirkungen zu verursachen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Tivoli Network Manager 4.2.0
IBM / Tivoli Network Manager
|
cpe:/a:ibm:tivoli_network_manager:4.2.0
|
— |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Tivoli Network Manager <= 4.2.0.15
IBM / Tivoli Network Manager
|
cpe:/a:ibm:tivoli_network_manager:4.2.0.15
|
— |
In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen in verschiedenen Komponenten von Drittanbietern wie Google Web Toolkit, Eclipse BIRT, Apache Batik, Apache Derby, Eclipse Equinox, FasterXML jackson-databind, Eclipse Jetty, Netty und JDBC. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen und nicht spezifizierte Auswirkungen zu verursachen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Tivoli Network Manager 4.2.0
IBM / Tivoli Network Manager
|
cpe:/a:ibm:tivoli_network_manager:4.2.0
|
— |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Tivoli Network Manager <= 4.2.0.15
IBM / Tivoli Network Manager
|
cpe:/a:ibm:tivoli_network_manager:4.2.0.15
|
— |
In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen in verschiedenen Komponenten von Drittanbietern wie Google Web Toolkit, Eclipse BIRT, Apache Batik, Apache Derby, Eclipse Equinox, FasterXML jackson-databind, Eclipse Jetty, Netty und JDBC. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen und nicht spezifizierte Auswirkungen zu verursachen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Tivoli Network Manager 4.2.0
IBM / Tivoli Network Manager
|
cpe:/a:ibm:tivoli_network_manager:4.2.0
|
— |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Tivoli Network Manager <= 4.2.0.15
IBM / Tivoli Network Manager
|
cpe:/a:ibm:tivoli_network_manager:4.2.0.15
|
— |
In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen in verschiedenen Komponenten von Drittanbietern wie Google Web Toolkit, Eclipse BIRT, Apache Batik, Apache Derby, Eclipse Equinox, FasterXML jackson-databind, Eclipse Jetty, Netty und JDBC. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen und nicht spezifizierte Auswirkungen zu verursachen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Tivoli Network Manager 4.2.0
IBM / Tivoli Network Manager
|
cpe:/a:ibm:tivoli_network_manager:4.2.0
|
— |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Tivoli Network Manager <= 4.2.0.15
IBM / Tivoli Network Manager
|
cpe:/a:ibm:tivoli_network_manager:4.2.0.15
|
— |
In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen in verschiedenen Komponenten von Drittanbietern wie Google Web Toolkit, Eclipse BIRT, Apache Batik, Apache Derby, Eclipse Equinox, FasterXML jackson-databind, Eclipse Jetty, Netty und JDBC. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen und nicht spezifizierte Auswirkungen zu verursachen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Tivoli Network Manager 4.2.0
IBM / Tivoli Network Manager
|
cpe:/a:ibm:tivoli_network_manager:4.2.0
|
— |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Tivoli Network Manager <= 4.2.0.15
IBM / Tivoli Network Manager
|
cpe:/a:ibm:tivoli_network_manager:4.2.0.15
|
— |
In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen in verschiedenen Komponenten von Drittanbietern wie Google Web Toolkit, Eclipse BIRT, Apache Batik, Apache Derby, Eclipse Equinox, FasterXML jackson-databind, Eclipse Jetty, Netty und JDBC. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen und nicht spezifizierte Auswirkungen zu verursachen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Tivoli Network Manager 4.2.0
IBM / Tivoli Network Manager
|
cpe:/a:ibm:tivoli_network_manager:4.2.0
|
— |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Tivoli Network Manager <= 4.2.0.15
IBM / Tivoli Network Manager
|
cpe:/a:ibm:tivoli_network_manager:4.2.0.15
|
— |
In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen in verschiedenen Komponenten von Drittanbietern wie Google Web Toolkit, Eclipse BIRT, Apache Batik, Apache Derby, Eclipse Equinox, FasterXML jackson-databind, Eclipse Jetty, Netty und JDBC. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen und nicht spezifizierte Auswirkungen zu verursachen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Tivoli Network Manager 4.2.0
IBM / Tivoli Network Manager
|
cpe:/a:ibm:tivoli_network_manager:4.2.0
|
— |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Tivoli Network Manager <= 4.2.0.15
IBM / Tivoli Network Manager
|
cpe:/a:ibm:tivoli_network_manager:4.2.0.15
|
— |
In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen in verschiedenen Komponenten von Drittanbietern wie Google Web Toolkit, Eclipse BIRT, Apache Batik, Apache Derby, Eclipse Equinox, FasterXML jackson-databind, Eclipse Jetty, Netty und JDBC. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen und nicht spezifizierte Auswirkungen zu verursachen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Tivoli Network Manager 4.2.0
IBM / Tivoli Network Manager
|
cpe:/a:ibm:tivoli_network_manager:4.2.0
|
— |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Tivoli Network Manager <= 4.2.0.15
IBM / Tivoli Network Manager
|
cpe:/a:ibm:tivoli_network_manager:4.2.0.15
|
— |
In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen in verschiedenen Komponenten von Drittanbietern wie Google Web Toolkit, Eclipse BIRT, Apache Batik, Apache Derby, Eclipse Equinox, FasterXML jackson-databind, Eclipse Jetty, Netty und JDBC. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen und nicht spezifizierte Auswirkungen zu verursachen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Tivoli Network Manager 4.2.0
IBM / Tivoli Network Manager
|
cpe:/a:ibm:tivoli_network_manager:4.2.0
|
— |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Tivoli Network Manager <= 4.2.0.15
IBM / Tivoli Network Manager
|
cpe:/a:ibm:tivoli_network_manager:4.2.0.15
|
— |
In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen in verschiedenen Komponenten von Drittanbietern wie Google Web Toolkit, Eclipse BIRT, Apache Batik, Apache Derby, Eclipse Equinox, FasterXML jackson-databind, Eclipse Jetty, Netty und JDBC. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen und nicht spezifizierte Auswirkungen zu verursachen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Tivoli Network Manager 4.2.0
IBM / Tivoli Network Manager
|
cpe:/a:ibm:tivoli_network_manager:4.2.0
|
— |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Tivoli Network Manager <= 4.2.0.15
IBM / Tivoli Network Manager
|
cpe:/a:ibm:tivoli_network_manager:4.2.0.15
|
— |
In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen in verschiedenen Komponenten von Drittanbietern wie Google Web Toolkit, Eclipse BIRT, Apache Batik, Apache Derby, Eclipse Equinox, FasterXML jackson-databind, Eclipse Jetty, Netty und JDBC. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen und nicht spezifizierte Auswirkungen zu verursachen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Tivoli Network Manager 4.2.0
IBM / Tivoli Network Manager
|
cpe:/a:ibm:tivoli_network_manager:4.2.0
|
— |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Tivoli Network Manager <= 4.2.0.15
IBM / Tivoli Network Manager
|
cpe:/a:ibm:tivoli_network_manager:4.2.0.15
|
— |
References
7 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "IBM Tivoli Network Manager ist eine Netzanalysesoftware f\u00fcr das Management komplexer Netze. Diese Software erfasst und verteilt Layer-2- und Layer-3-Netzdaten.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in IBM Tivoli Network Manager ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und nicht spezifizierte Auswirkungen zu verursachen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- Sonstiges",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-0027 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-0027.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-0027 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0027"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6958056 vom 2023-02-24",
"url": "https://www.ibm.com/support/pages/node/6958056"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-01-04",
"url": "https://www.ibm.com/support/pages/node/6852633"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-01-04",
"url": "https://www.ibm.com/support/pages/node/6852613"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-01-04",
"url": "https://www.ibm.com/support/pages/node/6852611"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-01-04",
"url": "https://www.ibm.com/support/pages/node/6852609"
}
],
"source_lang": "en-US",
"title": "IBM Tivoli Network Manager: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2023-02-23T23:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:40:51.947+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2023-0027",
"initial_release_date": "2023-01-04T23:00:00.000+00:00",
"revision_history": [
{
"date": "2023-01-04T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2023-02-23T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von IBM aufgenommen"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "IBM Tivoli Network Manager \u003c= 4.2.0.15",
"product": {
"name": "IBM Tivoli Network Manager \u003c= 4.2.0.15",
"product_id": "T024051",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_network_manager:4.2.0.15"
}
}
},
{
"category": "product_name",
"name": "IBM Tivoli Network Manager 4.2.0",
"product": {
"name": "IBM Tivoli Network Manager 4.2.0",
"product_id": "T025751",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_network_manager:4.2.0"
}
}
}
],
"category": "product_name",
"name": "Tivoli Network Manager"
}
],
"category": "vendor",
"name": "IBM"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-24823",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen in verschiedenen Komponenten von Drittanbietern wie Google Web Toolkit, Eclipse BIRT, Apache Batik, Apache Derby, Eclipse Equinox, FasterXML jackson-databind, Eclipse Jetty, Netty und JDBC. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und nicht spezifizierte Auswirkungen zu verursachen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025751"
],
"last_affected": [
"T024051"
]
},
"release_date": "2023-01-04T23:00:00.000+00:00",
"title": "CVE-2022-24823"
},
{
"cve": "CVE-2022-2048",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen in verschiedenen Komponenten von Drittanbietern wie Google Web Toolkit, Eclipse BIRT, Apache Batik, Apache Derby, Eclipse Equinox, FasterXML jackson-databind, Eclipse Jetty, Netty und JDBC. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und nicht spezifizierte Auswirkungen zu verursachen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025751"
],
"last_affected": [
"T024051"
]
},
"release_date": "2023-01-04T23:00:00.000+00:00",
"title": "CVE-2022-2048"
},
{
"cve": "CVE-2022-2047",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen in verschiedenen Komponenten von Drittanbietern wie Google Web Toolkit, Eclipse BIRT, Apache Batik, Apache Derby, Eclipse Equinox, FasterXML jackson-databind, Eclipse Jetty, Netty und JDBC. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und nicht spezifizierte Auswirkungen zu verursachen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025751"
],
"last_affected": [
"T024051"
]
},
"release_date": "2023-01-04T23:00:00.000+00:00",
"title": "CVE-2022-2047"
},
{
"cve": "CVE-2021-41033",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen in verschiedenen Komponenten von Drittanbietern wie Google Web Toolkit, Eclipse BIRT, Apache Batik, Apache Derby, Eclipse Equinox, FasterXML jackson-databind, Eclipse Jetty, Netty und JDBC. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und nicht spezifizierte Auswirkungen zu verursachen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025751"
],
"last_affected": [
"T024051"
]
},
"release_date": "2023-01-04T23:00:00.000+00:00",
"title": "CVE-2021-41033"
},
{
"cve": "CVE-2020-36518",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen in verschiedenen Komponenten von Drittanbietern wie Google Web Toolkit, Eclipse BIRT, Apache Batik, Apache Derby, Eclipse Equinox, FasterXML jackson-databind, Eclipse Jetty, Netty und JDBC. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und nicht spezifizierte Auswirkungen zu verursachen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025751"
],
"last_affected": [
"T024051"
]
},
"release_date": "2023-01-04T23:00:00.000+00:00",
"title": "CVE-2020-36518"
},
{
"cve": "CVE-2020-11987",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen in verschiedenen Komponenten von Drittanbietern wie Google Web Toolkit, Eclipse BIRT, Apache Batik, Apache Derby, Eclipse Equinox, FasterXML jackson-databind, Eclipse Jetty, Netty und JDBC. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und nicht spezifizierte Auswirkungen zu verursachen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025751"
],
"last_affected": [
"T024051"
]
},
"release_date": "2023-01-04T23:00:00.000+00:00",
"title": "CVE-2020-11987"
},
{
"cve": "CVE-2019-17566",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen in verschiedenen Komponenten von Drittanbietern wie Google Web Toolkit, Eclipse BIRT, Apache Batik, Apache Derby, Eclipse Equinox, FasterXML jackson-databind, Eclipse Jetty, Netty und JDBC. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und nicht spezifizierte Auswirkungen zu verursachen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025751"
],
"last_affected": [
"T024051"
]
},
"release_date": "2023-01-04T23:00:00.000+00:00",
"title": "CVE-2019-17566"
},
{
"cve": "CVE-2018-8013",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen in verschiedenen Komponenten von Drittanbietern wie Google Web Toolkit, Eclipse BIRT, Apache Batik, Apache Derby, Eclipse Equinox, FasterXML jackson-databind, Eclipse Jetty, Netty und JDBC. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und nicht spezifizierte Auswirkungen zu verursachen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025751"
],
"last_affected": [
"T024051"
]
},
"release_date": "2023-01-04T23:00:00.000+00:00",
"title": "CVE-2018-8013"
},
{
"cve": "CVE-2017-5662",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen in verschiedenen Komponenten von Drittanbietern wie Google Web Toolkit, Eclipse BIRT, Apache Batik, Apache Derby, Eclipse Equinox, FasterXML jackson-databind, Eclipse Jetty, Netty und JDBC. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und nicht spezifizierte Auswirkungen zu verursachen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025751"
],
"last_affected": [
"T024051"
]
},
"release_date": "2023-01-04T23:00:00.000+00:00",
"title": "CVE-2017-5662"
},
{
"cve": "CVE-2016-3506",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen in verschiedenen Komponenten von Drittanbietern wie Google Web Toolkit, Eclipse BIRT, Apache Batik, Apache Derby, Eclipse Equinox, FasterXML jackson-databind, Eclipse Jetty, Netty und JDBC. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und nicht spezifizierte Auswirkungen zu verursachen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025751"
],
"last_affected": [
"T024051"
]
},
"release_date": "2023-01-04T23:00:00.000+00:00",
"title": "CVE-2016-3506"
},
{
"cve": "CVE-2015-0250",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen in verschiedenen Komponenten von Drittanbietern wie Google Web Toolkit, Eclipse BIRT, Apache Batik, Apache Derby, Eclipse Equinox, FasterXML jackson-databind, Eclipse Jetty, Netty und JDBC. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und nicht spezifizierte Auswirkungen zu verursachen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025751"
],
"last_affected": [
"T024051"
]
},
"release_date": "2023-01-04T23:00:00.000+00:00",
"title": "CVE-2015-0250"
},
{
"cve": "CVE-2009-4521",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen in verschiedenen Komponenten von Drittanbietern wie Google Web Toolkit, Eclipse BIRT, Apache Batik, Apache Derby, Eclipse Equinox, FasterXML jackson-databind, Eclipse Jetty, Netty und JDBC. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und nicht spezifizierte Auswirkungen zu verursachen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025751"
],
"last_affected": [
"T024051"
]
},
"release_date": "2023-01-04T23:00:00.000+00:00",
"title": "CVE-2009-4521"
},
{
"cve": "CVE-2009-4269",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen in verschiedenen Komponenten von Drittanbietern wie Google Web Toolkit, Eclipse BIRT, Apache Batik, Apache Derby, Eclipse Equinox, FasterXML jackson-databind, Eclipse Jetty, Netty und JDBC. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und nicht spezifizierte Auswirkungen zu verursachen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025751"
],
"last_affected": [
"T024051"
]
},
"release_date": "2023-01-04T23:00:00.000+00:00",
"title": "CVE-2009-4269"
},
{
"cve": "CVE-2007-2378",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen in verschiedenen Komponenten von Drittanbietern wie Google Web Toolkit, Eclipse BIRT, Apache Batik, Apache Derby, Eclipse Equinox, FasterXML jackson-databind, Eclipse Jetty, Netty und JDBC. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und nicht spezifizierte Auswirkungen zu verursachen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025751"
],
"last_affected": [
"T024051"
]
},
"release_date": "2023-01-04T23:00:00.000+00:00",
"title": "CVE-2007-2378"
}
]
}
WID-SEC-W-2023-0133
Vulnerability from csaf_certbund - Published: 2023-01-17 23:00 - Updated: 2023-01-17 23:00Summary
Oracle Financial Services Applications: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Oracle Financial Services ist eine Zusammenstellung von Anwendungen für den Finanzsektor und eine Technologiebasis zur Erfüllung von IT- und Geschäftsanforderungen.
Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Oracle Financial Services Applications ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme: - UNIX
- Linux
- Windows
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 2.12.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.12.0
|
— | |
|
Oracle Financial Services Applications 2.6.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.6.2
|
— | |
|
Oracle Financial Services Applications 2.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.1
|
— | |
|
Oracle Financial Services Applications 2.7.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7.1
|
— | |
|
Oracle Financial Services Applications 2.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.8.0
|
— | |
|
Oracle Financial Services Applications 2.9.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0
|
— |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 2.12.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.12.0
|
— | |
|
Oracle Financial Services Applications 2.6.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.6.2
|
— | |
|
Oracle Financial Services Applications 2.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.1
|
— | |
|
Oracle Financial Services Applications 2.7.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7.1
|
— | |
|
Oracle Financial Services Applications 2.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.8.0
|
— | |
|
Oracle Financial Services Applications 2.9.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0
|
— |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 2.12.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.12.0
|
— | |
|
Oracle Financial Services Applications 2.6.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.6.2
|
— | |
|
Oracle Financial Services Applications 2.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.1
|
— | |
|
Oracle Financial Services Applications 2.7.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7.1
|
— | |
|
Oracle Financial Services Applications 2.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.8.0
|
— | |
|
Oracle Financial Services Applications 2.9.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0
|
— |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 2.12.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.12.0
|
— | |
|
Oracle Financial Services Applications 2.6.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.6.2
|
— | |
|
Oracle Financial Services Applications 2.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.1
|
— | |
|
Oracle Financial Services Applications 2.7.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7.1
|
— | |
|
Oracle Financial Services Applications 2.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.8.0
|
— | |
|
Oracle Financial Services Applications 2.9.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0
|
— |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 2.12.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.12.0
|
— | |
|
Oracle Financial Services Applications 2.6.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.6.2
|
— | |
|
Oracle Financial Services Applications 2.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.1
|
— | |
|
Oracle Financial Services Applications 2.7.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7.1
|
— | |
|
Oracle Financial Services Applications 2.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.8.0
|
— | |
|
Oracle Financial Services Applications 2.9.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0
|
— |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 2.12.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.12.0
|
— | |
|
Oracle Financial Services Applications 2.6.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.6.2
|
— | |
|
Oracle Financial Services Applications 2.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.1
|
— | |
|
Oracle Financial Services Applications 2.7.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7.1
|
— | |
|
Oracle Financial Services Applications 2.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.8.0
|
— | |
|
Oracle Financial Services Applications 2.9.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0
|
— |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 2.12.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.12.0
|
— | |
|
Oracle Financial Services Applications 2.6.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.6.2
|
— | |
|
Oracle Financial Services Applications 2.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.1
|
— | |
|
Oracle Financial Services Applications 2.7.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7.1
|
— | |
|
Oracle Financial Services Applications 2.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.8.0
|
— | |
|
Oracle Financial Services Applications 2.9.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0
|
— |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 2.12.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.12.0
|
— | |
|
Oracle Financial Services Applications 2.6.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.6.2
|
— | |
|
Oracle Financial Services Applications 2.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.1
|
— | |
|
Oracle Financial Services Applications 2.7.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7.1
|
— | |
|
Oracle Financial Services Applications 2.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.8.0
|
— | |
|
Oracle Financial Services Applications 2.9.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0
|
— |
References
3 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Oracle Financial Services ist eine Zusammenstellung von Anwendungen f\u00fcr den Finanzsektor und eine Technologiebasis zur Erf\u00fcllung von IT- und Gesch\u00e4ftsanforderungen.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Oracle Financial Services Applications ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- UNIX\n- Linux\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-0133 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-0133.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-0133 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0133"
},
{
"category": "external",
"summary": "Oracle Critical Patch Update Advisory - January 2023 - Appendix Oracle Financial Services Applications vom 2023-01-17",
"url": "https://www.oracle.com/security-alerts/cpujan2023.html#AppendixIFLX"
}
],
"source_lang": "en-US",
"title": "Oracle Financial Services Applications: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2023-01-17T23:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:41:48.127+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2023-0133",
"initial_release_date": "2023-01-17T23:00:00.000+00:00",
"revision_history": [
{
"date": "2023-01-17T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Oracle Financial Services Applications 2.6.2",
"product": {
"name": "Oracle Financial Services Applications 2.6.2",
"product_id": "T018977",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:2.6.2"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 2.7.0",
"product": {
"name": "Oracle Financial Services Applications 2.7.0",
"product_id": "T018978",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:2.7.0"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 2.7.1",
"product": {
"name": "Oracle Financial Services Applications 2.7.1",
"product_id": "T018979",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:2.7.1"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 2.8.0",
"product": {
"name": "Oracle Financial Services Applications 2.8.0",
"product_id": "T018980",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:2.8.0"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 2.9.0",
"product": {
"name": "Oracle Financial Services Applications 2.9.0",
"product_id": "T018981",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:2.9.0"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 2.12.0",
"product": {
"name": "Oracle Financial Services Applications 2.12.0",
"product_id": "T019885",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:2.12.0"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 8.0.8.3.1",
"product": {
"name": "Oracle Financial Services Applications 8.0.8.3.1",
"product_id": "T025878",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.0.8.3.1"
}
}
}
],
"category": "product_name",
"name": "Financial Services Applications"
}
],
"category": "vendor",
"name": "Oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-42252",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T019885",
"T018977",
"T018978",
"T025878",
"T018979",
"T018980",
"T018981"
]
},
"release_date": "2023-01-17T23:00:00.000+00:00",
"title": "CVE-2022-42252"
},
{
"cve": "CVE-2022-42003",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T019885",
"T018977",
"T018978",
"T025878",
"T018979",
"T018980",
"T018981"
]
},
"release_date": "2023-01-17T23:00:00.000+00:00",
"title": "CVE-2022-42003"
},
{
"cve": "CVE-2022-38752",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T019885",
"T018977",
"T018978",
"T025878",
"T018979",
"T018980",
"T018981"
]
},
"release_date": "2023-01-17T23:00:00.000+00:00",
"title": "CVE-2022-38752"
},
{
"cve": "CVE-2022-36033",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T019885",
"T018977",
"T018978",
"T025878",
"T018979",
"T018980",
"T018981"
]
},
"release_date": "2023-01-17T23:00:00.000+00:00",
"title": "CVE-2022-36033"
},
{
"cve": "CVE-2022-33980",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T019885",
"T018977",
"T018978",
"T025878",
"T018979",
"T018980",
"T018981"
]
},
"release_date": "2023-01-17T23:00:00.000+00:00",
"title": "CVE-2022-33980"
},
{
"cve": "CVE-2022-3171",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T019885",
"T018977",
"T018978",
"T025878",
"T018979",
"T018980",
"T018981"
]
},
"release_date": "2023-01-17T23:00:00.000+00:00",
"title": "CVE-2022-3171"
},
{
"cve": "CVE-2022-24823",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T019885",
"T018977",
"T018978",
"T025878",
"T018979",
"T018980",
"T018981"
]
},
"release_date": "2023-01-17T23:00:00.000+00:00",
"title": "CVE-2022-24823"
},
{
"cve": "CVE-2022-2048",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T019885",
"T018977",
"T018978",
"T025878",
"T018979",
"T018980",
"T018981"
]
},
"release_date": "2023-01-17T23:00:00.000+00:00",
"title": "CVE-2022-2048"
}
]
}
WID-SEC-W-2023-0137
Vulnerability from csaf_certbund - Published: 2023-01-17 23:00 - Updated: 2024-11-21 23:00Summary
Oracle Communications: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Oracle Communications umfasst branchenspezifische Lösungen für die Telekommunikationsbranche.
Angriff: Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Communications ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme: - Linux
- Sonstiges
- UNIX
- Windows
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
11.3 | |
|
Oracle Communications 22.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.0
|
22.2.0 | |
|
Oracle Communications 1.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:1.11.0
|
1.11.0 | |
|
Oracle Communications 22.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.1
|
22.2.1 | |
|
Oracle Communications 22.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.1
|
22.1.1 | |
|
Oracle Communications 10.4.0.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:10.4.0.4.1
|
10.4.0.4.1 | |
|
Oracle Communications 22.3.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.1
|
22.3.1 | |
|
Oracle Communications 8.2.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.2.3.0
|
8.2.3.0 | |
|
Oracle Communications 22.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.0.0.0.0
|
22.0.0.0.0 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Hitachi Ops Center
Hitachi
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
Oracle Communications 22.2.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.3
|
22.2.3 | |
|
Oracle Communications 22.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0
|
22.1.0 | |
|
Oracle Communications 22.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.2
|
22.2.2 | |
|
Oracle Communications 22.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.4.1
|
22.4.1 | |
|
Oracle Communications 22.3.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.4
|
22.3.4 | |
|
Oracle Communications 22.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.0
|
22.3.0 | |
|
Oracle Communications 22.3.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.2
|
22.3.2 | |
|
Oracle Communications 8.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.0.0
|
8.0.0 | |
|
Oracle Communications 7.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:7.1.0
|
7.1.0 | |
|
Oracle Communications 22.3.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.3
|
22.3.3 | |
|
Oracle Communications 8.6.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.6.0.0
|
8.6.0.0 | |
|
Oracle Communications 22.2.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.4
|
22.2.4 | |
|
Oracle Communications 22.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0.0.0
|
22.1.0.0.0 | |
|
IBM Security Guardium 11.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.5
|
11.5 |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=22.4.0
Oracle / Communications
|
<=22.4.0 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
11.3 | |
|
Oracle Communications 22.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.0
|
22.2.0 | |
|
Oracle Communications 1.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:1.11.0
|
1.11.0 | |
|
Oracle Communications 22.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.1
|
22.2.1 | |
|
Oracle Communications 22.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.1
|
22.1.1 | |
|
Oracle Communications 10.4.0.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:10.4.0.4.1
|
10.4.0.4.1 | |
|
Oracle Communications 22.3.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.1
|
22.3.1 | |
|
Oracle Communications 8.2.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.2.3.0
|
8.2.3.0 | |
|
Oracle Communications 22.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.0.0.0.0
|
22.0.0.0.0 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Hitachi Ops Center
Hitachi
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
Oracle Communications 22.2.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.3
|
22.2.3 | |
|
Oracle Communications 22.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0
|
22.1.0 | |
|
Oracle Communications 22.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.2
|
22.2.2 | |
|
Oracle Communications 22.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.4.1
|
22.4.1 | |
|
Oracle Communications 22.3.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.4
|
22.3.4 | |
|
Oracle Communications 22.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.0
|
22.3.0 | |
|
Oracle Communications 22.3.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.2
|
22.3.2 | |
|
Oracle Communications 8.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.0.0
|
8.0.0 | |
|
Oracle Communications 7.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:7.1.0
|
7.1.0 | |
|
Oracle Communications 22.3.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.3
|
22.3.3 | |
|
Oracle Communications 8.6.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.6.0.0
|
8.6.0.0 | |
|
Oracle Communications 22.2.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.4
|
22.2.4 | |
|
Oracle Communications 22.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0.0.0
|
22.1.0.0.0 | |
|
IBM Security Guardium 11.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.5
|
11.5 |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=22.4.0
Oracle / Communications
|
<=22.4.0 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
11.3 | |
|
Oracle Communications 22.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.0
|
22.2.0 | |
|
Oracle Communications 1.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:1.11.0
|
1.11.0 | |
|
Oracle Communications 22.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.1
|
22.2.1 | |
|
Oracle Communications 22.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.1
|
22.1.1 | |
|
Oracle Communications 10.4.0.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:10.4.0.4.1
|
10.4.0.4.1 | |
|
Oracle Communications 22.3.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.1
|
22.3.1 | |
|
Oracle Communications 8.2.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.2.3.0
|
8.2.3.0 | |
|
Oracle Communications 22.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.0.0.0.0
|
22.0.0.0.0 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Hitachi Ops Center
Hitachi
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
Oracle Communications 22.2.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.3
|
22.2.3 | |
|
Oracle Communications 22.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0
|
22.1.0 | |
|
Oracle Communications 22.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.2
|
22.2.2 | |
|
Oracle Communications 22.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.4.1
|
22.4.1 | |
|
Oracle Communications 22.3.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.4
|
22.3.4 | |
|
Oracle Communications 22.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.0
|
22.3.0 | |
|
Oracle Communications 22.3.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.2
|
22.3.2 | |
|
Oracle Communications 8.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.0.0
|
8.0.0 | |
|
Oracle Communications 7.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:7.1.0
|
7.1.0 | |
|
Oracle Communications 22.3.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.3
|
22.3.3 | |
|
Oracle Communications 8.6.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.6.0.0
|
8.6.0.0 | |
|
Oracle Communications 22.2.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.4
|
22.2.4 | |
|
Oracle Communications 22.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0.0.0
|
22.1.0.0.0 | |
|
IBM Security Guardium 11.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.5
|
11.5 |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=22.4.0
Oracle / Communications
|
<=22.4.0 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
11.3 | |
|
Oracle Communications 22.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.0
|
22.2.0 | |
|
Oracle Communications 1.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:1.11.0
|
1.11.0 | |
|
Oracle Communications 22.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.1
|
22.2.1 | |
|
Oracle Communications 22.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.1
|
22.1.1 | |
|
Oracle Communications 10.4.0.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:10.4.0.4.1
|
10.4.0.4.1 | |
|
Oracle Communications 22.3.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.1
|
22.3.1 | |
|
Oracle Communications 8.2.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.2.3.0
|
8.2.3.0 | |
|
Oracle Communications 22.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.0.0.0.0
|
22.0.0.0.0 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Hitachi Ops Center
Hitachi
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
Oracle Communications 22.2.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.3
|
22.2.3 | |
|
Oracle Communications 22.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0
|
22.1.0 | |
|
Oracle Communications 22.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.2
|
22.2.2 | |
|
Oracle Communications 22.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.4.1
|
22.4.1 | |
|
Oracle Communications 22.3.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.4
|
22.3.4 | |
|
Oracle Communications 22.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.0
|
22.3.0 | |
|
Oracle Communications 22.3.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.2
|
22.3.2 | |
|
Oracle Communications 8.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.0.0
|
8.0.0 | |
|
Oracle Communications 7.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:7.1.0
|
7.1.0 | |
|
Oracle Communications 22.3.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.3
|
22.3.3 | |
|
Oracle Communications 8.6.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.6.0.0
|
8.6.0.0 | |
|
Oracle Communications 22.2.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.4
|
22.2.4 | |
|
Oracle Communications 22.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0.0.0
|
22.1.0.0.0 | |
|
IBM Security Guardium 11.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.5
|
11.5 |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=22.4.0
Oracle / Communications
|
<=22.4.0 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
11.3 | |
|
Oracle Communications 22.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.0
|
22.2.0 | |
|
Oracle Communications 1.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:1.11.0
|
1.11.0 | |
|
Oracle Communications 22.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.1
|
22.2.1 | |
|
Oracle Communications 22.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.1
|
22.1.1 | |
|
Oracle Communications 10.4.0.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:10.4.0.4.1
|
10.4.0.4.1 | |
|
Oracle Communications 22.3.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.1
|
22.3.1 | |
|
Oracle Communications 8.2.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.2.3.0
|
8.2.3.0 | |
|
Oracle Communications 22.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.0.0.0.0
|
22.0.0.0.0 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Hitachi Ops Center
Hitachi
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
Oracle Communications 22.2.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.3
|
22.2.3 | |
|
Oracle Communications 22.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0
|
22.1.0 | |
|
Oracle Communications 22.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.2
|
22.2.2 | |
|
Oracle Communications 22.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.4.1
|
22.4.1 | |
|
Oracle Communications 22.3.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.4
|
22.3.4 | |
|
Oracle Communications 22.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.0
|
22.3.0 | |
|
Oracle Communications 22.3.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.2
|
22.3.2 | |
|
Oracle Communications 8.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.0.0
|
8.0.0 | |
|
Oracle Communications 7.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:7.1.0
|
7.1.0 | |
|
Oracle Communications 22.3.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.3
|
22.3.3 | |
|
Oracle Communications 8.6.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.6.0.0
|
8.6.0.0 | |
|
Oracle Communications 22.2.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.4
|
22.2.4 | |
|
Oracle Communications 22.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0.0.0
|
22.1.0.0.0 | |
|
IBM Security Guardium 11.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.5
|
11.5 |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=22.4.0
Oracle / Communications
|
<=22.4.0 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
11.3 | |
|
Oracle Communications 22.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.0
|
22.2.0 | |
|
Oracle Communications 1.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:1.11.0
|
1.11.0 | |
|
Oracle Communications 22.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.1
|
22.2.1 | |
|
Oracle Communications 22.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.1
|
22.1.1 | |
|
Oracle Communications 10.4.0.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:10.4.0.4.1
|
10.4.0.4.1 | |
|
Oracle Communications 22.3.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.1
|
22.3.1 | |
|
Oracle Communications 8.2.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.2.3.0
|
8.2.3.0 | |
|
Oracle Communications 22.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.0.0.0.0
|
22.0.0.0.0 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Hitachi Ops Center
Hitachi
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
Oracle Communications 22.2.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.3
|
22.2.3 | |
|
Oracle Communications 22.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0
|
22.1.0 | |
|
Oracle Communications 22.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.2
|
22.2.2 | |
|
Oracle Communications 22.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.4.1
|
22.4.1 | |
|
Oracle Communications 22.3.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.4
|
22.3.4 | |
|
Oracle Communications 22.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.0
|
22.3.0 | |
|
Oracle Communications 22.3.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.2
|
22.3.2 | |
|
Oracle Communications 8.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.0.0
|
8.0.0 | |
|
Oracle Communications 7.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:7.1.0
|
7.1.0 | |
|
Oracle Communications 22.3.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.3
|
22.3.3 | |
|
Oracle Communications 8.6.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.6.0.0
|
8.6.0.0 | |
|
Oracle Communications 22.2.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.4
|
22.2.4 | |
|
Oracle Communications 22.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0.0.0
|
22.1.0.0.0 | |
|
IBM Security Guardium 11.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.5
|
11.5 |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=22.4.0
Oracle / Communications
|
<=22.4.0 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
11.3 | |
|
Oracle Communications 22.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.0
|
22.2.0 | |
|
Oracle Communications 1.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:1.11.0
|
1.11.0 | |
|
Oracle Communications 22.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.1
|
22.2.1 | |
|
Oracle Communications 22.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.1
|
22.1.1 | |
|
Oracle Communications 10.4.0.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:10.4.0.4.1
|
10.4.0.4.1 | |
|
Oracle Communications 22.3.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.1
|
22.3.1 | |
|
Oracle Communications 8.2.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.2.3.0
|
8.2.3.0 | |
|
Oracle Communications 22.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.0.0.0.0
|
22.0.0.0.0 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Hitachi Ops Center
Hitachi
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
Oracle Communications 22.2.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.3
|
22.2.3 | |
|
Oracle Communications 22.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0
|
22.1.0 | |
|
Oracle Communications 22.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.2
|
22.2.2 | |
|
Oracle Communications 22.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.4.1
|
22.4.1 | |
|
Oracle Communications 22.3.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.4
|
22.3.4 | |
|
Oracle Communications 22.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.0
|
22.3.0 | |
|
Oracle Communications 22.3.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.2
|
22.3.2 | |
|
Oracle Communications 8.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.0.0
|
8.0.0 | |
|
Oracle Communications 7.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:7.1.0
|
7.1.0 | |
|
Oracle Communications 22.3.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.3
|
22.3.3 | |
|
Oracle Communications 8.6.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.6.0.0
|
8.6.0.0 | |
|
Oracle Communications 22.2.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.4
|
22.2.4 | |
|
Oracle Communications 22.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0.0.0
|
22.1.0.0.0 | |
|
IBM Security Guardium 11.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.5
|
11.5 |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=22.4.0
Oracle / Communications
|
<=22.4.0 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
11.3 | |
|
Oracle Communications 22.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.0
|
22.2.0 | |
|
Oracle Communications 1.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:1.11.0
|
1.11.0 | |
|
Oracle Communications 22.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.1
|
22.2.1 | |
|
Oracle Communications 22.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.1
|
22.1.1 | |
|
Oracle Communications 10.4.0.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:10.4.0.4.1
|
10.4.0.4.1 | |
|
Oracle Communications 22.3.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.1
|
22.3.1 | |
|
Oracle Communications 8.2.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.2.3.0
|
8.2.3.0 | |
|
Oracle Communications 22.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.0.0.0.0
|
22.0.0.0.0 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Hitachi Ops Center
Hitachi
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
Oracle Communications 22.2.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.3
|
22.2.3 | |
|
Oracle Communications 22.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0
|
22.1.0 | |
|
Oracle Communications 22.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.2
|
22.2.2 | |
|
Oracle Communications 22.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.4.1
|
22.4.1 | |
|
Oracle Communications 22.3.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.4
|
22.3.4 | |
|
Oracle Communications 22.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.0
|
22.3.0 | |
|
Oracle Communications 22.3.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.2
|
22.3.2 | |
|
Oracle Communications 8.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.0.0
|
8.0.0 | |
|
Oracle Communications 7.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:7.1.0
|
7.1.0 | |
|
Oracle Communications 22.3.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.3
|
22.3.3 | |
|
Oracle Communications 8.6.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.6.0.0
|
8.6.0.0 | |
|
Oracle Communications 22.2.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.4
|
22.2.4 | |
|
Oracle Communications 22.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0.0.0
|
22.1.0.0.0 | |
|
IBM Security Guardium 11.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.5
|
11.5 |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=22.4.0
Oracle / Communications
|
<=22.4.0 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
11.3 | |
|
Oracle Communications 22.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.0
|
22.2.0 | |
|
Oracle Communications 1.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:1.11.0
|
1.11.0 | |
|
Oracle Communications 22.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.1
|
22.2.1 | |
|
Oracle Communications 22.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.1
|
22.1.1 | |
|
Oracle Communications 10.4.0.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:10.4.0.4.1
|
10.4.0.4.1 | |
|
Oracle Communications 22.3.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.1
|
22.3.1 | |
|
Oracle Communications 8.2.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.2.3.0
|
8.2.3.0 | |
|
Oracle Communications 22.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.0.0.0.0
|
22.0.0.0.0 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Hitachi Ops Center
Hitachi
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
Oracle Communications 22.2.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.3
|
22.2.3 | |
|
Oracle Communications 22.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0
|
22.1.0 | |
|
Oracle Communications 22.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.2
|
22.2.2 | |
|
Oracle Communications 22.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.4.1
|
22.4.1 | |
|
Oracle Communications 22.3.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.4
|
22.3.4 | |
|
Oracle Communications 22.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.0
|
22.3.0 | |
|
Oracle Communications 22.3.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.2
|
22.3.2 | |
|
Oracle Communications 8.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.0.0
|
8.0.0 | |
|
Oracle Communications 7.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:7.1.0
|
7.1.0 | |
|
Oracle Communications 22.3.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.3
|
22.3.3 | |
|
Oracle Communications 8.6.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.6.0.0
|
8.6.0.0 | |
|
Oracle Communications 22.2.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.4
|
22.2.4 | |
|
Oracle Communications 22.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0.0.0
|
22.1.0.0.0 | |
|
IBM Security Guardium 11.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.5
|
11.5 |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=22.4.0
Oracle / Communications
|
<=22.4.0 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
11.3 | |
|
Oracle Communications 22.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.0
|
22.2.0 | |
|
Oracle Communications 1.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:1.11.0
|
1.11.0 | |
|
Oracle Communications 22.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.1
|
22.2.1 | |
|
Oracle Communications 22.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.1
|
22.1.1 | |
|
Oracle Communications 10.4.0.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:10.4.0.4.1
|
10.4.0.4.1 | |
|
Oracle Communications 22.3.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.1
|
22.3.1 | |
|
Oracle Communications 8.2.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.2.3.0
|
8.2.3.0 | |
|
Oracle Communications 22.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.0.0.0.0
|
22.0.0.0.0 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Hitachi Ops Center
Hitachi
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
Oracle Communications 22.2.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.3
|
22.2.3 | |
|
Oracle Communications 22.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0
|
22.1.0 | |
|
Oracle Communications 22.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.2
|
22.2.2 | |
|
Oracle Communications 22.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.4.1
|
22.4.1 | |
|
Oracle Communications 22.3.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.4
|
22.3.4 | |
|
Oracle Communications 22.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.0
|
22.3.0 | |
|
Oracle Communications 22.3.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.2
|
22.3.2 | |
|
Oracle Communications 8.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.0.0
|
8.0.0 | |
|
Oracle Communications 7.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:7.1.0
|
7.1.0 | |
|
Oracle Communications 22.3.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.3
|
22.3.3 | |
|
Oracle Communications 8.6.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.6.0.0
|
8.6.0.0 | |
|
Oracle Communications 22.2.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.4
|
22.2.4 | |
|
Oracle Communications 22.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0.0.0
|
22.1.0.0.0 | |
|
IBM Security Guardium 11.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.5
|
11.5 |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=22.4.0
Oracle / Communications
|
<=22.4.0 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
11.3 | |
|
Oracle Communications 22.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.0
|
22.2.0 | |
|
Oracle Communications 1.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:1.11.0
|
1.11.0 | |
|
Oracle Communications 22.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.1
|
22.2.1 | |
|
Oracle Communications 22.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.1
|
22.1.1 | |
|
Oracle Communications 10.4.0.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:10.4.0.4.1
|
10.4.0.4.1 | |
|
Oracle Communications 22.3.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.1
|
22.3.1 | |
|
Oracle Communications 8.2.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.2.3.0
|
8.2.3.0 | |
|
Oracle Communications 22.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.0.0.0.0
|
22.0.0.0.0 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Hitachi Ops Center
Hitachi
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
Oracle Communications 22.2.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.3
|
22.2.3 | |
|
Oracle Communications 22.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0
|
22.1.0 | |
|
Oracle Communications 22.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.2
|
22.2.2 | |
|
Oracle Communications 22.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.4.1
|
22.4.1 | |
|
Oracle Communications 22.3.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.4
|
22.3.4 | |
|
Oracle Communications 22.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.0
|
22.3.0 | |
|
Oracle Communications 22.3.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.2
|
22.3.2 | |
|
Oracle Communications 8.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.0.0
|
8.0.0 | |
|
Oracle Communications 7.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:7.1.0
|
7.1.0 | |
|
Oracle Communications 22.3.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.3
|
22.3.3 | |
|
Oracle Communications 8.6.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.6.0.0
|
8.6.0.0 | |
|
Oracle Communications 22.2.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.4
|
22.2.4 | |
|
Oracle Communications 22.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0.0.0
|
22.1.0.0.0 | |
|
IBM Security Guardium 11.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.5
|
11.5 |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=22.4.0
Oracle / Communications
|
<=22.4.0 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
11.3 | |
|
Oracle Communications 22.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.0
|
22.2.0 | |
|
Oracle Communications 1.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:1.11.0
|
1.11.0 | |
|
Oracle Communications 22.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.1
|
22.2.1 | |
|
Oracle Communications 22.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.1
|
22.1.1 | |
|
Oracle Communications 10.4.0.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:10.4.0.4.1
|
10.4.0.4.1 | |
|
Oracle Communications 22.3.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.1
|
22.3.1 | |
|
Oracle Communications 8.2.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.2.3.0
|
8.2.3.0 | |
|
Oracle Communications 22.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.0.0.0.0
|
22.0.0.0.0 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Hitachi Ops Center
Hitachi
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
Oracle Communications 22.2.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.3
|
22.2.3 | |
|
Oracle Communications 22.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0
|
22.1.0 | |
|
Oracle Communications 22.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.2
|
22.2.2 | |
|
Oracle Communications 22.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.4.1
|
22.4.1 | |
|
Oracle Communications 22.3.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.4
|
22.3.4 | |
|
Oracle Communications 22.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.0
|
22.3.0 | |
|
Oracle Communications 22.3.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.2
|
22.3.2 | |
|
Oracle Communications 8.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.0.0
|
8.0.0 | |
|
Oracle Communications 7.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:7.1.0
|
7.1.0 | |
|
Oracle Communications 22.3.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.3
|
22.3.3 | |
|
Oracle Communications 8.6.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.6.0.0
|
8.6.0.0 | |
|
Oracle Communications 22.2.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.4
|
22.2.4 | |
|
Oracle Communications 22.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0.0.0
|
22.1.0.0.0 | |
|
IBM Security Guardium 11.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.5
|
11.5 |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=22.4.0
Oracle / Communications
|
<=22.4.0 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
11.3 | |
|
Oracle Communications 22.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.0
|
22.2.0 | |
|
Oracle Communications 1.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:1.11.0
|
1.11.0 | |
|
Oracle Communications 22.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.1
|
22.2.1 | |
|
Oracle Communications 22.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.1
|
22.1.1 | |
|
Oracle Communications 10.4.0.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:10.4.0.4.1
|
10.4.0.4.1 | |
|
Oracle Communications 22.3.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.1
|
22.3.1 | |
|
Oracle Communications 8.2.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.2.3.0
|
8.2.3.0 | |
|
Oracle Communications 22.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.0.0.0.0
|
22.0.0.0.0 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Hitachi Ops Center
Hitachi
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
Oracle Communications 22.2.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.3
|
22.2.3 | |
|
Oracle Communications 22.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0
|
22.1.0 | |
|
Oracle Communications 22.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.2
|
22.2.2 | |
|
Oracle Communications 22.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.4.1
|
22.4.1 | |
|
Oracle Communications 22.3.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.4
|
22.3.4 | |
|
Oracle Communications 22.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.0
|
22.3.0 | |
|
Oracle Communications 22.3.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.2
|
22.3.2 | |
|
Oracle Communications 8.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.0.0
|
8.0.0 | |
|
Oracle Communications 7.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:7.1.0
|
7.1.0 | |
|
Oracle Communications 22.3.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.3
|
22.3.3 | |
|
Oracle Communications 8.6.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.6.0.0
|
8.6.0.0 | |
|
Oracle Communications 22.2.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.4
|
22.2.4 | |
|
Oracle Communications 22.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0.0.0
|
22.1.0.0.0 | |
|
IBM Security Guardium 11.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.5
|
11.5 |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=22.4.0
Oracle / Communications
|
<=22.4.0 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
11.3 | |
|
Oracle Communications 22.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.0
|
22.2.0 | |
|
Oracle Communications 1.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:1.11.0
|
1.11.0 | |
|
Oracle Communications 22.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.1
|
22.2.1 | |
|
Oracle Communications 22.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.1
|
22.1.1 | |
|
Oracle Communications 10.4.0.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:10.4.0.4.1
|
10.4.0.4.1 | |
|
Oracle Communications 22.3.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.1
|
22.3.1 | |
|
Oracle Communications 8.2.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.2.3.0
|
8.2.3.0 | |
|
Oracle Communications 22.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.0.0.0.0
|
22.0.0.0.0 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Hitachi Ops Center
Hitachi
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
Oracle Communications 22.2.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.3
|
22.2.3 | |
|
Oracle Communications 22.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0
|
22.1.0 | |
|
Oracle Communications 22.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.2
|
22.2.2 | |
|
Oracle Communications 22.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.4.1
|
22.4.1 | |
|
Oracle Communications 22.3.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.4
|
22.3.4 | |
|
Oracle Communications 22.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.0
|
22.3.0 | |
|
Oracle Communications 22.3.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.2
|
22.3.2 | |
|
Oracle Communications 8.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.0.0
|
8.0.0 | |
|
Oracle Communications 7.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:7.1.0
|
7.1.0 | |
|
Oracle Communications 22.3.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.3
|
22.3.3 | |
|
Oracle Communications 8.6.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.6.0.0
|
8.6.0.0 | |
|
Oracle Communications 22.2.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.4
|
22.2.4 | |
|
Oracle Communications 22.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0.0.0
|
22.1.0.0.0 | |
|
IBM Security Guardium 11.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.5
|
11.5 |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=22.4.0
Oracle / Communications
|
<=22.4.0 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
11.3 | |
|
Oracle Communications 22.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.0
|
22.2.0 | |
|
Oracle Communications 1.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:1.11.0
|
1.11.0 | |
|
Oracle Communications 22.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.1
|
22.2.1 | |
|
Oracle Communications 22.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.1
|
22.1.1 | |
|
Oracle Communications 10.4.0.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:10.4.0.4.1
|
10.4.0.4.1 | |
|
Oracle Communications 22.3.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.1
|
22.3.1 | |
|
Oracle Communications 8.2.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.2.3.0
|
8.2.3.0 | |
|
Oracle Communications 22.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.0.0.0.0
|
22.0.0.0.0 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Hitachi Ops Center
Hitachi
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
Oracle Communications 22.2.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.3
|
22.2.3 | |
|
Oracle Communications 22.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0
|
22.1.0 | |
|
Oracle Communications 22.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.2
|
22.2.2 | |
|
Oracle Communications 22.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.4.1
|
22.4.1 | |
|
Oracle Communications 22.3.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.4
|
22.3.4 | |
|
Oracle Communications 22.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.0
|
22.3.0 | |
|
Oracle Communications 22.3.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.2
|
22.3.2 | |
|
Oracle Communications 8.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.0.0
|
8.0.0 | |
|
Oracle Communications 7.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:7.1.0
|
7.1.0 | |
|
Oracle Communications 22.3.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.3
|
22.3.3 | |
|
Oracle Communications 8.6.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.6.0.0
|
8.6.0.0 | |
|
Oracle Communications 22.2.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.4
|
22.2.4 | |
|
Oracle Communications 22.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0.0.0
|
22.1.0.0.0 | |
|
IBM Security Guardium 11.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.5
|
11.5 |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=22.4.0
Oracle / Communications
|
<=22.4.0 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
11.3 | |
|
Oracle Communications 22.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.0
|
22.2.0 | |
|
Oracle Communications 1.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:1.11.0
|
1.11.0 | |
|
Oracle Communications 22.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.1
|
22.2.1 | |
|
Oracle Communications 22.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.1
|
22.1.1 | |
|
Oracle Communications 10.4.0.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:10.4.0.4.1
|
10.4.0.4.1 | |
|
Oracle Communications 22.3.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.1
|
22.3.1 | |
|
Oracle Communications 8.2.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.2.3.0
|
8.2.3.0 | |
|
Oracle Communications 22.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.0.0.0.0
|
22.0.0.0.0 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Hitachi Ops Center
Hitachi
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
Oracle Communications 22.2.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.3
|
22.2.3 | |
|
Oracle Communications 22.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0
|
22.1.0 | |
|
Oracle Communications 22.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.2
|
22.2.2 | |
|
Oracle Communications 22.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.4.1
|
22.4.1 | |
|
Oracle Communications 22.3.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.4
|
22.3.4 | |
|
Oracle Communications 22.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.0
|
22.3.0 | |
|
Oracle Communications 22.3.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.2
|
22.3.2 | |
|
Oracle Communications 8.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.0.0
|
8.0.0 | |
|
Oracle Communications 7.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:7.1.0
|
7.1.0 | |
|
Oracle Communications 22.3.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.3
|
22.3.3 | |
|
Oracle Communications 8.6.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.6.0.0
|
8.6.0.0 | |
|
Oracle Communications 22.2.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.4
|
22.2.4 | |
|
Oracle Communications 22.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0.0.0
|
22.1.0.0.0 | |
|
IBM Security Guardium 11.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.5
|
11.5 |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=22.4.0
Oracle / Communications
|
<=22.4.0 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
11.3 | |
|
Oracle Communications 22.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.0
|
22.2.0 | |
|
Oracle Communications 1.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:1.11.0
|
1.11.0 | |
|
Oracle Communications 22.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.1
|
22.2.1 | |
|
Oracle Communications 22.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.1
|
22.1.1 | |
|
Oracle Communications 10.4.0.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:10.4.0.4.1
|
10.4.0.4.1 | |
|
Oracle Communications 22.3.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.1
|
22.3.1 | |
|
Oracle Communications 8.2.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.2.3.0
|
8.2.3.0 | |
|
Oracle Communications 22.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.0.0.0.0
|
22.0.0.0.0 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Hitachi Ops Center
Hitachi
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
Oracle Communications 22.2.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.3
|
22.2.3 | |
|
Oracle Communications 22.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0
|
22.1.0 | |
|
Oracle Communications 22.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.2
|
22.2.2 | |
|
Oracle Communications 22.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.4.1
|
22.4.1 | |
|
Oracle Communications 22.3.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.4
|
22.3.4 | |
|
Oracle Communications 22.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.0
|
22.3.0 | |
|
Oracle Communications 22.3.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.2
|
22.3.2 | |
|
Oracle Communications 8.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.0.0
|
8.0.0 | |
|
Oracle Communications 7.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:7.1.0
|
7.1.0 | |
|
Oracle Communications 22.3.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.3
|
22.3.3 | |
|
Oracle Communications 8.6.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.6.0.0
|
8.6.0.0 | |
|
Oracle Communications 22.2.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.4
|
22.2.4 | |
|
Oracle Communications 22.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0.0.0
|
22.1.0.0.0 | |
|
IBM Security Guardium 11.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.5
|
11.5 |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=22.4.0
Oracle / Communications
|
<=22.4.0 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
11.3 | |
|
Oracle Communications 22.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.0
|
22.2.0 | |
|
Oracle Communications 1.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:1.11.0
|
1.11.0 | |
|
Oracle Communications 22.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.1
|
22.2.1 | |
|
Oracle Communications 22.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.1
|
22.1.1 | |
|
Oracle Communications 10.4.0.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:10.4.0.4.1
|
10.4.0.4.1 | |
|
Oracle Communications 22.3.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.1
|
22.3.1 | |
|
Oracle Communications 8.2.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.2.3.0
|
8.2.3.0 | |
|
Oracle Communications 22.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.0.0.0.0
|
22.0.0.0.0 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Hitachi Ops Center
Hitachi
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
Oracle Communications 22.2.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.3
|
22.2.3 | |
|
Oracle Communications 22.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0
|
22.1.0 | |
|
Oracle Communications 22.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.2
|
22.2.2 | |
|
Oracle Communications 22.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.4.1
|
22.4.1 | |
|
Oracle Communications 22.3.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.4
|
22.3.4 | |
|
Oracle Communications 22.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.0
|
22.3.0 | |
|
Oracle Communications 22.3.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.2
|
22.3.2 | |
|
Oracle Communications 8.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.0.0
|
8.0.0 | |
|
Oracle Communications 7.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:7.1.0
|
7.1.0 | |
|
Oracle Communications 22.3.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.3
|
22.3.3 | |
|
Oracle Communications 8.6.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.6.0.0
|
8.6.0.0 | |
|
Oracle Communications 22.2.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.4
|
22.2.4 | |
|
Oracle Communications 22.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0.0.0
|
22.1.0.0.0 | |
|
IBM Security Guardium 11.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.5
|
11.5 |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=22.4.0
Oracle / Communications
|
<=22.4.0 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
11.3 | |
|
Oracle Communications 22.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.0
|
22.2.0 | |
|
Oracle Communications 1.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:1.11.0
|
1.11.0 | |
|
Oracle Communications 22.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.1
|
22.2.1 | |
|
Oracle Communications 22.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.1
|
22.1.1 | |
|
Oracle Communications 10.4.0.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:10.4.0.4.1
|
10.4.0.4.1 | |
|
Oracle Communications 22.3.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.1
|
22.3.1 | |
|
Oracle Communications 8.2.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.2.3.0
|
8.2.3.0 | |
|
Oracle Communications 22.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.0.0.0.0
|
22.0.0.0.0 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Hitachi Ops Center
Hitachi
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
Oracle Communications 22.2.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.3
|
22.2.3 | |
|
Oracle Communications 22.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0
|
22.1.0 | |
|
Oracle Communications 22.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.2
|
22.2.2 | |
|
Oracle Communications 22.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.4.1
|
22.4.1 | |
|
Oracle Communications 22.3.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.4
|
22.3.4 | |
|
Oracle Communications 22.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.0
|
22.3.0 | |
|
Oracle Communications 22.3.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.2
|
22.3.2 | |
|
Oracle Communications 8.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.0.0
|
8.0.0 | |
|
Oracle Communications 7.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:7.1.0
|
7.1.0 | |
|
Oracle Communications 22.3.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.3
|
22.3.3 | |
|
Oracle Communications 8.6.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.6.0.0
|
8.6.0.0 | |
|
Oracle Communications 22.2.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.4
|
22.2.4 | |
|
Oracle Communications 22.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0.0.0
|
22.1.0.0.0 | |
|
IBM Security Guardium 11.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.5
|
11.5 |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=22.4.0
Oracle / Communications
|
<=22.4.0 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
11.3 | |
|
Oracle Communications 22.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.0
|
22.2.0 | |
|
Oracle Communications 1.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:1.11.0
|
1.11.0 | |
|
Oracle Communications 22.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.1
|
22.2.1 | |
|
Oracle Communications 22.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.1
|
22.1.1 | |
|
Oracle Communications 10.4.0.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:10.4.0.4.1
|
10.4.0.4.1 | |
|
Oracle Communications 22.3.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.1
|
22.3.1 | |
|
Oracle Communications 8.2.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.2.3.0
|
8.2.3.0 | |
|
Oracle Communications 22.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.0.0.0.0
|
22.0.0.0.0 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Hitachi Ops Center
Hitachi
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
Oracle Communications 22.2.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.3
|
22.2.3 | |
|
Oracle Communications 22.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0
|
22.1.0 | |
|
Oracle Communications 22.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.2
|
22.2.2 | |
|
Oracle Communications 22.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.4.1
|
22.4.1 | |
|
Oracle Communications 22.3.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.4
|
22.3.4 | |
|
Oracle Communications 22.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.0
|
22.3.0 | |
|
Oracle Communications 22.3.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.2
|
22.3.2 | |
|
Oracle Communications 8.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.0.0
|
8.0.0 | |
|
Oracle Communications 7.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:7.1.0
|
7.1.0 | |
|
Oracle Communications 22.3.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.3
|
22.3.3 | |
|
Oracle Communications 8.6.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.6.0.0
|
8.6.0.0 | |
|
Oracle Communications 22.2.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.4
|
22.2.4 | |
|
Oracle Communications 22.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0.0.0
|
22.1.0.0.0 | |
|
IBM Security Guardium 11.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.5
|
11.5 |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=22.4.0
Oracle / Communications
|
<=22.4.0 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
11.3 | |
|
Oracle Communications 22.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.0
|
22.2.0 | |
|
Oracle Communications 1.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:1.11.0
|
1.11.0 | |
|
Oracle Communications 22.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.1
|
22.2.1 | |
|
Oracle Communications 22.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.1
|
22.1.1 | |
|
Oracle Communications 10.4.0.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:10.4.0.4.1
|
10.4.0.4.1 | |
|
Oracle Communications 22.3.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.1
|
22.3.1 | |
|
Oracle Communications 8.2.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.2.3.0
|
8.2.3.0 | |
|
Oracle Communications 22.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.0.0.0.0
|
22.0.0.0.0 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Hitachi Ops Center
Hitachi
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
Oracle Communications 22.2.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.3
|
22.2.3 | |
|
Oracle Communications 22.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0
|
22.1.0 | |
|
Oracle Communications 22.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.2
|
22.2.2 | |
|
Oracle Communications 22.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.4.1
|
22.4.1 | |
|
Oracle Communications 22.3.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.4
|
22.3.4 | |
|
Oracle Communications 22.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.0
|
22.3.0 | |
|
Oracle Communications 22.3.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.2
|
22.3.2 | |
|
Oracle Communications 8.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.0.0
|
8.0.0 | |
|
Oracle Communications 7.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:7.1.0
|
7.1.0 | |
|
Oracle Communications 22.3.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.3
|
22.3.3 | |
|
Oracle Communications 8.6.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.6.0.0
|
8.6.0.0 | |
|
Oracle Communications 22.2.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.4
|
22.2.4 | |
|
Oracle Communications 22.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0.0.0
|
22.1.0.0.0 | |
|
IBM Security Guardium 11.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.5
|
11.5 |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=22.4.0
Oracle / Communications
|
<=22.4.0 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
11.3 | |
|
Oracle Communications 22.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.0
|
22.2.0 | |
|
Oracle Communications 1.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:1.11.0
|
1.11.0 | |
|
Oracle Communications 22.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.1
|
22.2.1 | |
|
Oracle Communications 22.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.1
|
22.1.1 | |
|
Oracle Communications 10.4.0.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:10.4.0.4.1
|
10.4.0.4.1 | |
|
Oracle Communications 22.3.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.1
|
22.3.1 | |
|
Oracle Communications 8.2.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.2.3.0
|
8.2.3.0 | |
|
Oracle Communications 22.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.0.0.0.0
|
22.0.0.0.0 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Hitachi Ops Center
Hitachi
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
Oracle Communications 22.2.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.3
|
22.2.3 | |
|
Oracle Communications 22.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0
|
22.1.0 | |
|
Oracle Communications 22.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.2
|
22.2.2 | |
|
Oracle Communications 22.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.4.1
|
22.4.1 | |
|
Oracle Communications 22.3.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.4
|
22.3.4 | |
|
Oracle Communications 22.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.0
|
22.3.0 | |
|
Oracle Communications 22.3.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.2
|
22.3.2 | |
|
Oracle Communications 8.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.0.0
|
8.0.0 | |
|
Oracle Communications 7.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:7.1.0
|
7.1.0 | |
|
Oracle Communications 22.3.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.3
|
22.3.3 | |
|
Oracle Communications 8.6.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.6.0.0
|
8.6.0.0 | |
|
Oracle Communications 22.2.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.4
|
22.2.4 | |
|
Oracle Communications 22.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0.0.0
|
22.1.0.0.0 | |
|
IBM Security Guardium 11.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.5
|
11.5 |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=22.4.0
Oracle / Communications
|
<=22.4.0 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
11.3 | |
|
Oracle Communications 22.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.0
|
22.2.0 | |
|
Oracle Communications 1.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:1.11.0
|
1.11.0 | |
|
Oracle Communications 22.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.1
|
22.2.1 | |
|
Oracle Communications 22.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.1
|
22.1.1 | |
|
Oracle Communications 10.4.0.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:10.4.0.4.1
|
10.4.0.4.1 | |
|
Oracle Communications 22.3.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.1
|
22.3.1 | |
|
Oracle Communications 8.2.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.2.3.0
|
8.2.3.0 | |
|
Oracle Communications 22.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.0.0.0.0
|
22.0.0.0.0 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Hitachi Ops Center
Hitachi
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
Oracle Communications 22.2.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.3
|
22.2.3 | |
|
Oracle Communications 22.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0
|
22.1.0 | |
|
Oracle Communications 22.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.2
|
22.2.2 | |
|
Oracle Communications 22.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.4.1
|
22.4.1 | |
|
Oracle Communications 22.3.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.4
|
22.3.4 | |
|
Oracle Communications 22.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.0
|
22.3.0 | |
|
Oracle Communications 22.3.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.2
|
22.3.2 | |
|
Oracle Communications 8.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.0.0
|
8.0.0 | |
|
Oracle Communications 7.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:7.1.0
|
7.1.0 | |
|
Oracle Communications 22.3.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.3
|
22.3.3 | |
|
Oracle Communications 8.6.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.6.0.0
|
8.6.0.0 | |
|
Oracle Communications 22.2.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.4
|
22.2.4 | |
|
Oracle Communications 22.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0.0.0
|
22.1.0.0.0 | |
|
IBM Security Guardium 11.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.5
|
11.5 |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=22.4.0
Oracle / Communications
|
<=22.4.0 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
11.3 | |
|
Oracle Communications 22.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.0
|
22.2.0 | |
|
Oracle Communications 1.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:1.11.0
|
1.11.0 | |
|
Oracle Communications 22.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.1
|
22.2.1 | |
|
Oracle Communications 22.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.1
|
22.1.1 | |
|
Oracle Communications 10.4.0.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:10.4.0.4.1
|
10.4.0.4.1 | |
|
Oracle Communications 22.3.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.1
|
22.3.1 | |
|
Oracle Communications 8.2.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.2.3.0
|
8.2.3.0 | |
|
Oracle Communications 22.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.0.0.0.0
|
22.0.0.0.0 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Hitachi Ops Center
Hitachi
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
Oracle Communications 22.2.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.3
|
22.2.3 | |
|
Oracle Communications 22.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0
|
22.1.0 | |
|
Oracle Communications 22.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.2
|
22.2.2 | |
|
Oracle Communications 22.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.4.1
|
22.4.1 | |
|
Oracle Communications 22.3.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.4
|
22.3.4 | |
|
Oracle Communications 22.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.0
|
22.3.0 | |
|
Oracle Communications 22.3.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.2
|
22.3.2 | |
|
Oracle Communications 8.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.0.0
|
8.0.0 | |
|
Oracle Communications 7.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:7.1.0
|
7.1.0 | |
|
Oracle Communications 22.3.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.3
|
22.3.3 | |
|
Oracle Communications 8.6.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.6.0.0
|
8.6.0.0 | |
|
Oracle Communications 22.2.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.4
|
22.2.4 | |
|
Oracle Communications 22.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0.0.0
|
22.1.0.0.0 | |
|
IBM Security Guardium 11.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.5
|
11.5 |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=22.4.0
Oracle / Communications
|
<=22.4.0 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
11.3 | |
|
Oracle Communications 22.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.0
|
22.2.0 | |
|
Oracle Communications 1.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:1.11.0
|
1.11.0 | |
|
Oracle Communications 22.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.1
|
22.2.1 | |
|
Oracle Communications 22.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.1
|
22.1.1 | |
|
Oracle Communications 10.4.0.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:10.4.0.4.1
|
10.4.0.4.1 | |
|
Oracle Communications 22.3.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.1
|
22.3.1 | |
|
Oracle Communications 8.2.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.2.3.0
|
8.2.3.0 | |
|
Oracle Communications 22.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.0.0.0.0
|
22.0.0.0.0 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Hitachi Ops Center
Hitachi
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
Oracle Communications 22.2.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.3
|
22.2.3 | |
|
Oracle Communications 22.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0
|
22.1.0 | |
|
Oracle Communications 22.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.2
|
22.2.2 | |
|
Oracle Communications 22.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.4.1
|
22.4.1 | |
|
Oracle Communications 22.3.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.4
|
22.3.4 | |
|
Oracle Communications 22.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.0
|
22.3.0 | |
|
Oracle Communications 22.3.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.2
|
22.3.2 | |
|
Oracle Communications 8.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.0.0
|
8.0.0 | |
|
Oracle Communications 7.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:7.1.0
|
7.1.0 | |
|
Oracle Communications 22.3.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.3
|
22.3.3 | |
|
Oracle Communications 8.6.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.6.0.0
|
8.6.0.0 | |
|
Oracle Communications 22.2.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.4
|
22.2.4 | |
|
Oracle Communications 22.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0.0.0
|
22.1.0.0.0 | |
|
IBM Security Guardium 11.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.5
|
11.5 |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=22.4.0
Oracle / Communications
|
<=22.4.0 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
11.3 | |
|
Oracle Communications 22.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.0
|
22.2.0 | |
|
Oracle Communications 1.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:1.11.0
|
1.11.0 | |
|
Oracle Communications 22.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.1
|
22.2.1 | |
|
Oracle Communications 22.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.1
|
22.1.1 | |
|
Oracle Communications 10.4.0.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:10.4.0.4.1
|
10.4.0.4.1 | |
|
Oracle Communications 22.3.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.1
|
22.3.1 | |
|
Oracle Communications 8.2.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.2.3.0
|
8.2.3.0 | |
|
Oracle Communications 22.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.0.0.0.0
|
22.0.0.0.0 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Hitachi Ops Center
Hitachi
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
Oracle Communications 22.2.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.3
|
22.2.3 | |
|
Oracle Communications 22.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0
|
22.1.0 | |
|
Oracle Communications 22.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.2
|
22.2.2 | |
|
Oracle Communications 22.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.4.1
|
22.4.1 | |
|
Oracle Communications 22.3.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.4
|
22.3.4 | |
|
Oracle Communications 22.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.0
|
22.3.0 | |
|
Oracle Communications 22.3.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.2
|
22.3.2 | |
|
Oracle Communications 8.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.0.0
|
8.0.0 | |
|
Oracle Communications 7.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:7.1.0
|
7.1.0 | |
|
Oracle Communications 22.3.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.3
|
22.3.3 | |
|
Oracle Communications 8.6.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.6.0.0
|
8.6.0.0 | |
|
Oracle Communications 22.2.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.4
|
22.2.4 | |
|
Oracle Communications 22.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0.0.0
|
22.1.0.0.0 | |
|
IBM Security Guardium 11.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.5
|
11.5 |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=22.4.0
Oracle / Communications
|
<=22.4.0 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
11.3 | |
|
Oracle Communications 22.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.0
|
22.2.0 | |
|
Oracle Communications 1.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:1.11.0
|
1.11.0 | |
|
Oracle Communications 22.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.1
|
22.2.1 | |
|
Oracle Communications 22.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.1
|
22.1.1 | |
|
Oracle Communications 10.4.0.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:10.4.0.4.1
|
10.4.0.4.1 | |
|
Oracle Communications 22.3.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.1
|
22.3.1 | |
|
Oracle Communications 8.2.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.2.3.0
|
8.2.3.0 | |
|
Oracle Communications 22.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.0.0.0.0
|
22.0.0.0.0 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Hitachi Ops Center
Hitachi
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
Oracle Communications 22.2.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.3
|
22.2.3 | |
|
Oracle Communications 22.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0
|
22.1.0 | |
|
Oracle Communications 22.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.2
|
22.2.2 | |
|
Oracle Communications 22.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.4.1
|
22.4.1 | |
|
Oracle Communications 22.3.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.4
|
22.3.4 | |
|
Oracle Communications 22.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.0
|
22.3.0 | |
|
Oracle Communications 22.3.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.2
|
22.3.2 | |
|
Oracle Communications 8.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.0.0
|
8.0.0 | |
|
Oracle Communications 7.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:7.1.0
|
7.1.0 | |
|
Oracle Communications 22.3.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.3
|
22.3.3 | |
|
Oracle Communications 8.6.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.6.0.0
|
8.6.0.0 | |
|
Oracle Communications 22.2.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.4
|
22.2.4 | |
|
Oracle Communications 22.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0.0.0
|
22.1.0.0.0 | |
|
IBM Security Guardium 11.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.5
|
11.5 |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=22.4.0
Oracle / Communications
|
<=22.4.0 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
11.3 | |
|
Oracle Communications 22.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.0
|
22.2.0 | |
|
Oracle Communications 1.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:1.11.0
|
1.11.0 | |
|
Oracle Communications 22.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.1
|
22.2.1 | |
|
Oracle Communications 22.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.1
|
22.1.1 | |
|
Oracle Communications 10.4.0.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:10.4.0.4.1
|
10.4.0.4.1 | |
|
Oracle Communications 22.3.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.1
|
22.3.1 | |
|
Oracle Communications 8.2.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.2.3.0
|
8.2.3.0 | |
|
Oracle Communications 22.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.0.0.0.0
|
22.0.0.0.0 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Hitachi Ops Center
Hitachi
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
Oracle Communications 22.2.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.3
|
22.2.3 | |
|
Oracle Communications 22.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0
|
22.1.0 | |
|
Oracle Communications 22.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.2
|
22.2.2 | |
|
Oracle Communications 22.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.4.1
|
22.4.1 | |
|
Oracle Communications 22.3.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.4
|
22.3.4 | |
|
Oracle Communications 22.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.0
|
22.3.0 | |
|
Oracle Communications 22.3.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.2
|
22.3.2 | |
|
Oracle Communications 8.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.0.0
|
8.0.0 | |
|
Oracle Communications 7.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:7.1.0
|
7.1.0 | |
|
Oracle Communications 22.3.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.3
|
22.3.3 | |
|
Oracle Communications 8.6.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.6.0.0
|
8.6.0.0 | |
|
Oracle Communications 22.2.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.4
|
22.2.4 | |
|
Oracle Communications 22.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0.0.0
|
22.1.0.0.0 | |
|
IBM Security Guardium 11.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.5
|
11.5 |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=22.4.0
Oracle / Communications
|
<=22.4.0 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
11.3 | |
|
Oracle Communications 22.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.0
|
22.2.0 | |
|
Oracle Communications 1.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:1.11.0
|
1.11.0 | |
|
Oracle Communications 22.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.1
|
22.2.1 | |
|
Oracle Communications 22.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.1
|
22.1.1 | |
|
Oracle Communications 10.4.0.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:10.4.0.4.1
|
10.4.0.4.1 | |
|
Oracle Communications 22.3.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.1
|
22.3.1 | |
|
Oracle Communications 8.2.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.2.3.0
|
8.2.3.0 | |
|
Oracle Communications 22.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.0.0.0.0
|
22.0.0.0.0 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Hitachi Ops Center
Hitachi
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
Oracle Communications 22.2.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.3
|
22.2.3 | |
|
Oracle Communications 22.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0
|
22.1.0 | |
|
Oracle Communications 22.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.2
|
22.2.2 | |
|
Oracle Communications 22.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.4.1
|
22.4.1 | |
|
Oracle Communications 22.3.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.4
|
22.3.4 | |
|
Oracle Communications 22.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.0
|
22.3.0 | |
|
Oracle Communications 22.3.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.2
|
22.3.2 | |
|
Oracle Communications 8.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.0.0
|
8.0.0 | |
|
Oracle Communications 7.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:7.1.0
|
7.1.0 | |
|
Oracle Communications 22.3.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.3
|
22.3.3 | |
|
Oracle Communications 8.6.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.6.0.0
|
8.6.0.0 | |
|
Oracle Communications 22.2.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.4
|
22.2.4 | |
|
Oracle Communications 22.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0.0.0
|
22.1.0.0.0 | |
|
IBM Security Guardium 11.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.5
|
11.5 |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=22.4.0
Oracle / Communications
|
<=22.4.0 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
11.3 | |
|
Oracle Communications 22.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.0
|
22.2.0 | |
|
Oracle Communications 1.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:1.11.0
|
1.11.0 | |
|
Oracle Communications 22.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.1
|
22.2.1 | |
|
Oracle Communications 22.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.1
|
22.1.1 | |
|
Oracle Communications 10.4.0.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:10.4.0.4.1
|
10.4.0.4.1 | |
|
Oracle Communications 22.3.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.1
|
22.3.1 | |
|
Oracle Communications 8.2.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.2.3.0
|
8.2.3.0 | |
|
Oracle Communications 22.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.0.0.0.0
|
22.0.0.0.0 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Hitachi Ops Center
Hitachi
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
Oracle Communications 22.2.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.3
|
22.2.3 | |
|
Oracle Communications 22.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0
|
22.1.0 | |
|
Oracle Communications 22.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.2
|
22.2.2 | |
|
Oracle Communications 22.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.4.1
|
22.4.1 | |
|
Oracle Communications 22.3.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.4
|
22.3.4 | |
|
Oracle Communications 22.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.0
|
22.3.0 | |
|
Oracle Communications 22.3.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.2
|
22.3.2 | |
|
Oracle Communications 8.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.0.0
|
8.0.0 | |
|
Oracle Communications 7.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:7.1.0
|
7.1.0 | |
|
Oracle Communications 22.3.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.3
|
22.3.3 | |
|
Oracle Communications 8.6.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.6.0.0
|
8.6.0.0 | |
|
Oracle Communications 22.2.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.4
|
22.2.4 | |
|
Oracle Communications 22.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0.0.0
|
22.1.0.0.0 | |
|
IBM Security Guardium 11.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.5
|
11.5 |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=22.4.0
Oracle / Communications
|
<=22.4.0 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
11.3 | |
|
Oracle Communications 22.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.0
|
22.2.0 | |
|
Oracle Communications 1.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:1.11.0
|
1.11.0 | |
|
Oracle Communications 22.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.1
|
22.2.1 | |
|
Oracle Communications 22.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.1
|
22.1.1 | |
|
Oracle Communications 10.4.0.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:10.4.0.4.1
|
10.4.0.4.1 | |
|
Oracle Communications 22.3.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.1
|
22.3.1 | |
|
Oracle Communications 8.2.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.2.3.0
|
8.2.3.0 | |
|
Oracle Communications 22.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.0.0.0.0
|
22.0.0.0.0 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Hitachi Ops Center
Hitachi
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
Oracle Communications 22.2.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.3
|
22.2.3 | |
|
Oracle Communications 22.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0
|
22.1.0 | |
|
Oracle Communications 22.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.2
|
22.2.2 | |
|
Oracle Communications 22.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.4.1
|
22.4.1 | |
|
Oracle Communications 22.3.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.4
|
22.3.4 | |
|
Oracle Communications 22.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.0
|
22.3.0 | |
|
Oracle Communications 22.3.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.2
|
22.3.2 | |
|
Oracle Communications 8.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.0.0
|
8.0.0 | |
|
Oracle Communications 7.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:7.1.0
|
7.1.0 | |
|
Oracle Communications 22.3.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.3
|
22.3.3 | |
|
Oracle Communications 8.6.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.6.0.0
|
8.6.0.0 | |
|
Oracle Communications 22.2.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.4
|
22.2.4 | |
|
Oracle Communications 22.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0.0.0
|
22.1.0.0.0 | |
|
IBM Security Guardium 11.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.5
|
11.5 |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=22.4.0
Oracle / Communications
|
<=22.4.0 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
11.3 | |
|
Oracle Communications 22.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.0
|
22.2.0 | |
|
Oracle Communications 1.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:1.11.0
|
1.11.0 | |
|
Oracle Communications 22.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.1
|
22.2.1 | |
|
Oracle Communications 22.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.1
|
22.1.1 | |
|
Oracle Communications 10.4.0.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:10.4.0.4.1
|
10.4.0.4.1 | |
|
Oracle Communications 22.3.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.1
|
22.3.1 | |
|
Oracle Communications 8.2.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.2.3.0
|
8.2.3.0 | |
|
Oracle Communications 22.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.0.0.0.0
|
22.0.0.0.0 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Hitachi Ops Center
Hitachi
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
Oracle Communications 22.2.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.3
|
22.2.3 | |
|
Oracle Communications 22.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0
|
22.1.0 | |
|
Oracle Communications 22.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.2
|
22.2.2 | |
|
Oracle Communications 22.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.4.1
|
22.4.1 | |
|
Oracle Communications 22.3.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.4
|
22.3.4 | |
|
Oracle Communications 22.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.0
|
22.3.0 | |
|
Oracle Communications 22.3.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.2
|
22.3.2 | |
|
Oracle Communications 8.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.0.0
|
8.0.0 | |
|
Oracle Communications 7.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:7.1.0
|
7.1.0 | |
|
Oracle Communications 22.3.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.3
|
22.3.3 | |
|
Oracle Communications 8.6.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.6.0.0
|
8.6.0.0 | |
|
Oracle Communications 22.2.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.4
|
22.2.4 | |
|
Oracle Communications 22.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0.0.0
|
22.1.0.0.0 | |
|
IBM Security Guardium 11.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.5
|
11.5 |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=22.4.0
Oracle / Communications
|
<=22.4.0 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
11.3 | |
|
Oracle Communications 22.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.0
|
22.2.0 | |
|
Oracle Communications 1.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:1.11.0
|
1.11.0 | |
|
Oracle Communications 22.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.1
|
22.2.1 | |
|
Oracle Communications 22.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.1
|
22.1.1 | |
|
Oracle Communications 10.4.0.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:10.4.0.4.1
|
10.4.0.4.1 | |
|
Oracle Communications 22.3.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.1
|
22.3.1 | |
|
Oracle Communications 8.2.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.2.3.0
|
8.2.3.0 | |
|
Oracle Communications 22.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.0.0.0.0
|
22.0.0.0.0 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Hitachi Ops Center
Hitachi
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
Oracle Communications 22.2.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.3
|
22.2.3 | |
|
Oracle Communications 22.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0
|
22.1.0 | |
|
Oracle Communications 22.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.2
|
22.2.2 | |
|
Oracle Communications 22.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.4.1
|
22.4.1 | |
|
Oracle Communications 22.3.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.4
|
22.3.4 | |
|
Oracle Communications 22.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.0
|
22.3.0 | |
|
Oracle Communications 22.3.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.2
|
22.3.2 | |
|
Oracle Communications 8.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.0.0
|
8.0.0 | |
|
Oracle Communications 7.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:7.1.0
|
7.1.0 | |
|
Oracle Communications 22.3.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.3
|
22.3.3 | |
|
Oracle Communications 8.6.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.6.0.0
|
8.6.0.0 | |
|
Oracle Communications 22.2.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.4
|
22.2.4 | |
|
Oracle Communications 22.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0.0.0
|
22.1.0.0.0 | |
|
IBM Security Guardium 11.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.5
|
11.5 |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=22.4.0
Oracle / Communications
|
<=22.4.0 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
11.3 | |
|
Oracle Communications 22.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.0
|
22.2.0 | |
|
Oracle Communications 1.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:1.11.0
|
1.11.0 | |
|
Oracle Communications 22.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.1
|
22.2.1 | |
|
Oracle Communications 22.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.1
|
22.1.1 | |
|
Oracle Communications 10.4.0.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:10.4.0.4.1
|
10.4.0.4.1 | |
|
Oracle Communications 22.3.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.1
|
22.3.1 | |
|
Oracle Communications 8.2.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.2.3.0
|
8.2.3.0 | |
|
Oracle Communications 22.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.0.0.0.0
|
22.0.0.0.0 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Hitachi Ops Center
Hitachi
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
Oracle Communications 22.2.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.3
|
22.2.3 | |
|
Oracle Communications 22.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0
|
22.1.0 | |
|
Oracle Communications 22.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.2
|
22.2.2 | |
|
Oracle Communications 22.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.4.1
|
22.4.1 | |
|
Oracle Communications 22.3.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.4
|
22.3.4 | |
|
Oracle Communications 22.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.0
|
22.3.0 | |
|
Oracle Communications 22.3.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.2
|
22.3.2 | |
|
Oracle Communications 8.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.0.0
|
8.0.0 | |
|
Oracle Communications 7.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:7.1.0
|
7.1.0 | |
|
Oracle Communications 22.3.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.3
|
22.3.3 | |
|
Oracle Communications 8.6.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.6.0.0
|
8.6.0.0 | |
|
Oracle Communications 22.2.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.4
|
22.2.4 | |
|
Oracle Communications 22.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0.0.0
|
22.1.0.0.0 | |
|
IBM Security Guardium 11.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.5
|
11.5 |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=22.4.0
Oracle / Communications
|
<=22.4.0 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
11.3 | |
|
Oracle Communications 22.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.0
|
22.2.0 | |
|
Oracle Communications 1.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:1.11.0
|
1.11.0 | |
|
Oracle Communications 22.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.1
|
22.2.1 | |
|
Oracle Communications 22.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.1
|
22.1.1 | |
|
Oracle Communications 10.4.0.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:10.4.0.4.1
|
10.4.0.4.1 | |
|
Oracle Communications 22.3.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.1
|
22.3.1 | |
|
Oracle Communications 8.2.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.2.3.0
|
8.2.3.0 | |
|
Oracle Communications 22.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.0.0.0.0
|
22.0.0.0.0 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Hitachi Ops Center
Hitachi
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
Oracle Communications 22.2.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.3
|
22.2.3 | |
|
Oracle Communications 22.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0
|
22.1.0 | |
|
Oracle Communications 22.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.2
|
22.2.2 | |
|
Oracle Communications 22.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.4.1
|
22.4.1 | |
|
Oracle Communications 22.3.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.4
|
22.3.4 | |
|
Oracle Communications 22.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.0
|
22.3.0 | |
|
Oracle Communications 22.3.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.2
|
22.3.2 | |
|
Oracle Communications 8.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.0.0
|
8.0.0 | |
|
Oracle Communications 7.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:7.1.0
|
7.1.0 | |
|
Oracle Communications 22.3.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.3
|
22.3.3 | |
|
Oracle Communications 8.6.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.6.0.0
|
8.6.0.0 | |
|
Oracle Communications 22.2.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.4
|
22.2.4 | |
|
Oracle Communications 22.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0.0.0
|
22.1.0.0.0 | |
|
IBM Security Guardium 11.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.5
|
11.5 |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=22.4.0
Oracle / Communications
|
<=22.4.0 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
11.3 | |
|
Oracle Communications 22.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.0
|
22.2.0 | |
|
Oracle Communications 1.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:1.11.0
|
1.11.0 | |
|
Oracle Communications 22.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.1
|
22.2.1 | |
|
Oracle Communications 22.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.1
|
22.1.1 | |
|
Oracle Communications 10.4.0.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:10.4.0.4.1
|
10.4.0.4.1 | |
|
Oracle Communications 22.3.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.1
|
22.3.1 | |
|
Oracle Communications 8.2.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.2.3.0
|
8.2.3.0 | |
|
Oracle Communications 22.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.0.0.0.0
|
22.0.0.0.0 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Hitachi Ops Center
Hitachi
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
Oracle Communications 22.2.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.3
|
22.2.3 | |
|
Oracle Communications 22.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0
|
22.1.0 | |
|
Oracle Communications 22.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.2
|
22.2.2 | |
|
Oracle Communications 22.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.4.1
|
22.4.1 | |
|
Oracle Communications 22.3.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.4
|
22.3.4 | |
|
Oracle Communications 22.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.0
|
22.3.0 | |
|
Oracle Communications 22.3.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.2
|
22.3.2 | |
|
Oracle Communications 8.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.0.0
|
8.0.0 | |
|
Oracle Communications 7.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:7.1.0
|
7.1.0 | |
|
Oracle Communications 22.3.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.3
|
22.3.3 | |
|
Oracle Communications 8.6.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.6.0.0
|
8.6.0.0 | |
|
Oracle Communications 22.2.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.4
|
22.2.4 | |
|
Oracle Communications 22.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0.0.0
|
22.1.0.0.0 | |
|
IBM Security Guardium 11.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.5
|
11.5 |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=22.4.0
Oracle / Communications
|
<=22.4.0 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
11.3 | |
|
Oracle Communications 22.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.0
|
22.2.0 | |
|
Oracle Communications 1.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:1.11.0
|
1.11.0 | |
|
Oracle Communications 22.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.1
|
22.2.1 | |
|
Oracle Communications 22.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.1
|
22.1.1 | |
|
Oracle Communications 10.4.0.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:10.4.0.4.1
|
10.4.0.4.1 | |
|
Oracle Communications 22.3.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.1
|
22.3.1 | |
|
Oracle Communications 8.2.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.2.3.0
|
8.2.3.0 | |
|
Oracle Communications 22.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.0.0.0.0
|
22.0.0.0.0 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Hitachi Ops Center
Hitachi
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
Oracle Communications 22.2.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.3
|
22.2.3 | |
|
Oracle Communications 22.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0
|
22.1.0 | |
|
Oracle Communications 22.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.2
|
22.2.2 | |
|
Oracle Communications 22.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.4.1
|
22.4.1 | |
|
Oracle Communications 22.3.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.4
|
22.3.4 | |
|
Oracle Communications 22.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.0
|
22.3.0 | |
|
Oracle Communications 22.3.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.2
|
22.3.2 | |
|
Oracle Communications 8.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.0.0
|
8.0.0 | |
|
Oracle Communications 7.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:7.1.0
|
7.1.0 | |
|
Oracle Communications 22.3.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.3
|
22.3.3 | |
|
Oracle Communications 8.6.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.6.0.0
|
8.6.0.0 | |
|
Oracle Communications 22.2.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.4
|
22.2.4 | |
|
Oracle Communications 22.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0.0.0
|
22.1.0.0.0 | |
|
IBM Security Guardium 11.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.5
|
11.5 |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=22.4.0
Oracle / Communications
|
<=22.4.0 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
11.3 | |
|
Oracle Communications 22.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.0
|
22.2.0 | |
|
Oracle Communications 1.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:1.11.0
|
1.11.0 | |
|
Oracle Communications 22.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.1
|
22.2.1 | |
|
Oracle Communications 22.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.1
|
22.1.1 | |
|
Oracle Communications 10.4.0.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:10.4.0.4.1
|
10.4.0.4.1 | |
|
Oracle Communications 22.3.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.1
|
22.3.1 | |
|
Oracle Communications 8.2.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.2.3.0
|
8.2.3.0 | |
|
Oracle Communications 22.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.0.0.0.0
|
22.0.0.0.0 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Hitachi Ops Center
Hitachi
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
Oracle Communications 22.2.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.3
|
22.2.3 | |
|
Oracle Communications 22.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0
|
22.1.0 | |
|
Oracle Communications 22.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.2
|
22.2.2 | |
|
Oracle Communications 22.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.4.1
|
22.4.1 | |
|
Oracle Communications 22.3.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.4
|
22.3.4 | |
|
Oracle Communications 22.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.0
|
22.3.0 | |
|
Oracle Communications 22.3.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.2
|
22.3.2 | |
|
Oracle Communications 8.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.0.0
|
8.0.0 | |
|
Oracle Communications 7.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:7.1.0
|
7.1.0 | |
|
Oracle Communications 22.3.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.3
|
22.3.3 | |
|
Oracle Communications 8.6.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.6.0.0
|
8.6.0.0 | |
|
Oracle Communications 22.2.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.4
|
22.2.4 | |
|
Oracle Communications 22.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0.0.0
|
22.1.0.0.0 | |
|
IBM Security Guardium 11.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.5
|
11.5 |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=22.4.0
Oracle / Communications
|
<=22.4.0 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
11.3 | |
|
Oracle Communications 22.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.0
|
22.2.0 | |
|
Oracle Communications 1.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:1.11.0
|
1.11.0 | |
|
Oracle Communications 22.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.1
|
22.2.1 | |
|
Oracle Communications 22.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.1
|
22.1.1 | |
|
Oracle Communications 10.4.0.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:10.4.0.4.1
|
10.4.0.4.1 | |
|
Oracle Communications 22.3.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.1
|
22.3.1 | |
|
Oracle Communications 8.2.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.2.3.0
|
8.2.3.0 | |
|
Oracle Communications 22.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.0.0.0.0
|
22.0.0.0.0 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Hitachi Ops Center
Hitachi
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
Oracle Communications 22.2.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.3
|
22.2.3 | |
|
Oracle Communications 22.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0
|
22.1.0 | |
|
Oracle Communications 22.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.2
|
22.2.2 | |
|
Oracle Communications 22.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.4.1
|
22.4.1 | |
|
Oracle Communications 22.3.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.4
|
22.3.4 | |
|
Oracle Communications 22.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.0
|
22.3.0 | |
|
Oracle Communications 22.3.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.2
|
22.3.2 | |
|
Oracle Communications 8.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.0.0
|
8.0.0 | |
|
Oracle Communications 7.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:7.1.0
|
7.1.0 | |
|
Oracle Communications 22.3.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.3
|
22.3.3 | |
|
Oracle Communications 8.6.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.6.0.0
|
8.6.0.0 | |
|
Oracle Communications 22.2.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.4
|
22.2.4 | |
|
Oracle Communications 22.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0.0.0
|
22.1.0.0.0 | |
|
IBM Security Guardium 11.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.5
|
11.5 |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=22.4.0
Oracle / Communications
|
<=22.4.0 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
11.3 | |
|
Oracle Communications 22.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.0
|
22.2.0 | |
|
Oracle Communications 1.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:1.11.0
|
1.11.0 | |
|
Oracle Communications 22.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.1
|
22.2.1 | |
|
Oracle Communications 22.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.1
|
22.1.1 | |
|
Oracle Communications 10.4.0.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:10.4.0.4.1
|
10.4.0.4.1 | |
|
Oracle Communications 22.3.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.1
|
22.3.1 | |
|
Oracle Communications 8.2.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.2.3.0
|
8.2.3.0 | |
|
Oracle Communications 22.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.0.0.0.0
|
22.0.0.0.0 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Hitachi Ops Center
Hitachi
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
Oracle Communications 22.2.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.3
|
22.2.3 | |
|
Oracle Communications 22.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0
|
22.1.0 | |
|
Oracle Communications 22.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.2
|
22.2.2 | |
|
Oracle Communications 22.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.4.1
|
22.4.1 | |
|
Oracle Communications 22.3.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.4
|
22.3.4 | |
|
Oracle Communications 22.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.0
|
22.3.0 | |
|
Oracle Communications 22.3.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.2
|
22.3.2 | |
|
Oracle Communications 8.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.0.0
|
8.0.0 | |
|
Oracle Communications 7.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:7.1.0
|
7.1.0 | |
|
Oracle Communications 22.3.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.3
|
22.3.3 | |
|
Oracle Communications 8.6.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.6.0.0
|
8.6.0.0 | |
|
Oracle Communications 22.2.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.4
|
22.2.4 | |
|
Oracle Communications 22.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0.0.0
|
22.1.0.0.0 | |
|
IBM Security Guardium 11.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.5
|
11.5 |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=22.4.0
Oracle / Communications
|
<=22.4.0 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
11.3 | |
|
Oracle Communications 22.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.0
|
22.2.0 | |
|
Oracle Communications 1.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:1.11.0
|
1.11.0 | |
|
Oracle Communications 22.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.1
|
22.2.1 | |
|
Oracle Communications 22.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.1
|
22.1.1 | |
|
Oracle Communications 10.4.0.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:10.4.0.4.1
|
10.4.0.4.1 | |
|
Oracle Communications 22.3.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.1
|
22.3.1 | |
|
Oracle Communications 8.2.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.2.3.0
|
8.2.3.0 | |
|
Oracle Communications 22.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.0.0.0.0
|
22.0.0.0.0 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Hitachi Ops Center
Hitachi
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
Oracle Communications 22.2.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.3
|
22.2.3 | |
|
Oracle Communications 22.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0
|
22.1.0 | |
|
Oracle Communications 22.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.2
|
22.2.2 | |
|
Oracle Communications 22.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.4.1
|
22.4.1 | |
|
Oracle Communications 22.3.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.4
|
22.3.4 | |
|
Oracle Communications 22.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.0
|
22.3.0 | |
|
Oracle Communications 22.3.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.2
|
22.3.2 | |
|
Oracle Communications 8.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.0.0
|
8.0.0 | |
|
Oracle Communications 7.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:7.1.0
|
7.1.0 | |
|
Oracle Communications 22.3.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.3
|
22.3.3 | |
|
Oracle Communications 8.6.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.6.0.0
|
8.6.0.0 | |
|
Oracle Communications 22.2.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.4
|
22.2.4 | |
|
Oracle Communications 22.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0.0.0
|
22.1.0.0.0 | |
|
IBM Security Guardium 11.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.5
|
11.5 |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=22.4.0
Oracle / Communications
|
<=22.4.0 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
11.3 | |
|
Oracle Communications 22.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.0
|
22.2.0 | |
|
Oracle Communications 1.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:1.11.0
|
1.11.0 | |
|
Oracle Communications 22.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.1
|
22.2.1 | |
|
Oracle Communications 22.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.1
|
22.1.1 | |
|
Oracle Communications 10.4.0.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:10.4.0.4.1
|
10.4.0.4.1 | |
|
Oracle Communications 22.3.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.1
|
22.3.1 | |
|
Oracle Communications 8.2.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.2.3.0
|
8.2.3.0 | |
|
Oracle Communications 22.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.0.0.0.0
|
22.0.0.0.0 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Hitachi Ops Center
Hitachi
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
Oracle Communications 22.2.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.3
|
22.2.3 | |
|
Oracle Communications 22.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0
|
22.1.0 | |
|
Oracle Communications 22.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.2
|
22.2.2 | |
|
Oracle Communications 22.4.1
Oracle / Communications
|
cpe:/a:oracle:communications:22.4.1
|
22.4.1 | |
|
Oracle Communications 22.3.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.4
|
22.3.4 | |
|
Oracle Communications 22.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.0
|
22.3.0 | |
|
Oracle Communications 22.3.2
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.2
|
22.3.2 | |
|
Oracle Communications 8.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.0.0
|
8.0.0 | |
|
Oracle Communications 7.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:7.1.0
|
7.1.0 | |
|
Oracle Communications 22.3.3
Oracle / Communications
|
cpe:/a:oracle:communications:22.3.3
|
22.3.3 | |
|
Oracle Communications 8.6.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:8.6.0.0
|
8.6.0.0 | |
|
Oracle Communications 22.2.4
Oracle / Communications
|
cpe:/a:oracle:communications:22.2.4
|
22.2.4 | |
|
Oracle Communications 22.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:22.1.0.0.0
|
22.1.0.0.0 | |
|
IBM Security Guardium 11.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.5
|
11.5 |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=22.4.0
Oracle / Communications
|
<=22.4.0 |
References
6 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Oracle Communications umfasst branchenspezifische L\u00f6sungen f\u00fcr die Telekommunikationsbranche.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Communications ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-0137 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-0137.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-0137 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0137"
},
{
"category": "external",
"summary": "Oracle Critical Patch Update Advisory - January 2023 - Appendix Oracle Communications vom 2023-01-17",
"url": "https://www.oracle.com/security-alerts/cpujan2023.html#AppendixCGBU"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6963077 vom 2023-03-13",
"url": "https://www.ibm.com/support/pages/node/6963077"
},
{
"category": "external",
"summary": "Hitachi Software Vulnerability Information hitachi-sec-2023-117 vom 2023-05-23",
"url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-117/index.html"
},
{
"category": "external",
"summary": "XEROX Security Advisory XRX24-017 vom 2024-11-21",
"url": "https://securitydocs.business.xerox.com/wp-content/uploads/2024/11/Xerox-Security-Bulletin-XRX24-017-for-Xerox%C2%AE-FreeFlow%C2%AE-Print-Server-v9.pdf"
}
],
"source_lang": "en-US",
"title": "Oracle Communications: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-11-21T23:00:00.000+00:00",
"generator": {
"date": "2024-11-22T10:07:31.213+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.8"
}
},
"id": "WID-SEC-W-2023-0137",
"initial_release_date": "2023-01-17T23:00:00.000+00:00",
"revision_history": [
{
"date": "2023-01-17T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2023-03-13T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2023-05-22T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von HITACHI aufgenommen"
},
{
"date": "2024-11-21T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von XEROX aufgenommen"
}
],
"status": "final",
"version": "4"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Hitachi Ops Center",
"product": {
"name": "Hitachi Ops Center",
"product_id": "T017562",
"product_identification_helper": {
"cpe": "cpe:/a:hitachi:ops_center:-"
}
}
}
],
"category": "vendor",
"name": "Hitachi"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "11.3",
"product": {
"name": "IBM Security Guardium 11.3",
"product_id": "1048943",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:security_guardium:11.3"
}
}
},
{
"category": "product_version",
"name": "11.5",
"product": {
"name": "IBM Security Guardium 11.5",
"product_id": "T026399",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:security_guardium:11.5"
}
}
}
],
"category": "product_name",
"name": "Security Guardium"
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "1.11.0",
"product": {
"name": "Oracle Communications 1.11.0",
"product_id": "T020684",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:1.11.0"
}
}
},
{
"category": "product_version",
"name": "22.1.0",
"product": {
"name": "Oracle Communications 22.1.0",
"product_id": "T022812",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:22.1.0"
}
}
},
{
"category": "product_version",
"name": "22.2.0",
"product": {
"name": "Oracle Communications 22.2.0",
"product_id": "T023908",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:22.2.0"
}
}
},
{
"category": "product_version",
"name": "22.1.1",
"product": {
"name": "Oracle Communications 22.1.1",
"product_id": "T023910",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:22.1.1"
}
}
},
{
"category": "product_version",
"name": "22.2.1",
"product": {
"name": "Oracle Communications 22.2.1",
"product_id": "T024969",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:22.2.1"
}
}
},
{
"category": "product_version",
"name": "8.6.0.0",
"product": {
"name": "Oracle Communications 8.6.0.0",
"product_id": "T024970",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:8.6.0.0"
}
}
},
{
"category": "product_version",
"name": "22.3.0",
"product": {
"name": "Oracle Communications 22.3.0",
"product_id": "T024974",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:22.3.0"
}
}
},
{
"category": "product_version",
"name": "22.2.2",
"product": {
"name": "Oracle Communications 22.2.2",
"product_id": "T024978",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:22.2.2"
}
}
},
{
"category": "product_version",
"name": "22.2.3",
"product": {
"name": "Oracle Communications 22.2.3",
"product_id": "T024979",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:22.2.3"
}
}
},
{
"category": "product_version",
"name": "22.3.1",
"product": {
"name": "Oracle Communications 22.3.1",
"product_id": "T024980",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:22.3.1"
}
}
},
{
"category": "product_version_range",
"name": "\u003c=22.4.0",
"product": {
"name": "Oracle Communications \u003c=22.4.0",
"product_id": "T024981"
}
},
{
"category": "product_version_range",
"name": "\u003c=22.4.0",
"product": {
"name": "Oracle Communications \u003c=22.4.0",
"product_id": "T024981-fixed"
}
},
{
"category": "product_version",
"name": "22.3.3",
"product": {
"name": "Oracle Communications 22.3.3",
"product_id": "T025862",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:22.3.3"
}
}
},
{
"category": "product_version",
"name": "22.1.0.0.0",
"product": {
"name": "Oracle Communications 22.1.0.0.0",
"product_id": "T025863",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:22.1.0.0.0"
}
}
},
{
"category": "product_version",
"name": "22.2.4",
"product": {
"name": "Oracle Communications 22.2.4",
"product_id": "T025864",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:22.2.4"
}
}
},
{
"category": "product_version",
"name": "22.3.2",
"product": {
"name": "Oracle Communications 22.3.2",
"product_id": "T025865",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:22.3.2"
}
}
},
{
"category": "product_version",
"name": "22.3.4",
"product": {
"name": "Oracle Communications 22.3.4",
"product_id": "T025866",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:22.3.4"
}
}
},
{
"category": "product_version",
"name": "7.1.0",
"product": {
"name": "Oracle Communications 7.1.0",
"product_id": "T025867",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:7.1.0"
}
}
},
{
"category": "product_version",
"name": "8.0.0",
"product": {
"name": "Oracle Communications 8.0.0",
"product_id": "T025868",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:8.0.0"
}
}
},
{
"category": "product_version",
"name": "22.4.1",
"product": {
"name": "Oracle Communications 22.4.1",
"product_id": "T025869",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:22.4.1"
}
}
},
{
"category": "product_version",
"name": "22.0.0.0.0",
"product": {
"name": "Oracle Communications 22.0.0.0.0",
"product_id": "T025870",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:22.0.0.0.0"
}
}
},
{
"category": "product_version",
"name": "8.2.3.0",
"product": {
"name": "Oracle Communications 8.2.3.0",
"product_id": "T025871",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:8.2.3.0"
}
}
},
{
"category": "product_version",
"name": "10.4.0.4.1",
"product": {
"name": "Oracle Communications 10.4.0.4.1",
"product_id": "T025872",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:10.4.0.4.1"
}
}
}
],
"category": "product_name",
"name": "Communications"
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "v9",
"product": {
"name": "Xerox FreeFlow Print Server v9",
"product_id": "T015632",
"product_identification_helper": {
"cpe": "cpe:/a:xerox:freeflow_print_server:v9"
}
}
}
],
"category": "product_name",
"name": "FreeFlow Print Server"
}
],
"category": "vendor",
"name": "Xerox"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-1273",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"1048943",
"T023908",
"T020684",
"T024969",
"T023910",
"T025872",
"T024980",
"T025871",
"T025870",
"T015632",
"T017562",
"T024979",
"T022812",
"T024978",
"T025869",
"T025866",
"T024974",
"T025865",
"T025868",
"T025867",
"T025862",
"T024970",
"T025864",
"T025863",
"T026399"
],
"last_affected": [
"T024981"
]
},
"release_date": "2023-01-17T23:00:00.000+00:00",
"title": "CVE-2018-1273"
},
{
"cve": "CVE-2020-10735",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"1048943",
"T023908",
"T020684",
"T024969",
"T023910",
"T025872",
"T024980",
"T025871",
"T025870",
"T015632",
"T017562",
"T024979",
"T022812",
"T024978",
"T025869",
"T025866",
"T024974",
"T025865",
"T025868",
"T025867",
"T025862",
"T024970",
"T025864",
"T025863",
"T026399"
],
"last_affected": [
"T024981"
]
},
"release_date": "2023-01-17T23:00:00.000+00:00",
"title": "CVE-2020-10735"
},
{
"cve": "CVE-2021-40528",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"1048943",
"T023908",
"T020684",
"T024969",
"T023910",
"T025872",
"T024980",
"T025871",
"T025870",
"T015632",
"T017562",
"T024979",
"T022812",
"T024978",
"T025869",
"T025866",
"T024974",
"T025865",
"T025868",
"T025867",
"T025862",
"T024970",
"T025864",
"T025863",
"T026399"
],
"last_affected": [
"T024981"
]
},
"release_date": "2023-01-17T23:00:00.000+00:00",
"title": "CVE-2021-40528"
},
{
"cve": "CVE-2022-0084",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"1048943",
"T023908",
"T020684",
"T024969",
"T023910",
"T025872",
"T024980",
"T025871",
"T025870",
"T015632",
"T017562",
"T024979",
"T022812",
"T024978",
"T025869",
"T025866",
"T024974",
"T025865",
"T025868",
"T025867",
"T025862",
"T024970",
"T025864",
"T025863",
"T026399"
],
"last_affected": [
"T024981"
]
},
"release_date": "2023-01-17T23:00:00.000+00:00",
"title": "CVE-2022-0084"
},
{
"cve": "CVE-2022-0492",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"1048943",
"T023908",
"T020684",
"T024969",
"T023910",
"T025872",
"T024980",
"T025871",
"T025870",
"T015632",
"T017562",
"T024979",
"T022812",
"T024978",
"T025869",
"T025866",
"T024974",
"T025865",
"T025868",
"T025867",
"T025862",
"T024970",
"T025864",
"T025863",
"T026399"
],
"last_affected": [
"T024981"
]
},
"release_date": "2023-01-17T23:00:00.000+00:00",
"title": "CVE-2022-0492"
},
{
"cve": "CVE-2022-0934",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"1048943",
"T023908",
"T020684",
"T024969",
"T023910",
"T025872",
"T024980",
"T025871",
"T025870",
"T015632",
"T017562",
"T024979",
"T022812",
"T024978",
"T025869",
"T025866",
"T024974",
"T025865",
"T025868",
"T025867",
"T025862",
"T024970",
"T025864",
"T025863",
"T026399"
],
"last_affected": [
"T024981"
]
},
"release_date": "2023-01-17T23:00:00.000+00:00",
"title": "CVE-2022-0934"
},
{
"cve": "CVE-2022-1304",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"1048943",
"T023908",
"T020684",
"T024969",
"T023910",
"T025872",
"T024980",
"T025871",
"T025870",
"T015632",
"T017562",
"T024979",
"T022812",
"T024978",
"T025869",
"T025866",
"T024974",
"T025865",
"T025868",
"T025867",
"T025862",
"T024970",
"T025864",
"T025863",
"T026399"
],
"last_affected": [
"T024981"
]
},
"release_date": "2023-01-17T23:00:00.000+00:00",
"title": "CVE-2022-1304"
},
{
"cve": "CVE-2022-1319",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"1048943",
"T023908",
"T020684",
"T024969",
"T023910",
"T025872",
"T024980",
"T025871",
"T025870",
"T015632",
"T017562",
"T024979",
"T022812",
"T024978",
"T025869",
"T025866",
"T024974",
"T025865",
"T025868",
"T025867",
"T025862",
"T024970",
"T025864",
"T025863",
"T026399"
],
"last_affected": [
"T024981"
]
},
"release_date": "2023-01-17T23:00:00.000+00:00",
"title": "CVE-2022-1319"
},
{
"cve": "CVE-2022-2048",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"1048943",
"T023908",
"T020684",
"T024969",
"T023910",
"T025872",
"T024980",
"T025871",
"T025870",
"T015632",
"T017562",
"T024979",
"T022812",
"T024978",
"T025869",
"T025866",
"T024974",
"T025865",
"T025868",
"T025867",
"T025862",
"T024970",
"T025864",
"T025863",
"T026399"
],
"last_affected": [
"T024981"
]
},
"release_date": "2023-01-17T23:00:00.000+00:00",
"title": "CVE-2022-2048"
},
{
"cve": "CVE-2022-2053",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"1048943",
"T023908",
"T020684",
"T024969",
"T023910",
"T025872",
"T024980",
"T025871",
"T025870",
"T015632",
"T017562",
"T024979",
"T022812",
"T024978",
"T025869",
"T025866",
"T024974",
"T025865",
"T025868",
"T025867",
"T025862",
"T024970",
"T025864",
"T025863",
"T026399"
],
"last_affected": [
"T024981"
]
},
"release_date": "2023-01-17T23:00:00.000+00:00",
"title": "CVE-2022-2053"
},
{
"cve": "CVE-2022-21824",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"1048943",
"T023908",
"T020684",
"T024969",
"T023910",
"T025872",
"T024980",
"T025871",
"T025870",
"T015632",
"T017562",
"T024979",
"T022812",
"T024978",
"T025869",
"T025866",
"T024974",
"T025865",
"T025868",
"T025867",
"T025862",
"T024970",
"T025864",
"T025863",
"T026399"
],
"last_affected": [
"T024981"
]
},
"release_date": "2023-01-17T23:00:00.000+00:00",
"title": "CVE-2022-21824"
},
{
"cve": "CVE-2022-22970",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"1048943",
"T023908",
"T020684",
"T024969",
"T023910",
"T025872",
"T024980",
"T025871",
"T025870",
"T015632",
"T017562",
"T024979",
"T022812",
"T024978",
"T025869",
"T025866",
"T024974",
"T025865",
"T025868",
"T025867",
"T025862",
"T024970",
"T025864",
"T025863",
"T026399"
],
"last_affected": [
"T024981"
]
},
"release_date": "2023-01-17T23:00:00.000+00:00",
"title": "CVE-2022-22970"
},
{
"cve": "CVE-2022-22971",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"1048943",
"T023908",
"T020684",
"T024969",
"T023910",
"T025872",
"T024980",
"T025871",
"T025870",
"T015632",
"T017562",
"T024979",
"T022812",
"T024978",
"T025869",
"T025866",
"T024974",
"T025865",
"T025868",
"T025867",
"T025862",
"T024970",
"T025864",
"T025863",
"T026399"
],
"last_affected": [
"T024981"
]
},
"release_date": "2023-01-17T23:00:00.000+00:00",
"title": "CVE-2022-22971"
},
{
"cve": "CVE-2022-24407",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"1048943",
"T023908",
"T020684",
"T024969",
"T023910",
"T025872",
"T024980",
"T025871",
"T025870",
"T015632",
"T017562",
"T024979",
"T022812",
"T024978",
"T025869",
"T025866",
"T024974",
"T025865",
"T025868",
"T025867",
"T025862",
"T024970",
"T025864",
"T025863",
"T026399"
],
"last_affected": [
"T024981"
]
},
"release_date": "2023-01-17T23:00:00.000+00:00",
"title": "CVE-2022-24407"
},
{
"cve": "CVE-2022-24823",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"1048943",
"T023908",
"T020684",
"T024969",
"T023910",
"T025872",
"T024980",
"T025871",
"T025870",
"T015632",
"T017562",
"T024979",
"T022812",
"T024978",
"T025869",
"T025866",
"T024974",
"T025865",
"T025868",
"T025867",
"T025862",
"T024970",
"T025864",
"T025863",
"T026399"
],
"last_affected": [
"T024981"
]
},
"release_date": "2023-01-17T23:00:00.000+00:00",
"title": "CVE-2022-24823"
},
{
"cve": "CVE-2022-24903",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"1048943",
"T023908",
"T020684",
"T024969",
"T023910",
"T025872",
"T024980",
"T025871",
"T025870",
"T015632",
"T017562",
"T024979",
"T022812",
"T024978",
"T025869",
"T025866",
"T024974",
"T025865",
"T025868",
"T025867",
"T025862",
"T024970",
"T025864",
"T025863",
"T026399"
],
"last_affected": [
"T024981"
]
},
"release_date": "2023-01-17T23:00:00.000+00:00",
"title": "CVE-2022-24903"
},
{
"cve": "CVE-2022-2509",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"1048943",
"T023908",
"T020684",
"T024969",
"T023910",
"T025872",
"T024980",
"T025871",
"T025870",
"T015632",
"T017562",
"T024979",
"T022812",
"T024978",
"T025869",
"T025866",
"T024974",
"T025865",
"T025868",
"T025867",
"T025862",
"T024970",
"T025864",
"T025863",
"T026399"
],
"last_affected": [
"T024981"
]
},
"release_date": "2023-01-17T23:00:00.000+00:00",
"title": "CVE-2022-2509"
},
{
"cve": "CVE-2022-2526",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"1048943",
"T023908",
"T020684",
"T024969",
"T023910",
"T025872",
"T024980",
"T025871",
"T025870",
"T015632",
"T017562",
"T024979",
"T022812",
"T024978",
"T025869",
"T025866",
"T024974",
"T025865",
"T025868",
"T025867",
"T025862",
"T024970",
"T025864",
"T025863",
"T026399"
],
"last_affected": [
"T024981"
]
},
"release_date": "2023-01-17T23:00:00.000+00:00",
"title": "CVE-2022-2526"
},
{
"cve": "CVE-2022-25315",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"1048943",
"T023908",
"T020684",
"T024969",
"T023910",
"T025872",
"T024980",
"T025871",
"T025870",
"T015632",
"T017562",
"T024979",
"T022812",
"T024978",
"T025869",
"T025866",
"T024974",
"T025865",
"T025868",
"T025867",
"T025862",
"T024970",
"T025864",
"T025863",
"T026399"
],
"last_affected": [
"T024981"
]
},
"release_date": "2023-01-17T23:00:00.000+00:00",
"title": "CVE-2022-25315"
},
{
"cve": "CVE-2022-25647",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"1048943",
"T023908",
"T020684",
"T024969",
"T023910",
"T025872",
"T024980",
"T025871",
"T025870",
"T015632",
"T017562",
"T024979",
"T022812",
"T024978",
"T025869",
"T025866",
"T024974",
"T025865",
"T025868",
"T025867",
"T025862",
"T024970",
"T025864",
"T025863",
"T026399"
],
"last_affected": [
"T024981"
]
},
"release_date": "2023-01-17T23:00:00.000+00:00",
"title": "CVE-2022-25647"
},
{
"cve": "CVE-2022-25857",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"1048943",
"T023908",
"T020684",
"T024969",
"T023910",
"T025872",
"T024980",
"T025871",
"T025870",
"T015632",
"T017562",
"T024979",
"T022812",
"T024978",
"T025869",
"T025866",
"T024974",
"T025865",
"T025868",
"T025867",
"T025862",
"T024970",
"T025864",
"T025863",
"T026399"
],
"last_affected": [
"T024981"
]
},
"release_date": "2023-01-17T23:00:00.000+00:00",
"title": "CVE-2022-25857"
},
{
"cve": "CVE-2022-27404",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"1048943",
"T023908",
"T020684",
"T024969",
"T023910",
"T025872",
"T024980",
"T025871",
"T025870",
"T015632",
"T017562",
"T024979",
"T022812",
"T024978",
"T025869",
"T025866",
"T024974",
"T025865",
"T025868",
"T025867",
"T025862",
"T024970",
"T025864",
"T025863",
"T026399"
],
"last_affected": [
"T024981"
]
},
"release_date": "2023-01-17T23:00:00.000+00:00",
"title": "CVE-2022-27404"
},
{
"cve": "CVE-2022-29824",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"1048943",
"T023908",
"T020684",
"T024969",
"T023910",
"T025872",
"T024980",
"T025871",
"T025870",
"T015632",
"T017562",
"T024979",
"T022812",
"T024978",
"T025869",
"T025866",
"T024974",
"T025865",
"T025868",
"T025867",
"T025862",
"T024970",
"T025864",
"T025863",
"T026399"
],
"last_affected": [
"T024981"
]
},
"release_date": "2023-01-17T23:00:00.000+00:00",
"title": "CVE-2022-29824"
},
{
"cve": "CVE-2022-3028",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"1048943",
"T023908",
"T020684",
"T024969",
"T023910",
"T025872",
"T024980",
"T025871",
"T025870",
"T015632",
"T017562",
"T024979",
"T022812",
"T024978",
"T025869",
"T025866",
"T024974",
"T025865",
"T025868",
"T025867",
"T025862",
"T024970",
"T025864",
"T025863",
"T026399"
],
"last_affected": [
"T024981"
]
},
"release_date": "2023-01-17T23:00:00.000+00:00",
"title": "CVE-2022-3028"
},
{
"cve": "CVE-2022-30293",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"1048943",
"T023908",
"T020684",
"T024969",
"T023910",
"T025872",
"T024980",
"T025871",
"T025870",
"T015632",
"T017562",
"T024979",
"T022812",
"T024978",
"T025869",
"T025866",
"T024974",
"T025865",
"T025868",
"T025867",
"T025862",
"T024970",
"T025864",
"T025863",
"T026399"
],
"last_affected": [
"T024981"
]
},
"release_date": "2023-01-17T23:00:00.000+00:00",
"title": "CVE-2022-30293"
},
{
"cve": "CVE-2022-31129",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"1048943",
"T023908",
"T020684",
"T024969",
"T023910",
"T025872",
"T024980",
"T025871",
"T025870",
"T015632",
"T017562",
"T024979",
"T022812",
"T024978",
"T025869",
"T025866",
"T024974",
"T025865",
"T025868",
"T025867",
"T025862",
"T024970",
"T025864",
"T025863",
"T026399"
],
"last_affected": [
"T024981"
]
},
"release_date": "2023-01-17T23:00:00.000+00:00",
"title": "CVE-2022-31129"
},
{
"cve": "CVE-2022-31629",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"1048943",
"T023908",
"T020684",
"T024969",
"T023910",
"T025872",
"T024980",
"T025871",
"T025870",
"T015632",
"T017562",
"T024979",
"T022812",
"T024978",
"T025869",
"T025866",
"T024974",
"T025865",
"T025868",
"T025867",
"T025862",
"T024970",
"T025864",
"T025863",
"T026399"
],
"last_affected": [
"T024981"
]
},
"release_date": "2023-01-17T23:00:00.000+00:00",
"title": "CVE-2022-31629"
},
{
"cve": "CVE-2022-31692",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"1048943",
"T023908",
"T020684",
"T024969",
"T023910",
"T025872",
"T024980",
"T025871",
"T025870",
"T015632",
"T017562",
"T024979",
"T022812",
"T024978",
"T025869",
"T025866",
"T024974",
"T025865",
"T025868",
"T025867",
"T025862",
"T024970",
"T025864",
"T025863",
"T026399"
],
"last_affected": [
"T024981"
]
},
"release_date": "2023-01-17T23:00:00.000+00:00",
"title": "CVE-2022-31692"
},
{
"cve": "CVE-2022-3171",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"1048943",
"T023908",
"T020684",
"T024969",
"T023910",
"T025872",
"T024980",
"T025871",
"T025870",
"T015632",
"T017562",
"T024979",
"T022812",
"T024978",
"T025869",
"T025866",
"T024974",
"T025865",
"T025868",
"T025867",
"T025862",
"T024970",
"T025864",
"T025863",
"T026399"
],
"last_affected": [
"T024981"
]
},
"release_date": "2023-01-17T23:00:00.000+00:00",
"title": "CVE-2022-3171"
},
{
"cve": "CVE-2022-34305",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"1048943",
"T023908",
"T020684",
"T024969",
"T023910",
"T025872",
"T024980",
"T025871",
"T025870",
"T015632",
"T017562",
"T024979",
"T022812",
"T024978",
"T025869",
"T025866",
"T024974",
"T025865",
"T025868",
"T025867",
"T025862",
"T024970",
"T025864",
"T025863",
"T026399"
],
"last_affected": [
"T024981"
]
},
"release_date": "2023-01-17T23:00:00.000+00:00",
"title": "CVE-2022-34305"
},
{
"cve": "CVE-2022-3510",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"1048943",
"T023908",
"T020684",
"T024969",
"T023910",
"T025872",
"T024980",
"T025871",
"T025870",
"T015632",
"T017562",
"T024979",
"T022812",
"T024978",
"T025869",
"T025866",
"T024974",
"T025865",
"T025868",
"T025867",
"T025862",
"T024970",
"T025864",
"T025863",
"T026399"
],
"last_affected": [
"T024981"
]
},
"release_date": "2023-01-17T23:00:00.000+00:00",
"title": "CVE-2022-3510"
},
{
"cve": "CVE-2022-37434",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"1048943",
"T023908",
"T020684",
"T024969",
"T023910",
"T025872",
"T024980",
"T025871",
"T025870",
"T015632",
"T017562",
"T024979",
"T022812",
"T024978",
"T025869",
"T025866",
"T024974",
"T025865",
"T025868",
"T025867",
"T025862",
"T024970",
"T025864",
"T025863",
"T026399"
],
"last_affected": [
"T024981"
]
},
"release_date": "2023-01-17T23:00:00.000+00:00",
"title": "CVE-2022-37434"
},
{
"cve": "CVE-2022-38752",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"1048943",
"T023908",
"T020684",
"T024969",
"T023910",
"T025872",
"T024980",
"T025871",
"T025870",
"T015632",
"T017562",
"T024979",
"T022812",
"T024978",
"T025869",
"T025866",
"T024974",
"T025865",
"T025868",
"T025867",
"T025862",
"T024970",
"T025864",
"T025863",
"T026399"
],
"last_affected": [
"T024981"
]
},
"release_date": "2023-01-17T23:00:00.000+00:00",
"title": "CVE-2022-38752"
},
{
"cve": "CVE-2022-40304",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"1048943",
"T023908",
"T020684",
"T024969",
"T023910",
"T025872",
"T024980",
"T025871",
"T025870",
"T015632",
"T017562",
"T024979",
"T022812",
"T024978",
"T025869",
"T025866",
"T024974",
"T025865",
"T025868",
"T025867",
"T025862",
"T024970",
"T025864",
"T025863",
"T026399"
],
"last_affected": [
"T024981"
]
},
"release_date": "2023-01-17T23:00:00.000+00:00",
"title": "CVE-2022-40304"
},
{
"cve": "CVE-2022-4147",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"1048943",
"T023908",
"T020684",
"T024969",
"T023910",
"T025872",
"T024980",
"T025871",
"T025870",
"T015632",
"T017562",
"T024979",
"T022812",
"T024978",
"T025869",
"T025866",
"T024974",
"T025865",
"T025868",
"T025867",
"T025862",
"T024970",
"T025864",
"T025863",
"T026399"
],
"last_affected": [
"T024981"
]
},
"release_date": "2023-01-17T23:00:00.000+00:00",
"title": "CVE-2022-4147"
},
{
"cve": "CVE-2022-41881",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"1048943",
"T023908",
"T020684",
"T024969",
"T023910",
"T025872",
"T024980",
"T025871",
"T025870",
"T015632",
"T017562",
"T024979",
"T022812",
"T024978",
"T025869",
"T025866",
"T024974",
"T025865",
"T025868",
"T025867",
"T025862",
"T024970",
"T025864",
"T025863",
"T026399"
],
"last_affected": [
"T024981"
]
},
"release_date": "2023-01-17T23:00:00.000+00:00",
"title": "CVE-2022-41881"
},
{
"cve": "CVE-2022-42003",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"1048943",
"T023908",
"T020684",
"T024969",
"T023910",
"T025872",
"T024980",
"T025871",
"T025870",
"T015632",
"T017562",
"T024979",
"T022812",
"T024978",
"T025869",
"T025866",
"T024974",
"T025865",
"T025868",
"T025867",
"T025862",
"T024970",
"T025864",
"T025863",
"T026399"
],
"last_affected": [
"T024981"
]
},
"release_date": "2023-01-17T23:00:00.000+00:00",
"title": "CVE-2022-42003"
},
{
"cve": "CVE-2022-42252",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"1048943",
"T023908",
"T020684",
"T024969",
"T023910",
"T025872",
"T024980",
"T025871",
"T025870",
"T015632",
"T017562",
"T024979",
"T022812",
"T024978",
"T025869",
"T025866",
"T024974",
"T025865",
"T025868",
"T025867",
"T025862",
"T024970",
"T025864",
"T025863",
"T026399"
],
"last_affected": [
"T024981"
]
},
"release_date": "2023-01-17T23:00:00.000+00:00",
"title": "CVE-2022-42252"
},
{
"cve": "CVE-2022-42889",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"1048943",
"T023908",
"T020684",
"T024969",
"T023910",
"T025872",
"T024980",
"T025871",
"T025870",
"T015632",
"T017562",
"T024979",
"T022812",
"T024978",
"T025869",
"T025866",
"T024974",
"T025865",
"T025868",
"T025867",
"T025862",
"T024970",
"T025864",
"T025863",
"T026399"
],
"last_affected": [
"T024981"
]
},
"release_date": "2023-01-17T23:00:00.000+00:00",
"title": "CVE-2022-42889"
},
{
"cve": "CVE-2022-42915",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"1048943",
"T023908",
"T020684",
"T024969",
"T023910",
"T025872",
"T024980",
"T025871",
"T025870",
"T015632",
"T017562",
"T024979",
"T022812",
"T024978",
"T025869",
"T025866",
"T024974",
"T025865",
"T025868",
"T025867",
"T025862",
"T024970",
"T025864",
"T025863",
"T026399"
],
"last_affected": [
"T024981"
]
},
"release_date": "2023-01-17T23:00:00.000+00:00",
"title": "CVE-2022-42915"
},
{
"cve": "CVE-2022-43403",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"1048943",
"T023908",
"T020684",
"T024969",
"T023910",
"T025872",
"T024980",
"T025871",
"T025870",
"T015632",
"T017562",
"T024979",
"T022812",
"T024978",
"T025869",
"T025866",
"T024974",
"T025865",
"T025868",
"T025867",
"T025862",
"T024970",
"T025864",
"T025863",
"T026399"
],
"last_affected": [
"T024981"
]
},
"release_date": "2023-01-17T23:00:00.000+00:00",
"title": "CVE-2022-43403"
},
{
"cve": "CVE-2023-21890",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"1048943",
"T023908",
"T020684",
"T024969",
"T023910",
"T025872",
"T024980",
"T025871",
"T025870",
"T015632",
"T017562",
"T024979",
"T022812",
"T024978",
"T025869",
"T025866",
"T024974",
"T025865",
"T025868",
"T025867",
"T025862",
"T024970",
"T025864",
"T025863",
"T026399"
],
"last_affected": [
"T024981"
]
},
"release_date": "2023-01-17T23:00:00.000+00:00",
"title": "CVE-2023-21890"
}
]
}
WID-SEC-W-2023-1017
Vulnerability from csaf_certbund - Published: 2023-04-18 22:00 - Updated: 2023-04-18 22:00Summary
Oracle Financial Services Applications: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Oracle Financial Services ist eine Zusammenstellung von Anwendungen für den Finanzsektor und eine Technologiebasis zur Erfüllung von IT- und Geschäftsanforderungen.
Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Oracle Financial Services Applications ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme: - UNIX
- Linux
- Windows
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
49 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.2.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4
|
— | |
|
Oracle Financial Services Applications 8.1.2.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.3
|
— | |
|
Oracle Financial Services Applications 22.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2
|
— | |
|
Oracle Financial Services Applications 2.9.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.4.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4.1
|
— | |
|
Oracle Financial Services Applications 2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.8
|
— | |
|
Oracle Financial Services Applications 18.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.2
|
— | |
|
Oracle Financial Services Applications 3.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.2
|
— | |
|
Oracle Financial Services Applications 4.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:4.0
|
— | |
|
Oracle Financial Services Applications 3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.0
|
— | |
|
Oracle Financial Services Applications 3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.1
|
— | |
|
Oracle Financial Services Applications 11.10
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.10
|
— | |
|
Oracle Financial Services Applications 8.1.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.0
|
— | |
|
Oracle Financial Services Applications 11.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.8
|
— | |
|
Oracle Financial Services Applications 8.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.1
|
— | |
|
Oracle Financial Services Applications 11.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.0
|
— | |
|
Oracle Financial Services Applications 18.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.3
|
— | |
|
Oracle Financial Services Applications 2.7.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.0
|
— | |
|
Oracle Financial Services Applications 11.11
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.11
|
— | |
|
Oracle Financial Services Applications 8.0.7.1.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.1.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0.0
|
— | |
|
Oracle Financial Services Applications 11.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.6
|
— | |
|
Oracle Financial Services Applications 8.1.2.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2.1
|
— | |
|
Oracle Financial Services Applications 8.0.7.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.3.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.0.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.1
|
— | |
|
Oracle Financial Services Applications 2.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7
|
— | |
|
Oracle Financial Services Applications 2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9
|
— | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
— | |
|
Oracle Financial Services Applications 8.0.9.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.9.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.1
|
— | |
|
Oracle Financial Services Applications 21.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.5
|
— | |
|
Oracle Financial Services Applications 19.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.2
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.1
|
— | |
|
Oracle Financial Services Applications 19.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2.1
|
— | |
|
Oracle Financial Services Applications 22.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2
|
— |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <= 14.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7
|
— |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
49 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.2.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4
|
— | |
|
Oracle Financial Services Applications 8.1.2.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.3
|
— | |
|
Oracle Financial Services Applications 22.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2
|
— | |
|
Oracle Financial Services Applications 2.9.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.4.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4.1
|
— | |
|
Oracle Financial Services Applications 2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.8
|
— | |
|
Oracle Financial Services Applications 18.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.2
|
— | |
|
Oracle Financial Services Applications 3.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.2
|
— | |
|
Oracle Financial Services Applications 4.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:4.0
|
— | |
|
Oracle Financial Services Applications 3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.0
|
— | |
|
Oracle Financial Services Applications 3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.1
|
— | |
|
Oracle Financial Services Applications 11.10
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.10
|
— | |
|
Oracle Financial Services Applications 8.1.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.0
|
— | |
|
Oracle Financial Services Applications 11.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.8
|
— | |
|
Oracle Financial Services Applications 8.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.1
|
— | |
|
Oracle Financial Services Applications 11.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.0
|
— | |
|
Oracle Financial Services Applications 18.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.3
|
— | |
|
Oracle Financial Services Applications 2.7.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.0
|
— | |
|
Oracle Financial Services Applications 11.11
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.11
|
— | |
|
Oracle Financial Services Applications 8.0.7.1.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.1.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0.0
|
— | |
|
Oracle Financial Services Applications 11.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.6
|
— | |
|
Oracle Financial Services Applications 8.1.2.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2.1
|
— | |
|
Oracle Financial Services Applications 8.0.7.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.3.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.0.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.1
|
— | |
|
Oracle Financial Services Applications 2.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7
|
— | |
|
Oracle Financial Services Applications 2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9
|
— | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
— | |
|
Oracle Financial Services Applications 8.0.9.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.9.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.1
|
— | |
|
Oracle Financial Services Applications 21.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.5
|
— | |
|
Oracle Financial Services Applications 19.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.2
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.1
|
— | |
|
Oracle Financial Services Applications 19.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2.1
|
— | |
|
Oracle Financial Services Applications 22.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2
|
— |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <= 14.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7
|
— |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
49 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.2.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4
|
— | |
|
Oracle Financial Services Applications 8.1.2.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.3
|
— | |
|
Oracle Financial Services Applications 22.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2
|
— | |
|
Oracle Financial Services Applications 2.9.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.4.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4.1
|
— | |
|
Oracle Financial Services Applications 2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.8
|
— | |
|
Oracle Financial Services Applications 18.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.2
|
— | |
|
Oracle Financial Services Applications 3.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.2
|
— | |
|
Oracle Financial Services Applications 4.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:4.0
|
— | |
|
Oracle Financial Services Applications 3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.0
|
— | |
|
Oracle Financial Services Applications 3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.1
|
— | |
|
Oracle Financial Services Applications 11.10
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.10
|
— | |
|
Oracle Financial Services Applications 8.1.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.0
|
— | |
|
Oracle Financial Services Applications 11.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.8
|
— | |
|
Oracle Financial Services Applications 8.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.1
|
— | |
|
Oracle Financial Services Applications 11.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.0
|
— | |
|
Oracle Financial Services Applications 18.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.3
|
— | |
|
Oracle Financial Services Applications 2.7.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.0
|
— | |
|
Oracle Financial Services Applications 11.11
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.11
|
— | |
|
Oracle Financial Services Applications 8.0.7.1.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.1.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0.0
|
— | |
|
Oracle Financial Services Applications 11.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.6
|
— | |
|
Oracle Financial Services Applications 8.1.2.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2.1
|
— | |
|
Oracle Financial Services Applications 8.0.7.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.3.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.0.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.1
|
— | |
|
Oracle Financial Services Applications 2.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7
|
— | |
|
Oracle Financial Services Applications 2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9
|
— | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
— | |
|
Oracle Financial Services Applications 8.0.9.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.9.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.1
|
— | |
|
Oracle Financial Services Applications 21.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.5
|
— | |
|
Oracle Financial Services Applications 19.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.2
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.1
|
— | |
|
Oracle Financial Services Applications 19.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2.1
|
— | |
|
Oracle Financial Services Applications 22.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2
|
— |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <= 14.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7
|
— |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
49 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.2.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4
|
— | |
|
Oracle Financial Services Applications 8.1.2.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.3
|
— | |
|
Oracle Financial Services Applications 22.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2
|
— | |
|
Oracle Financial Services Applications 2.9.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.4.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4.1
|
— | |
|
Oracle Financial Services Applications 2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.8
|
— | |
|
Oracle Financial Services Applications 18.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.2
|
— | |
|
Oracle Financial Services Applications 3.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.2
|
— | |
|
Oracle Financial Services Applications 4.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:4.0
|
— | |
|
Oracle Financial Services Applications 3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.0
|
— | |
|
Oracle Financial Services Applications 3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.1
|
— | |
|
Oracle Financial Services Applications 11.10
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.10
|
— | |
|
Oracle Financial Services Applications 8.1.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.0
|
— | |
|
Oracle Financial Services Applications 11.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.8
|
— | |
|
Oracle Financial Services Applications 8.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.1
|
— | |
|
Oracle Financial Services Applications 11.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.0
|
— | |
|
Oracle Financial Services Applications 18.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.3
|
— | |
|
Oracle Financial Services Applications 2.7.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.0
|
— | |
|
Oracle Financial Services Applications 11.11
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.11
|
— | |
|
Oracle Financial Services Applications 8.0.7.1.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.1.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0.0
|
— | |
|
Oracle Financial Services Applications 11.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.6
|
— | |
|
Oracle Financial Services Applications 8.1.2.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2.1
|
— | |
|
Oracle Financial Services Applications 8.0.7.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.3.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.0.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.1
|
— | |
|
Oracle Financial Services Applications 2.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7
|
— | |
|
Oracle Financial Services Applications 2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9
|
— | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
— | |
|
Oracle Financial Services Applications 8.0.9.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.9.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.1
|
— | |
|
Oracle Financial Services Applications 21.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.5
|
— | |
|
Oracle Financial Services Applications 19.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.2
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.1
|
— | |
|
Oracle Financial Services Applications 19.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2.1
|
— | |
|
Oracle Financial Services Applications 22.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2
|
— |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <= 14.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7
|
— |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
49 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.2.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4
|
— | |
|
Oracle Financial Services Applications 8.1.2.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.3
|
— | |
|
Oracle Financial Services Applications 22.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2
|
— | |
|
Oracle Financial Services Applications 2.9.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.4.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4.1
|
— | |
|
Oracle Financial Services Applications 2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.8
|
— | |
|
Oracle Financial Services Applications 18.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.2
|
— | |
|
Oracle Financial Services Applications 3.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.2
|
— | |
|
Oracle Financial Services Applications 4.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:4.0
|
— | |
|
Oracle Financial Services Applications 3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.0
|
— | |
|
Oracle Financial Services Applications 3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.1
|
— | |
|
Oracle Financial Services Applications 11.10
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.10
|
— | |
|
Oracle Financial Services Applications 8.1.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.0
|
— | |
|
Oracle Financial Services Applications 11.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.8
|
— | |
|
Oracle Financial Services Applications 8.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.1
|
— | |
|
Oracle Financial Services Applications 11.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.0
|
— | |
|
Oracle Financial Services Applications 18.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.3
|
— | |
|
Oracle Financial Services Applications 2.7.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.0
|
— | |
|
Oracle Financial Services Applications 11.11
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.11
|
— | |
|
Oracle Financial Services Applications 8.0.7.1.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.1.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0.0
|
— | |
|
Oracle Financial Services Applications 11.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.6
|
— | |
|
Oracle Financial Services Applications 8.1.2.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2.1
|
— | |
|
Oracle Financial Services Applications 8.0.7.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.3.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.0.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.1
|
— | |
|
Oracle Financial Services Applications 2.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7
|
— | |
|
Oracle Financial Services Applications 2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9
|
— | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
— | |
|
Oracle Financial Services Applications 8.0.9.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.9.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.1
|
— | |
|
Oracle Financial Services Applications 21.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.5
|
— | |
|
Oracle Financial Services Applications 19.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.2
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.1
|
— | |
|
Oracle Financial Services Applications 19.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2.1
|
— | |
|
Oracle Financial Services Applications 22.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2
|
— |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <= 14.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7
|
— |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
49 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.2.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4
|
— | |
|
Oracle Financial Services Applications 8.1.2.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.3
|
— | |
|
Oracle Financial Services Applications 22.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2
|
— | |
|
Oracle Financial Services Applications 2.9.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.4.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4.1
|
— | |
|
Oracle Financial Services Applications 2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.8
|
— | |
|
Oracle Financial Services Applications 18.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.2
|
— | |
|
Oracle Financial Services Applications 3.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.2
|
— | |
|
Oracle Financial Services Applications 4.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:4.0
|
— | |
|
Oracle Financial Services Applications 3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.0
|
— | |
|
Oracle Financial Services Applications 3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.1
|
— | |
|
Oracle Financial Services Applications 11.10
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.10
|
— | |
|
Oracle Financial Services Applications 8.1.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.0
|
— | |
|
Oracle Financial Services Applications 11.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.8
|
— | |
|
Oracle Financial Services Applications 8.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.1
|
— | |
|
Oracle Financial Services Applications 11.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.0
|
— | |
|
Oracle Financial Services Applications 18.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.3
|
— | |
|
Oracle Financial Services Applications 2.7.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.0
|
— | |
|
Oracle Financial Services Applications 11.11
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.11
|
— | |
|
Oracle Financial Services Applications 8.0.7.1.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.1.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0.0
|
— | |
|
Oracle Financial Services Applications 11.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.6
|
— | |
|
Oracle Financial Services Applications 8.1.2.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2.1
|
— | |
|
Oracle Financial Services Applications 8.0.7.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.3.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.0.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.1
|
— | |
|
Oracle Financial Services Applications 2.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7
|
— | |
|
Oracle Financial Services Applications 2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9
|
— | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
— | |
|
Oracle Financial Services Applications 8.0.9.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.9.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.1
|
— | |
|
Oracle Financial Services Applications 21.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.5
|
— | |
|
Oracle Financial Services Applications 19.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.2
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.1
|
— | |
|
Oracle Financial Services Applications 19.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2.1
|
— | |
|
Oracle Financial Services Applications 22.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2
|
— |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <= 14.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7
|
— |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
49 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.2.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4
|
— | |
|
Oracle Financial Services Applications 8.1.2.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.3
|
— | |
|
Oracle Financial Services Applications 22.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2
|
— | |
|
Oracle Financial Services Applications 2.9.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.4.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4.1
|
— | |
|
Oracle Financial Services Applications 2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.8
|
— | |
|
Oracle Financial Services Applications 18.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.2
|
— | |
|
Oracle Financial Services Applications 3.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.2
|
— | |
|
Oracle Financial Services Applications 4.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:4.0
|
— | |
|
Oracle Financial Services Applications 3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.0
|
— | |
|
Oracle Financial Services Applications 3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.1
|
— | |
|
Oracle Financial Services Applications 11.10
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.10
|
— | |
|
Oracle Financial Services Applications 8.1.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.0
|
— | |
|
Oracle Financial Services Applications 11.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.8
|
— | |
|
Oracle Financial Services Applications 8.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.1
|
— | |
|
Oracle Financial Services Applications 11.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.0
|
— | |
|
Oracle Financial Services Applications 18.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.3
|
— | |
|
Oracle Financial Services Applications 2.7.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.0
|
— | |
|
Oracle Financial Services Applications 11.11
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.11
|
— | |
|
Oracle Financial Services Applications 8.0.7.1.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.1.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0.0
|
— | |
|
Oracle Financial Services Applications 11.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.6
|
— | |
|
Oracle Financial Services Applications 8.1.2.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2.1
|
— | |
|
Oracle Financial Services Applications 8.0.7.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.3.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.0.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.1
|
— | |
|
Oracle Financial Services Applications 2.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7
|
— | |
|
Oracle Financial Services Applications 2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9
|
— | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
— | |
|
Oracle Financial Services Applications 8.0.9.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.9.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.1
|
— | |
|
Oracle Financial Services Applications 21.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.5
|
— | |
|
Oracle Financial Services Applications 19.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.2
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.1
|
— | |
|
Oracle Financial Services Applications 19.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2.1
|
— | |
|
Oracle Financial Services Applications 22.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2
|
— |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <= 14.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7
|
— |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
49 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.2.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4
|
— | |
|
Oracle Financial Services Applications 8.1.2.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.3
|
— | |
|
Oracle Financial Services Applications 22.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2
|
— | |
|
Oracle Financial Services Applications 2.9.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.4.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4.1
|
— | |
|
Oracle Financial Services Applications 2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.8
|
— | |
|
Oracle Financial Services Applications 18.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.2
|
— | |
|
Oracle Financial Services Applications 3.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.2
|
— | |
|
Oracle Financial Services Applications 4.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:4.0
|
— | |
|
Oracle Financial Services Applications 3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.0
|
— | |
|
Oracle Financial Services Applications 3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.1
|
— | |
|
Oracle Financial Services Applications 11.10
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.10
|
— | |
|
Oracle Financial Services Applications 8.1.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.0
|
— | |
|
Oracle Financial Services Applications 11.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.8
|
— | |
|
Oracle Financial Services Applications 8.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.1
|
— | |
|
Oracle Financial Services Applications 11.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.0
|
— | |
|
Oracle Financial Services Applications 18.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.3
|
— | |
|
Oracle Financial Services Applications 2.7.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.0
|
— | |
|
Oracle Financial Services Applications 11.11
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.11
|
— | |
|
Oracle Financial Services Applications 8.0.7.1.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.1.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0.0
|
— | |
|
Oracle Financial Services Applications 11.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.6
|
— | |
|
Oracle Financial Services Applications 8.1.2.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2.1
|
— | |
|
Oracle Financial Services Applications 8.0.7.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.3.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.0.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.1
|
— | |
|
Oracle Financial Services Applications 2.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7
|
— | |
|
Oracle Financial Services Applications 2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9
|
— | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
— | |
|
Oracle Financial Services Applications 8.0.9.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.9.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.1
|
— | |
|
Oracle Financial Services Applications 21.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.5
|
— | |
|
Oracle Financial Services Applications 19.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.2
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.1
|
— | |
|
Oracle Financial Services Applications 19.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2.1
|
— | |
|
Oracle Financial Services Applications 22.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2
|
— |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <= 14.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7
|
— |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
49 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.2.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4
|
— | |
|
Oracle Financial Services Applications 8.1.2.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.3
|
— | |
|
Oracle Financial Services Applications 22.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2
|
— | |
|
Oracle Financial Services Applications 2.9.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.4.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4.1
|
— | |
|
Oracle Financial Services Applications 2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.8
|
— | |
|
Oracle Financial Services Applications 18.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.2
|
— | |
|
Oracle Financial Services Applications 3.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.2
|
— | |
|
Oracle Financial Services Applications 4.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:4.0
|
— | |
|
Oracle Financial Services Applications 3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.0
|
— | |
|
Oracle Financial Services Applications 3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.1
|
— | |
|
Oracle Financial Services Applications 11.10
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.10
|
— | |
|
Oracle Financial Services Applications 8.1.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.0
|
— | |
|
Oracle Financial Services Applications 11.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.8
|
— | |
|
Oracle Financial Services Applications 8.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.1
|
— | |
|
Oracle Financial Services Applications 11.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.0
|
— | |
|
Oracle Financial Services Applications 18.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.3
|
— | |
|
Oracle Financial Services Applications 2.7.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.0
|
— | |
|
Oracle Financial Services Applications 11.11
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.11
|
— | |
|
Oracle Financial Services Applications 8.0.7.1.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.1.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0.0
|
— | |
|
Oracle Financial Services Applications 11.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.6
|
— | |
|
Oracle Financial Services Applications 8.1.2.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2.1
|
— | |
|
Oracle Financial Services Applications 8.0.7.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.3.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.0.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.1
|
— | |
|
Oracle Financial Services Applications 2.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7
|
— | |
|
Oracle Financial Services Applications 2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9
|
— | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
— | |
|
Oracle Financial Services Applications 8.0.9.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.9.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.1
|
— | |
|
Oracle Financial Services Applications 21.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.5
|
— | |
|
Oracle Financial Services Applications 19.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.2
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.1
|
— | |
|
Oracle Financial Services Applications 19.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2.1
|
— | |
|
Oracle Financial Services Applications 22.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2
|
— |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <= 14.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7
|
— |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
49 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.2.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4
|
— | |
|
Oracle Financial Services Applications 8.1.2.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.3
|
— | |
|
Oracle Financial Services Applications 22.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2
|
— | |
|
Oracle Financial Services Applications 2.9.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.4.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4.1
|
— | |
|
Oracle Financial Services Applications 2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.8
|
— | |
|
Oracle Financial Services Applications 18.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.2
|
— | |
|
Oracle Financial Services Applications 3.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.2
|
— | |
|
Oracle Financial Services Applications 4.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:4.0
|
— | |
|
Oracle Financial Services Applications 3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.0
|
— | |
|
Oracle Financial Services Applications 3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.1
|
— | |
|
Oracle Financial Services Applications 11.10
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.10
|
— | |
|
Oracle Financial Services Applications 8.1.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.0
|
— | |
|
Oracle Financial Services Applications 11.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.8
|
— | |
|
Oracle Financial Services Applications 8.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.1
|
— | |
|
Oracle Financial Services Applications 11.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.0
|
— | |
|
Oracle Financial Services Applications 18.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.3
|
— | |
|
Oracle Financial Services Applications 2.7.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.0
|
— | |
|
Oracle Financial Services Applications 11.11
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.11
|
— | |
|
Oracle Financial Services Applications 8.0.7.1.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.1.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0.0
|
— | |
|
Oracle Financial Services Applications 11.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.6
|
— | |
|
Oracle Financial Services Applications 8.1.2.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2.1
|
— | |
|
Oracle Financial Services Applications 8.0.7.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.3.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.0.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.1
|
— | |
|
Oracle Financial Services Applications 2.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7
|
— | |
|
Oracle Financial Services Applications 2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9
|
— | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
— | |
|
Oracle Financial Services Applications 8.0.9.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.9.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.1
|
— | |
|
Oracle Financial Services Applications 21.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.5
|
— | |
|
Oracle Financial Services Applications 19.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.2
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.1
|
— | |
|
Oracle Financial Services Applications 19.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2.1
|
— | |
|
Oracle Financial Services Applications 22.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2
|
— |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <= 14.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7
|
— |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
49 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.2.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4
|
— | |
|
Oracle Financial Services Applications 8.1.2.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.3
|
— | |
|
Oracle Financial Services Applications 22.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2
|
— | |
|
Oracle Financial Services Applications 2.9.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.4.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4.1
|
— | |
|
Oracle Financial Services Applications 2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.8
|
— | |
|
Oracle Financial Services Applications 18.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.2
|
— | |
|
Oracle Financial Services Applications 3.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.2
|
— | |
|
Oracle Financial Services Applications 4.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:4.0
|
— | |
|
Oracle Financial Services Applications 3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.0
|
— | |
|
Oracle Financial Services Applications 3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.1
|
— | |
|
Oracle Financial Services Applications 11.10
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.10
|
— | |
|
Oracle Financial Services Applications 8.1.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.0
|
— | |
|
Oracle Financial Services Applications 11.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.8
|
— | |
|
Oracle Financial Services Applications 8.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.1
|
— | |
|
Oracle Financial Services Applications 11.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.0
|
— | |
|
Oracle Financial Services Applications 18.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.3
|
— | |
|
Oracle Financial Services Applications 2.7.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.0
|
— | |
|
Oracle Financial Services Applications 11.11
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.11
|
— | |
|
Oracle Financial Services Applications 8.0.7.1.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.1.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0.0
|
— | |
|
Oracle Financial Services Applications 11.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.6
|
— | |
|
Oracle Financial Services Applications 8.1.2.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2.1
|
— | |
|
Oracle Financial Services Applications 8.0.7.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.3.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.0.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.1
|
— | |
|
Oracle Financial Services Applications 2.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7
|
— | |
|
Oracle Financial Services Applications 2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9
|
— | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
— | |
|
Oracle Financial Services Applications 8.0.9.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.9.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.1
|
— | |
|
Oracle Financial Services Applications 21.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.5
|
— | |
|
Oracle Financial Services Applications 19.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.2
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.1
|
— | |
|
Oracle Financial Services Applications 19.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2.1
|
— | |
|
Oracle Financial Services Applications 22.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2
|
— |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <= 14.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7
|
— |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
49 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.2.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4
|
— | |
|
Oracle Financial Services Applications 8.1.2.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.3
|
— | |
|
Oracle Financial Services Applications 22.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2
|
— | |
|
Oracle Financial Services Applications 2.9.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.4.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4.1
|
— | |
|
Oracle Financial Services Applications 2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.8
|
— | |
|
Oracle Financial Services Applications 18.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.2
|
— | |
|
Oracle Financial Services Applications 3.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.2
|
— | |
|
Oracle Financial Services Applications 4.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:4.0
|
— | |
|
Oracle Financial Services Applications 3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.0
|
— | |
|
Oracle Financial Services Applications 3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.1
|
— | |
|
Oracle Financial Services Applications 11.10
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.10
|
— | |
|
Oracle Financial Services Applications 8.1.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.0
|
— | |
|
Oracle Financial Services Applications 11.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.8
|
— | |
|
Oracle Financial Services Applications 8.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.1
|
— | |
|
Oracle Financial Services Applications 11.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.0
|
— | |
|
Oracle Financial Services Applications 18.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.3
|
— | |
|
Oracle Financial Services Applications 2.7.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.0
|
— | |
|
Oracle Financial Services Applications 11.11
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.11
|
— | |
|
Oracle Financial Services Applications 8.0.7.1.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.1.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0.0
|
— | |
|
Oracle Financial Services Applications 11.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.6
|
— | |
|
Oracle Financial Services Applications 8.1.2.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2.1
|
— | |
|
Oracle Financial Services Applications 8.0.7.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.3.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.0.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.1
|
— | |
|
Oracle Financial Services Applications 2.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7
|
— | |
|
Oracle Financial Services Applications 2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9
|
— | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
— | |
|
Oracle Financial Services Applications 8.0.9.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.9.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.1
|
— | |
|
Oracle Financial Services Applications 21.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.5
|
— | |
|
Oracle Financial Services Applications 19.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.2
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.1
|
— | |
|
Oracle Financial Services Applications 19.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2.1
|
— | |
|
Oracle Financial Services Applications 22.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2
|
— |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <= 14.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7
|
— |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
49 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.2.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4
|
— | |
|
Oracle Financial Services Applications 8.1.2.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.3
|
— | |
|
Oracle Financial Services Applications 22.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2
|
— | |
|
Oracle Financial Services Applications 2.9.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.4.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4.1
|
— | |
|
Oracle Financial Services Applications 2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.8
|
— | |
|
Oracle Financial Services Applications 18.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.2
|
— | |
|
Oracle Financial Services Applications 3.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.2
|
— | |
|
Oracle Financial Services Applications 4.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:4.0
|
— | |
|
Oracle Financial Services Applications 3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.0
|
— | |
|
Oracle Financial Services Applications 3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.1
|
— | |
|
Oracle Financial Services Applications 11.10
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.10
|
— | |
|
Oracle Financial Services Applications 8.1.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.0
|
— | |
|
Oracle Financial Services Applications 11.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.8
|
— | |
|
Oracle Financial Services Applications 8.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.1
|
— | |
|
Oracle Financial Services Applications 11.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.0
|
— | |
|
Oracle Financial Services Applications 18.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.3
|
— | |
|
Oracle Financial Services Applications 2.7.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.0
|
— | |
|
Oracle Financial Services Applications 11.11
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.11
|
— | |
|
Oracle Financial Services Applications 8.0.7.1.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.1.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0.0
|
— | |
|
Oracle Financial Services Applications 11.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.6
|
— | |
|
Oracle Financial Services Applications 8.1.2.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2.1
|
— | |
|
Oracle Financial Services Applications 8.0.7.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.3.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.0.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.1
|
— | |
|
Oracle Financial Services Applications 2.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7
|
— | |
|
Oracle Financial Services Applications 2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9
|
— | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
— | |
|
Oracle Financial Services Applications 8.0.9.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.9.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.1
|
— | |
|
Oracle Financial Services Applications 21.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.5
|
— | |
|
Oracle Financial Services Applications 19.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.2
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.1
|
— | |
|
Oracle Financial Services Applications 19.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2.1
|
— | |
|
Oracle Financial Services Applications 22.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2
|
— |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <= 14.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7
|
— |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
49 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.2.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4
|
— | |
|
Oracle Financial Services Applications 8.1.2.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.3
|
— | |
|
Oracle Financial Services Applications 22.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2
|
— | |
|
Oracle Financial Services Applications 2.9.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.4.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4.1
|
— | |
|
Oracle Financial Services Applications 2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.8
|
— | |
|
Oracle Financial Services Applications 18.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.2
|
— | |
|
Oracle Financial Services Applications 3.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.2
|
— | |
|
Oracle Financial Services Applications 4.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:4.0
|
— | |
|
Oracle Financial Services Applications 3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.0
|
— | |
|
Oracle Financial Services Applications 3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.1
|
— | |
|
Oracle Financial Services Applications 11.10
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.10
|
— | |
|
Oracle Financial Services Applications 8.1.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.0
|
— | |
|
Oracle Financial Services Applications 11.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.8
|
— | |
|
Oracle Financial Services Applications 8.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.1
|
— | |
|
Oracle Financial Services Applications 11.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.0
|
— | |
|
Oracle Financial Services Applications 18.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.3
|
— | |
|
Oracle Financial Services Applications 2.7.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.0
|
— | |
|
Oracle Financial Services Applications 11.11
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.11
|
— | |
|
Oracle Financial Services Applications 8.0.7.1.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.1.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0.0
|
— | |
|
Oracle Financial Services Applications 11.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.6
|
— | |
|
Oracle Financial Services Applications 8.1.2.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2.1
|
— | |
|
Oracle Financial Services Applications 8.0.7.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.3.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.0.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.1
|
— | |
|
Oracle Financial Services Applications 2.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7
|
— | |
|
Oracle Financial Services Applications 2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9
|
— | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
— | |
|
Oracle Financial Services Applications 8.0.9.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.9.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.1
|
— | |
|
Oracle Financial Services Applications 21.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.5
|
— | |
|
Oracle Financial Services Applications 19.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.2
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.1
|
— | |
|
Oracle Financial Services Applications 19.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2.1
|
— | |
|
Oracle Financial Services Applications 22.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2
|
— |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <= 14.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7
|
— |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
49 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.2.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4
|
— | |
|
Oracle Financial Services Applications 8.1.2.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.3
|
— | |
|
Oracle Financial Services Applications 22.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2
|
— | |
|
Oracle Financial Services Applications 2.9.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.4.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4.1
|
— | |
|
Oracle Financial Services Applications 2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.8
|
— | |
|
Oracle Financial Services Applications 18.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.2
|
— | |
|
Oracle Financial Services Applications 3.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.2
|
— | |
|
Oracle Financial Services Applications 4.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:4.0
|
— | |
|
Oracle Financial Services Applications 3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.0
|
— | |
|
Oracle Financial Services Applications 3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.1
|
— | |
|
Oracle Financial Services Applications 11.10
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.10
|
— | |
|
Oracle Financial Services Applications 8.1.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.0
|
— | |
|
Oracle Financial Services Applications 11.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.8
|
— | |
|
Oracle Financial Services Applications 8.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.1
|
— | |
|
Oracle Financial Services Applications 11.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.0
|
— | |
|
Oracle Financial Services Applications 18.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.3
|
— | |
|
Oracle Financial Services Applications 2.7.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.0
|
— | |
|
Oracle Financial Services Applications 11.11
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.11
|
— | |
|
Oracle Financial Services Applications 8.0.7.1.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.1.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0.0
|
— | |
|
Oracle Financial Services Applications 11.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.6
|
— | |
|
Oracle Financial Services Applications 8.1.2.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2.1
|
— | |
|
Oracle Financial Services Applications 8.0.7.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.3.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.0.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.1
|
— | |
|
Oracle Financial Services Applications 2.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7
|
— | |
|
Oracle Financial Services Applications 2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9
|
— | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
— | |
|
Oracle Financial Services Applications 8.0.9.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.9.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.1
|
— | |
|
Oracle Financial Services Applications 21.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.5
|
— | |
|
Oracle Financial Services Applications 19.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.2
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.1
|
— | |
|
Oracle Financial Services Applications 19.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2.1
|
— | |
|
Oracle Financial Services Applications 22.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2
|
— |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <= 14.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7
|
— |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
49 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.2.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4
|
— | |
|
Oracle Financial Services Applications 8.1.2.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.3
|
— | |
|
Oracle Financial Services Applications 22.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2
|
— | |
|
Oracle Financial Services Applications 2.9.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.4.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4.1
|
— | |
|
Oracle Financial Services Applications 2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.8
|
— | |
|
Oracle Financial Services Applications 18.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.2
|
— | |
|
Oracle Financial Services Applications 3.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.2
|
— | |
|
Oracle Financial Services Applications 4.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:4.0
|
— | |
|
Oracle Financial Services Applications 3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.0
|
— | |
|
Oracle Financial Services Applications 3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.1
|
— | |
|
Oracle Financial Services Applications 11.10
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.10
|
— | |
|
Oracle Financial Services Applications 8.1.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.0
|
— | |
|
Oracle Financial Services Applications 11.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.8
|
— | |
|
Oracle Financial Services Applications 8.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.1
|
— | |
|
Oracle Financial Services Applications 11.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.0
|
— | |
|
Oracle Financial Services Applications 18.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.3
|
— | |
|
Oracle Financial Services Applications 2.7.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.0
|
— | |
|
Oracle Financial Services Applications 11.11
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.11
|
— | |
|
Oracle Financial Services Applications 8.0.7.1.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.1.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0.0
|
— | |
|
Oracle Financial Services Applications 11.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.6
|
— | |
|
Oracle Financial Services Applications 8.1.2.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2.1
|
— | |
|
Oracle Financial Services Applications 8.0.7.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.3.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.0.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.1
|
— | |
|
Oracle Financial Services Applications 2.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7
|
— | |
|
Oracle Financial Services Applications 2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9
|
— | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
— | |
|
Oracle Financial Services Applications 8.0.9.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.9.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.1
|
— | |
|
Oracle Financial Services Applications 21.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.5
|
— | |
|
Oracle Financial Services Applications 19.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.2
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.1
|
— | |
|
Oracle Financial Services Applications 19.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2.1
|
— | |
|
Oracle Financial Services Applications 22.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2
|
— |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <= 14.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7
|
— |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
49 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.2.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4
|
— | |
|
Oracle Financial Services Applications 8.1.2.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.3
|
— | |
|
Oracle Financial Services Applications 22.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2
|
— | |
|
Oracle Financial Services Applications 2.9.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.4.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4.1
|
— | |
|
Oracle Financial Services Applications 2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.8
|
— | |
|
Oracle Financial Services Applications 18.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.2
|
— | |
|
Oracle Financial Services Applications 3.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.2
|
— | |
|
Oracle Financial Services Applications 4.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:4.0
|
— | |
|
Oracle Financial Services Applications 3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.0
|
— | |
|
Oracle Financial Services Applications 3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.1
|
— | |
|
Oracle Financial Services Applications 11.10
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.10
|
— | |
|
Oracle Financial Services Applications 8.1.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.0
|
— | |
|
Oracle Financial Services Applications 11.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.8
|
— | |
|
Oracle Financial Services Applications 8.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.1
|
— | |
|
Oracle Financial Services Applications 11.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.0
|
— | |
|
Oracle Financial Services Applications 18.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.3
|
— | |
|
Oracle Financial Services Applications 2.7.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.0
|
— | |
|
Oracle Financial Services Applications 11.11
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.11
|
— | |
|
Oracle Financial Services Applications 8.0.7.1.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.1.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0.0
|
— | |
|
Oracle Financial Services Applications 11.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.6
|
— | |
|
Oracle Financial Services Applications 8.1.2.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2.1
|
— | |
|
Oracle Financial Services Applications 8.0.7.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.3.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.0.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.1
|
— | |
|
Oracle Financial Services Applications 2.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7
|
— | |
|
Oracle Financial Services Applications 2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9
|
— | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
— | |
|
Oracle Financial Services Applications 8.0.9.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.9.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.1
|
— | |
|
Oracle Financial Services Applications 21.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.5
|
— | |
|
Oracle Financial Services Applications 19.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.2
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.1
|
— | |
|
Oracle Financial Services Applications 19.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2.1
|
— | |
|
Oracle Financial Services Applications 22.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2
|
— |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <= 14.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7
|
— |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
49 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.2.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4
|
— | |
|
Oracle Financial Services Applications 8.1.2.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.3
|
— | |
|
Oracle Financial Services Applications 22.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2
|
— | |
|
Oracle Financial Services Applications 2.9.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.4.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4.1
|
— | |
|
Oracle Financial Services Applications 2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.8
|
— | |
|
Oracle Financial Services Applications 18.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.2
|
— | |
|
Oracle Financial Services Applications 3.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.2
|
— | |
|
Oracle Financial Services Applications 4.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:4.0
|
— | |
|
Oracle Financial Services Applications 3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.0
|
— | |
|
Oracle Financial Services Applications 3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.1
|
— | |
|
Oracle Financial Services Applications 11.10
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.10
|
— | |
|
Oracle Financial Services Applications 8.1.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.0
|
— | |
|
Oracle Financial Services Applications 11.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.8
|
— | |
|
Oracle Financial Services Applications 8.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.1
|
— | |
|
Oracle Financial Services Applications 11.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.0
|
— | |
|
Oracle Financial Services Applications 18.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.3
|
— | |
|
Oracle Financial Services Applications 2.7.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.0
|
— | |
|
Oracle Financial Services Applications 11.11
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.11
|
— | |
|
Oracle Financial Services Applications 8.0.7.1.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.1.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0.0
|
— | |
|
Oracle Financial Services Applications 11.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.6
|
— | |
|
Oracle Financial Services Applications 8.1.2.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2.1
|
— | |
|
Oracle Financial Services Applications 8.0.7.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.3.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.0.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.1
|
— | |
|
Oracle Financial Services Applications 2.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7
|
— | |
|
Oracle Financial Services Applications 2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9
|
— | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
— | |
|
Oracle Financial Services Applications 8.0.9.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.9.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.1
|
— | |
|
Oracle Financial Services Applications 21.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.5
|
— | |
|
Oracle Financial Services Applications 19.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.2
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.1
|
— | |
|
Oracle Financial Services Applications 19.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2.1
|
— | |
|
Oracle Financial Services Applications 22.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2
|
— |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <= 14.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7
|
— |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
49 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.2.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4
|
— | |
|
Oracle Financial Services Applications 8.1.2.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.3
|
— | |
|
Oracle Financial Services Applications 22.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2
|
— | |
|
Oracle Financial Services Applications 2.9.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.4.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4.1
|
— | |
|
Oracle Financial Services Applications 2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.8
|
— | |
|
Oracle Financial Services Applications 18.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.2
|
— | |
|
Oracle Financial Services Applications 3.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.2
|
— | |
|
Oracle Financial Services Applications 4.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:4.0
|
— | |
|
Oracle Financial Services Applications 3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.0
|
— | |
|
Oracle Financial Services Applications 3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.1
|
— | |
|
Oracle Financial Services Applications 11.10
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.10
|
— | |
|
Oracle Financial Services Applications 8.1.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.0
|
— | |
|
Oracle Financial Services Applications 11.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.8
|
— | |
|
Oracle Financial Services Applications 8.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.1
|
— | |
|
Oracle Financial Services Applications 11.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.0
|
— | |
|
Oracle Financial Services Applications 18.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.3
|
— | |
|
Oracle Financial Services Applications 2.7.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.0
|
— | |
|
Oracle Financial Services Applications 11.11
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.11
|
— | |
|
Oracle Financial Services Applications 8.0.7.1.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.1.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0.0
|
— | |
|
Oracle Financial Services Applications 11.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.6
|
— | |
|
Oracle Financial Services Applications 8.1.2.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2.1
|
— | |
|
Oracle Financial Services Applications 8.0.7.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.3.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.0.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.1
|
— | |
|
Oracle Financial Services Applications 2.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7
|
— | |
|
Oracle Financial Services Applications 2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9
|
— | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
— | |
|
Oracle Financial Services Applications 8.0.9.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.9.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.1
|
— | |
|
Oracle Financial Services Applications 21.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.5
|
— | |
|
Oracle Financial Services Applications 19.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.2
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.1
|
— | |
|
Oracle Financial Services Applications 19.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2.1
|
— | |
|
Oracle Financial Services Applications 22.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2
|
— |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <= 14.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7
|
— |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
49 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.2.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4
|
— | |
|
Oracle Financial Services Applications 8.1.2.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.3
|
— | |
|
Oracle Financial Services Applications 22.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2
|
— | |
|
Oracle Financial Services Applications 2.9.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.4.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4.1
|
— | |
|
Oracle Financial Services Applications 2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.8
|
— | |
|
Oracle Financial Services Applications 18.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.2
|
— | |
|
Oracle Financial Services Applications 3.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.2
|
— | |
|
Oracle Financial Services Applications 4.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:4.0
|
— | |
|
Oracle Financial Services Applications 3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.0
|
— | |
|
Oracle Financial Services Applications 3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.1
|
— | |
|
Oracle Financial Services Applications 11.10
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.10
|
— | |
|
Oracle Financial Services Applications 8.1.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.0
|
— | |
|
Oracle Financial Services Applications 11.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.8
|
— | |
|
Oracle Financial Services Applications 8.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.1
|
— | |
|
Oracle Financial Services Applications 11.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.0
|
— | |
|
Oracle Financial Services Applications 18.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.3
|
— | |
|
Oracle Financial Services Applications 2.7.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.0
|
— | |
|
Oracle Financial Services Applications 11.11
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.11
|
— | |
|
Oracle Financial Services Applications 8.0.7.1.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.1.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0.0
|
— | |
|
Oracle Financial Services Applications 11.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.6
|
— | |
|
Oracle Financial Services Applications 8.1.2.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2.1
|
— | |
|
Oracle Financial Services Applications 8.0.7.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.3.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.0.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.1
|
— | |
|
Oracle Financial Services Applications 2.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7
|
— | |
|
Oracle Financial Services Applications 2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9
|
— | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
— | |
|
Oracle Financial Services Applications 8.0.9.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.9.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.1
|
— | |
|
Oracle Financial Services Applications 21.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.5
|
— | |
|
Oracle Financial Services Applications 19.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.2
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.1
|
— | |
|
Oracle Financial Services Applications 19.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2.1
|
— | |
|
Oracle Financial Services Applications 22.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2
|
— |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <= 14.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7
|
— |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
49 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.2.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4
|
— | |
|
Oracle Financial Services Applications 8.1.2.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.3
|
— | |
|
Oracle Financial Services Applications 22.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2
|
— | |
|
Oracle Financial Services Applications 2.9.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.4.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4.1
|
— | |
|
Oracle Financial Services Applications 2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.8
|
— | |
|
Oracle Financial Services Applications 18.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.2
|
— | |
|
Oracle Financial Services Applications 3.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.2
|
— | |
|
Oracle Financial Services Applications 4.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:4.0
|
— | |
|
Oracle Financial Services Applications 3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.0
|
— | |
|
Oracle Financial Services Applications 3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.1
|
— | |
|
Oracle Financial Services Applications 11.10
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.10
|
— | |
|
Oracle Financial Services Applications 8.1.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.0
|
— | |
|
Oracle Financial Services Applications 11.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.8
|
— | |
|
Oracle Financial Services Applications 8.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.1
|
— | |
|
Oracle Financial Services Applications 11.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.0
|
— | |
|
Oracle Financial Services Applications 18.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.3
|
— | |
|
Oracle Financial Services Applications 2.7.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.0
|
— | |
|
Oracle Financial Services Applications 11.11
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.11
|
— | |
|
Oracle Financial Services Applications 8.0.7.1.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.1.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0.0
|
— | |
|
Oracle Financial Services Applications 11.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.6
|
— | |
|
Oracle Financial Services Applications 8.1.2.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2.1
|
— | |
|
Oracle Financial Services Applications 8.0.7.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.3.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.0.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.1
|
— | |
|
Oracle Financial Services Applications 2.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7
|
— | |
|
Oracle Financial Services Applications 2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9
|
— | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
— | |
|
Oracle Financial Services Applications 8.0.9.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.9.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.1
|
— | |
|
Oracle Financial Services Applications 21.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.5
|
— | |
|
Oracle Financial Services Applications 19.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.2
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.1
|
— | |
|
Oracle Financial Services Applications 19.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2.1
|
— | |
|
Oracle Financial Services Applications 22.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2
|
— |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <= 14.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7
|
— |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
49 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.2.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4
|
— | |
|
Oracle Financial Services Applications 8.1.2.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.3
|
— | |
|
Oracle Financial Services Applications 22.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2
|
— | |
|
Oracle Financial Services Applications 2.9.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.4.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4.1
|
— | |
|
Oracle Financial Services Applications 2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.8
|
— | |
|
Oracle Financial Services Applications 18.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.2
|
— | |
|
Oracle Financial Services Applications 3.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.2
|
— | |
|
Oracle Financial Services Applications 4.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:4.0
|
— | |
|
Oracle Financial Services Applications 3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.0
|
— | |
|
Oracle Financial Services Applications 3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.1
|
— | |
|
Oracle Financial Services Applications 11.10
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.10
|
— | |
|
Oracle Financial Services Applications 8.1.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.0
|
— | |
|
Oracle Financial Services Applications 11.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.8
|
— | |
|
Oracle Financial Services Applications 8.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.1
|
— | |
|
Oracle Financial Services Applications 11.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.0
|
— | |
|
Oracle Financial Services Applications 18.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.3
|
— | |
|
Oracle Financial Services Applications 2.7.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.0
|
— | |
|
Oracle Financial Services Applications 11.11
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.11
|
— | |
|
Oracle Financial Services Applications 8.0.7.1.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.1.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0.0
|
— | |
|
Oracle Financial Services Applications 11.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.6
|
— | |
|
Oracle Financial Services Applications 8.1.2.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2.1
|
— | |
|
Oracle Financial Services Applications 8.0.7.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.3.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.0.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.1
|
— | |
|
Oracle Financial Services Applications 2.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7
|
— | |
|
Oracle Financial Services Applications 2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9
|
— | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
— | |
|
Oracle Financial Services Applications 8.0.9.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.9.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.1
|
— | |
|
Oracle Financial Services Applications 21.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.5
|
— | |
|
Oracle Financial Services Applications 19.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.2
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.1
|
— | |
|
Oracle Financial Services Applications 19.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2.1
|
— | |
|
Oracle Financial Services Applications 22.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2
|
— |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <= 14.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7
|
— |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
49 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.2.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4
|
— | |
|
Oracle Financial Services Applications 8.1.2.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.3
|
— | |
|
Oracle Financial Services Applications 22.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2
|
— | |
|
Oracle Financial Services Applications 2.9.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.4.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4.1
|
— | |
|
Oracle Financial Services Applications 2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.8
|
— | |
|
Oracle Financial Services Applications 18.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.2
|
— | |
|
Oracle Financial Services Applications 3.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.2
|
— | |
|
Oracle Financial Services Applications 4.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:4.0
|
— | |
|
Oracle Financial Services Applications 3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.0
|
— | |
|
Oracle Financial Services Applications 3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.1
|
— | |
|
Oracle Financial Services Applications 11.10
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.10
|
— | |
|
Oracle Financial Services Applications 8.1.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.0
|
— | |
|
Oracle Financial Services Applications 11.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.8
|
— | |
|
Oracle Financial Services Applications 8.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.1
|
— | |
|
Oracle Financial Services Applications 11.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.0
|
— | |
|
Oracle Financial Services Applications 18.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.3
|
— | |
|
Oracle Financial Services Applications 2.7.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.0
|
— | |
|
Oracle Financial Services Applications 11.11
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.11
|
— | |
|
Oracle Financial Services Applications 8.0.7.1.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.1.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0.0
|
— | |
|
Oracle Financial Services Applications 11.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.6
|
— | |
|
Oracle Financial Services Applications 8.1.2.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2.1
|
— | |
|
Oracle Financial Services Applications 8.0.7.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.3.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.0.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.1
|
— | |
|
Oracle Financial Services Applications 2.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7
|
— | |
|
Oracle Financial Services Applications 2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9
|
— | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
— | |
|
Oracle Financial Services Applications 8.0.9.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.9.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.1
|
— | |
|
Oracle Financial Services Applications 21.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.5
|
— | |
|
Oracle Financial Services Applications 19.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.2
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.1
|
— | |
|
Oracle Financial Services Applications 19.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2.1
|
— | |
|
Oracle Financial Services Applications 22.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2
|
— |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <= 14.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7
|
— |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
49 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.2.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4
|
— | |
|
Oracle Financial Services Applications 8.1.2.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.3
|
— | |
|
Oracle Financial Services Applications 22.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2
|
— | |
|
Oracle Financial Services Applications 2.9.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.4.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4.1
|
— | |
|
Oracle Financial Services Applications 2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.8
|
— | |
|
Oracle Financial Services Applications 18.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.2
|
— | |
|
Oracle Financial Services Applications 3.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.2
|
— | |
|
Oracle Financial Services Applications 4.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:4.0
|
— | |
|
Oracle Financial Services Applications 3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.0
|
— | |
|
Oracle Financial Services Applications 3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.1
|
— | |
|
Oracle Financial Services Applications 11.10
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.10
|
— | |
|
Oracle Financial Services Applications 8.1.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.0
|
— | |
|
Oracle Financial Services Applications 11.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.8
|
— | |
|
Oracle Financial Services Applications 8.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.1
|
— | |
|
Oracle Financial Services Applications 11.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.0
|
— | |
|
Oracle Financial Services Applications 18.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.3
|
— | |
|
Oracle Financial Services Applications 2.7.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.0
|
— | |
|
Oracle Financial Services Applications 11.11
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.11
|
— | |
|
Oracle Financial Services Applications 8.0.7.1.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.1.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0.0
|
— | |
|
Oracle Financial Services Applications 11.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.6
|
— | |
|
Oracle Financial Services Applications 8.1.2.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2.1
|
— | |
|
Oracle Financial Services Applications 8.0.7.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.3.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.0.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.1
|
— | |
|
Oracle Financial Services Applications 2.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7
|
— | |
|
Oracle Financial Services Applications 2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9
|
— | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
— | |
|
Oracle Financial Services Applications 8.0.9.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.9.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.1
|
— | |
|
Oracle Financial Services Applications 21.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.5
|
— | |
|
Oracle Financial Services Applications 19.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.2
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.1
|
— | |
|
Oracle Financial Services Applications 19.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2.1
|
— | |
|
Oracle Financial Services Applications 22.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2
|
— |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <= 14.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7
|
— |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
49 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.2.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4
|
— | |
|
Oracle Financial Services Applications 8.1.2.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.3
|
— | |
|
Oracle Financial Services Applications 22.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2
|
— | |
|
Oracle Financial Services Applications 2.9.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.4.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4.1
|
— | |
|
Oracle Financial Services Applications 2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.8
|
— | |
|
Oracle Financial Services Applications 18.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.2
|
— | |
|
Oracle Financial Services Applications 3.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.2
|
— | |
|
Oracle Financial Services Applications 4.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:4.0
|
— | |
|
Oracle Financial Services Applications 3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.0
|
— | |
|
Oracle Financial Services Applications 3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.1
|
— | |
|
Oracle Financial Services Applications 11.10
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.10
|
— | |
|
Oracle Financial Services Applications 8.1.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.0
|
— | |
|
Oracle Financial Services Applications 11.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.8
|
— | |
|
Oracle Financial Services Applications 8.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.1
|
— | |
|
Oracle Financial Services Applications 11.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.0
|
— | |
|
Oracle Financial Services Applications 18.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.3
|
— | |
|
Oracle Financial Services Applications 2.7.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.0
|
— | |
|
Oracle Financial Services Applications 11.11
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.11
|
— | |
|
Oracle Financial Services Applications 8.0.7.1.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.1.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0.0
|
— | |
|
Oracle Financial Services Applications 11.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.6
|
— | |
|
Oracle Financial Services Applications 8.1.2.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2.1
|
— | |
|
Oracle Financial Services Applications 8.0.7.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.3.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.0.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.1
|
— | |
|
Oracle Financial Services Applications 2.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7
|
— | |
|
Oracle Financial Services Applications 2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9
|
— | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
— | |
|
Oracle Financial Services Applications 8.0.9.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.9.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.1
|
— | |
|
Oracle Financial Services Applications 21.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.5
|
— | |
|
Oracle Financial Services Applications 19.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.2
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.1
|
— | |
|
Oracle Financial Services Applications 19.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2.1
|
— | |
|
Oracle Financial Services Applications 22.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2
|
— |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <= 14.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7
|
— |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
49 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.2.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4
|
— | |
|
Oracle Financial Services Applications 8.1.2.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.3
|
— | |
|
Oracle Financial Services Applications 22.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2
|
— | |
|
Oracle Financial Services Applications 2.9.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.4.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4.1
|
— | |
|
Oracle Financial Services Applications 2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.8
|
— | |
|
Oracle Financial Services Applications 18.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.2
|
— | |
|
Oracle Financial Services Applications 3.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.2
|
— | |
|
Oracle Financial Services Applications 4.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:4.0
|
— | |
|
Oracle Financial Services Applications 3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.0
|
— | |
|
Oracle Financial Services Applications 3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.1
|
— | |
|
Oracle Financial Services Applications 11.10
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.10
|
— | |
|
Oracle Financial Services Applications 8.1.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.0
|
— | |
|
Oracle Financial Services Applications 11.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.8
|
— | |
|
Oracle Financial Services Applications 8.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.1
|
— | |
|
Oracle Financial Services Applications 11.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.0
|
— | |
|
Oracle Financial Services Applications 18.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.3
|
— | |
|
Oracle Financial Services Applications 2.7.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.0
|
— | |
|
Oracle Financial Services Applications 11.11
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.11
|
— | |
|
Oracle Financial Services Applications 8.0.7.1.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.1.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0.0
|
— | |
|
Oracle Financial Services Applications 11.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.6
|
— | |
|
Oracle Financial Services Applications 8.1.2.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2.1
|
— | |
|
Oracle Financial Services Applications 8.0.7.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.3.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.0.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.1
|
— | |
|
Oracle Financial Services Applications 2.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7
|
— | |
|
Oracle Financial Services Applications 2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9
|
— | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
— | |
|
Oracle Financial Services Applications 8.0.9.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.9.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.1
|
— | |
|
Oracle Financial Services Applications 21.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.5
|
— | |
|
Oracle Financial Services Applications 19.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.2
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.1
|
— | |
|
Oracle Financial Services Applications 19.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2.1
|
— | |
|
Oracle Financial Services Applications 22.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2
|
— |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <= 14.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7
|
— |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
49 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.2.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4
|
— | |
|
Oracle Financial Services Applications 8.1.2.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.3
|
— | |
|
Oracle Financial Services Applications 22.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2
|
— | |
|
Oracle Financial Services Applications 2.9.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.4.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4.1
|
— | |
|
Oracle Financial Services Applications 2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.8
|
— | |
|
Oracle Financial Services Applications 18.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.2
|
— | |
|
Oracle Financial Services Applications 3.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.2
|
— | |
|
Oracle Financial Services Applications 4.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:4.0
|
— | |
|
Oracle Financial Services Applications 3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.0
|
— | |
|
Oracle Financial Services Applications 3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.1
|
— | |
|
Oracle Financial Services Applications 11.10
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.10
|
— | |
|
Oracle Financial Services Applications 8.1.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.0
|
— | |
|
Oracle Financial Services Applications 11.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.8
|
— | |
|
Oracle Financial Services Applications 8.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.1
|
— | |
|
Oracle Financial Services Applications 11.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.0
|
— | |
|
Oracle Financial Services Applications 18.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.3
|
— | |
|
Oracle Financial Services Applications 2.7.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.0
|
— | |
|
Oracle Financial Services Applications 11.11
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.11
|
— | |
|
Oracle Financial Services Applications 8.0.7.1.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.1.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0.0
|
— | |
|
Oracle Financial Services Applications 11.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.6
|
— | |
|
Oracle Financial Services Applications 8.1.2.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2.1
|
— | |
|
Oracle Financial Services Applications 8.0.7.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.3.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.0.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.1
|
— | |
|
Oracle Financial Services Applications 2.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7
|
— | |
|
Oracle Financial Services Applications 2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9
|
— | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
— | |
|
Oracle Financial Services Applications 8.0.9.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.9.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.1
|
— | |
|
Oracle Financial Services Applications 21.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.5
|
— | |
|
Oracle Financial Services Applications 19.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.2
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.1
|
— | |
|
Oracle Financial Services Applications 19.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2.1
|
— | |
|
Oracle Financial Services Applications 22.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2
|
— |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <= 14.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7
|
— |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
49 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.2.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4
|
— | |
|
Oracle Financial Services Applications 8.1.2.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.3
|
— | |
|
Oracle Financial Services Applications 22.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2
|
— | |
|
Oracle Financial Services Applications 2.9.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.4.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4.1
|
— | |
|
Oracle Financial Services Applications 2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.8
|
— | |
|
Oracle Financial Services Applications 18.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.2
|
— | |
|
Oracle Financial Services Applications 3.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.2
|
— | |
|
Oracle Financial Services Applications 4.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:4.0
|
— | |
|
Oracle Financial Services Applications 3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.0
|
— | |
|
Oracle Financial Services Applications 3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.1
|
— | |
|
Oracle Financial Services Applications 11.10
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.10
|
— | |
|
Oracle Financial Services Applications 8.1.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.0
|
— | |
|
Oracle Financial Services Applications 11.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.8
|
— | |
|
Oracle Financial Services Applications 8.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.1
|
— | |
|
Oracle Financial Services Applications 11.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.0
|
— | |
|
Oracle Financial Services Applications 18.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.3
|
— | |
|
Oracle Financial Services Applications 2.7.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.0
|
— | |
|
Oracle Financial Services Applications 11.11
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.11
|
— | |
|
Oracle Financial Services Applications 8.0.7.1.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.1.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0.0
|
— | |
|
Oracle Financial Services Applications 11.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.6
|
— | |
|
Oracle Financial Services Applications 8.1.2.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2.1
|
— | |
|
Oracle Financial Services Applications 8.0.7.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.3.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.0.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.1
|
— | |
|
Oracle Financial Services Applications 2.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7
|
— | |
|
Oracle Financial Services Applications 2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9
|
— | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
— | |
|
Oracle Financial Services Applications 8.0.9.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.9.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.1
|
— | |
|
Oracle Financial Services Applications 21.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.5
|
— | |
|
Oracle Financial Services Applications 19.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.2
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.1
|
— | |
|
Oracle Financial Services Applications 19.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2.1
|
— | |
|
Oracle Financial Services Applications 22.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2
|
— |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <= 14.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7
|
— |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
49 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.2.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4
|
— | |
|
Oracle Financial Services Applications 8.1.2.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.3
|
— | |
|
Oracle Financial Services Applications 22.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2
|
— | |
|
Oracle Financial Services Applications 2.9.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.4.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4.1
|
— | |
|
Oracle Financial Services Applications 2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.8
|
— | |
|
Oracle Financial Services Applications 18.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.2
|
— | |
|
Oracle Financial Services Applications 3.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.2
|
— | |
|
Oracle Financial Services Applications 4.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:4.0
|
— | |
|
Oracle Financial Services Applications 3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.0
|
— | |
|
Oracle Financial Services Applications 3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.1
|
— | |
|
Oracle Financial Services Applications 11.10
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.10
|
— | |
|
Oracle Financial Services Applications 8.1.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.0
|
— | |
|
Oracle Financial Services Applications 11.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.8
|
— | |
|
Oracle Financial Services Applications 8.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.1
|
— | |
|
Oracle Financial Services Applications 11.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.0
|
— | |
|
Oracle Financial Services Applications 18.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.3
|
— | |
|
Oracle Financial Services Applications 2.7.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.0
|
— | |
|
Oracle Financial Services Applications 11.11
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.11
|
— | |
|
Oracle Financial Services Applications 8.0.7.1.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.1.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0.0
|
— | |
|
Oracle Financial Services Applications 11.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.6
|
— | |
|
Oracle Financial Services Applications 8.1.2.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2.1
|
— | |
|
Oracle Financial Services Applications 8.0.7.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.3.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.0.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.1
|
— | |
|
Oracle Financial Services Applications 2.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7
|
— | |
|
Oracle Financial Services Applications 2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9
|
— | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
— | |
|
Oracle Financial Services Applications 8.0.9.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.9.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.1
|
— | |
|
Oracle Financial Services Applications 21.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.5
|
— | |
|
Oracle Financial Services Applications 19.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.2
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.1
|
— | |
|
Oracle Financial Services Applications 19.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2.1
|
— | |
|
Oracle Financial Services Applications 22.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2
|
— |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <= 14.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7
|
— |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
49 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.2.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4
|
— | |
|
Oracle Financial Services Applications 8.1.2.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.3
|
— | |
|
Oracle Financial Services Applications 22.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2
|
— | |
|
Oracle Financial Services Applications 2.9.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.4.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4.1
|
— | |
|
Oracle Financial Services Applications 2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.8
|
— | |
|
Oracle Financial Services Applications 18.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.2
|
— | |
|
Oracle Financial Services Applications 3.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.2
|
— | |
|
Oracle Financial Services Applications 4.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:4.0
|
— | |
|
Oracle Financial Services Applications 3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.0
|
— | |
|
Oracle Financial Services Applications 3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.1
|
— | |
|
Oracle Financial Services Applications 11.10
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.10
|
— | |
|
Oracle Financial Services Applications 8.1.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.0
|
— | |
|
Oracle Financial Services Applications 11.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.8
|
— | |
|
Oracle Financial Services Applications 8.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.1
|
— | |
|
Oracle Financial Services Applications 11.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.0
|
— | |
|
Oracle Financial Services Applications 18.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.3
|
— | |
|
Oracle Financial Services Applications 2.7.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.0
|
— | |
|
Oracle Financial Services Applications 11.11
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.11
|
— | |
|
Oracle Financial Services Applications 8.0.7.1.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.1.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0.0
|
— | |
|
Oracle Financial Services Applications 11.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.6
|
— | |
|
Oracle Financial Services Applications 8.1.2.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2.1
|
— | |
|
Oracle Financial Services Applications 8.0.7.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.3.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.0.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.1
|
— | |
|
Oracle Financial Services Applications 2.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7
|
— | |
|
Oracle Financial Services Applications 2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9
|
— | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
— | |
|
Oracle Financial Services Applications 8.0.9.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.9.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.1
|
— | |
|
Oracle Financial Services Applications 21.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.5
|
— | |
|
Oracle Financial Services Applications 19.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.2
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.1
|
— | |
|
Oracle Financial Services Applications 19.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2.1
|
— | |
|
Oracle Financial Services Applications 22.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2
|
— |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <= 14.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7
|
— |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
49 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.2.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4
|
— | |
|
Oracle Financial Services Applications 8.1.2.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.3
|
— | |
|
Oracle Financial Services Applications 22.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2
|
— | |
|
Oracle Financial Services Applications 2.9.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.4.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4.1
|
— | |
|
Oracle Financial Services Applications 2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.8
|
— | |
|
Oracle Financial Services Applications 18.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.2
|
— | |
|
Oracle Financial Services Applications 3.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.2
|
— | |
|
Oracle Financial Services Applications 4.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:4.0
|
— | |
|
Oracle Financial Services Applications 3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.0
|
— | |
|
Oracle Financial Services Applications 3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.1
|
— | |
|
Oracle Financial Services Applications 11.10
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.10
|
— | |
|
Oracle Financial Services Applications 8.1.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.0
|
— | |
|
Oracle Financial Services Applications 11.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.8
|
— | |
|
Oracle Financial Services Applications 8.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.1
|
— | |
|
Oracle Financial Services Applications 11.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.0
|
— | |
|
Oracle Financial Services Applications 18.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.3
|
— | |
|
Oracle Financial Services Applications 2.7.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.0
|
— | |
|
Oracle Financial Services Applications 11.11
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.11
|
— | |
|
Oracle Financial Services Applications 8.0.7.1.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.1.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0.0
|
— | |
|
Oracle Financial Services Applications 11.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.6
|
— | |
|
Oracle Financial Services Applications 8.1.2.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2.1
|
— | |
|
Oracle Financial Services Applications 8.0.7.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.3.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.0.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.1
|
— | |
|
Oracle Financial Services Applications 2.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7
|
— | |
|
Oracle Financial Services Applications 2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9
|
— | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
— | |
|
Oracle Financial Services Applications 8.0.9.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.9.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.1
|
— | |
|
Oracle Financial Services Applications 21.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.5
|
— | |
|
Oracle Financial Services Applications 19.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.2
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.1
|
— | |
|
Oracle Financial Services Applications 19.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2.1
|
— | |
|
Oracle Financial Services Applications 22.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2
|
— |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <= 14.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7
|
— |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
49 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.2.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4
|
— | |
|
Oracle Financial Services Applications 8.1.2.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.3
|
— | |
|
Oracle Financial Services Applications 22.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2
|
— | |
|
Oracle Financial Services Applications 2.9.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.4.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4.1
|
— | |
|
Oracle Financial Services Applications 2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.8
|
— | |
|
Oracle Financial Services Applications 18.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.2
|
— | |
|
Oracle Financial Services Applications 3.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.2
|
— | |
|
Oracle Financial Services Applications 4.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:4.0
|
— | |
|
Oracle Financial Services Applications 3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.0
|
— | |
|
Oracle Financial Services Applications 3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.1
|
— | |
|
Oracle Financial Services Applications 11.10
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.10
|
— | |
|
Oracle Financial Services Applications 8.1.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.0
|
— | |
|
Oracle Financial Services Applications 11.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.8
|
— | |
|
Oracle Financial Services Applications 8.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.1
|
— | |
|
Oracle Financial Services Applications 11.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.0
|
— | |
|
Oracle Financial Services Applications 18.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.3
|
— | |
|
Oracle Financial Services Applications 2.7.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.0
|
— | |
|
Oracle Financial Services Applications 11.11
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.11
|
— | |
|
Oracle Financial Services Applications 8.0.7.1.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.1.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0.0
|
— | |
|
Oracle Financial Services Applications 11.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.6
|
— | |
|
Oracle Financial Services Applications 8.1.2.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2.1
|
— | |
|
Oracle Financial Services Applications 8.0.7.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.3.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.0.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.1
|
— | |
|
Oracle Financial Services Applications 2.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7
|
— | |
|
Oracle Financial Services Applications 2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9
|
— | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
— | |
|
Oracle Financial Services Applications 8.0.9.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.9.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.1
|
— | |
|
Oracle Financial Services Applications 21.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.5
|
— | |
|
Oracle Financial Services Applications 19.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.2
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.1
|
— | |
|
Oracle Financial Services Applications 19.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2.1
|
— | |
|
Oracle Financial Services Applications 22.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2
|
— |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <= 14.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7
|
— |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
49 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.2.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4
|
— | |
|
Oracle Financial Services Applications 8.1.2.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.3
|
— | |
|
Oracle Financial Services Applications 22.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2
|
— | |
|
Oracle Financial Services Applications 2.9.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.4.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4.1
|
— | |
|
Oracle Financial Services Applications 2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.8
|
— | |
|
Oracle Financial Services Applications 18.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.2
|
— | |
|
Oracle Financial Services Applications 3.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.2
|
— | |
|
Oracle Financial Services Applications 4.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:4.0
|
— | |
|
Oracle Financial Services Applications 3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.0
|
— | |
|
Oracle Financial Services Applications 3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.1
|
— | |
|
Oracle Financial Services Applications 11.10
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.10
|
— | |
|
Oracle Financial Services Applications 8.1.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.0
|
— | |
|
Oracle Financial Services Applications 11.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.8
|
— | |
|
Oracle Financial Services Applications 8.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.1
|
— | |
|
Oracle Financial Services Applications 11.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.0
|
— | |
|
Oracle Financial Services Applications 18.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.3
|
— | |
|
Oracle Financial Services Applications 2.7.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.0
|
— | |
|
Oracle Financial Services Applications 11.11
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.11
|
— | |
|
Oracle Financial Services Applications 8.0.7.1.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.1.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0.0
|
— | |
|
Oracle Financial Services Applications 11.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.6
|
— | |
|
Oracle Financial Services Applications 8.1.2.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2.1
|
— | |
|
Oracle Financial Services Applications 8.0.7.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.3.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.0.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.1
|
— | |
|
Oracle Financial Services Applications 2.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7
|
— | |
|
Oracle Financial Services Applications 2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9
|
— | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
— | |
|
Oracle Financial Services Applications 8.0.9.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.9.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.1
|
— | |
|
Oracle Financial Services Applications 21.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.5
|
— | |
|
Oracle Financial Services Applications 19.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.2
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.1
|
— | |
|
Oracle Financial Services Applications 19.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2.1
|
— | |
|
Oracle Financial Services Applications 22.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2
|
— |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <= 14.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7
|
— |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
49 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.2.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4
|
— | |
|
Oracle Financial Services Applications 8.1.2.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.3
|
— | |
|
Oracle Financial Services Applications 22.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2
|
— | |
|
Oracle Financial Services Applications 2.9.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.4.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4.1
|
— | |
|
Oracle Financial Services Applications 2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.8
|
— | |
|
Oracle Financial Services Applications 18.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.2
|
— | |
|
Oracle Financial Services Applications 3.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.2
|
— | |
|
Oracle Financial Services Applications 4.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:4.0
|
— | |
|
Oracle Financial Services Applications 3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.0
|
— | |
|
Oracle Financial Services Applications 3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.1
|
— | |
|
Oracle Financial Services Applications 11.10
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.10
|
— | |
|
Oracle Financial Services Applications 8.1.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.0
|
— | |
|
Oracle Financial Services Applications 11.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.8
|
— | |
|
Oracle Financial Services Applications 8.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.1
|
— | |
|
Oracle Financial Services Applications 11.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.0
|
— | |
|
Oracle Financial Services Applications 18.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.3
|
— | |
|
Oracle Financial Services Applications 2.7.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.0
|
— | |
|
Oracle Financial Services Applications 11.11
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.11
|
— | |
|
Oracle Financial Services Applications 8.0.7.1.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.1.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0.0
|
— | |
|
Oracle Financial Services Applications 11.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.6
|
— | |
|
Oracle Financial Services Applications 8.1.2.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2.1
|
— | |
|
Oracle Financial Services Applications 8.0.7.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.3.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.0.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.1
|
— | |
|
Oracle Financial Services Applications 2.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7
|
— | |
|
Oracle Financial Services Applications 2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9
|
— | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
— | |
|
Oracle Financial Services Applications 8.0.9.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.9.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.1
|
— | |
|
Oracle Financial Services Applications 21.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.5
|
— | |
|
Oracle Financial Services Applications 19.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.2
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.1
|
— | |
|
Oracle Financial Services Applications 19.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2.1
|
— | |
|
Oracle Financial Services Applications 22.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2
|
— |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <= 14.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7
|
— |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
49 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.2.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4
|
— | |
|
Oracle Financial Services Applications 8.1.2.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.3
|
— | |
|
Oracle Financial Services Applications 22.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2
|
— | |
|
Oracle Financial Services Applications 2.9.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.4.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4.1
|
— | |
|
Oracle Financial Services Applications 2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.8
|
— | |
|
Oracle Financial Services Applications 18.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.2
|
— | |
|
Oracle Financial Services Applications 3.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.2
|
— | |
|
Oracle Financial Services Applications 4.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:4.0
|
— | |
|
Oracle Financial Services Applications 3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.0
|
— | |
|
Oracle Financial Services Applications 3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.1
|
— | |
|
Oracle Financial Services Applications 11.10
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.10
|
— | |
|
Oracle Financial Services Applications 8.1.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.0
|
— | |
|
Oracle Financial Services Applications 11.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.8
|
— | |
|
Oracle Financial Services Applications 8.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.1
|
— | |
|
Oracle Financial Services Applications 11.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.0
|
— | |
|
Oracle Financial Services Applications 18.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.3
|
— | |
|
Oracle Financial Services Applications 2.7.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.0
|
— | |
|
Oracle Financial Services Applications 11.11
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.11
|
— | |
|
Oracle Financial Services Applications 8.0.7.1.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.1.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0.0
|
— | |
|
Oracle Financial Services Applications 11.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.6
|
— | |
|
Oracle Financial Services Applications 8.1.2.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2.1
|
— | |
|
Oracle Financial Services Applications 8.0.7.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.3.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.0.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.1
|
— | |
|
Oracle Financial Services Applications 2.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7
|
— | |
|
Oracle Financial Services Applications 2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9
|
— | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
— | |
|
Oracle Financial Services Applications 8.0.9.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.9.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.1
|
— | |
|
Oracle Financial Services Applications 21.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.5
|
— | |
|
Oracle Financial Services Applications 19.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.2
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.1
|
— | |
|
Oracle Financial Services Applications 19.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2.1
|
— | |
|
Oracle Financial Services Applications 22.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2
|
— |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <= 14.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7
|
— |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
49 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.2.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4
|
— | |
|
Oracle Financial Services Applications 8.1.2.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.3
|
— | |
|
Oracle Financial Services Applications 22.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2
|
— | |
|
Oracle Financial Services Applications 2.9.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.4.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4.1
|
— | |
|
Oracle Financial Services Applications 2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.8
|
— | |
|
Oracle Financial Services Applications 18.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.2
|
— | |
|
Oracle Financial Services Applications 3.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.2
|
— | |
|
Oracle Financial Services Applications 4.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:4.0
|
— | |
|
Oracle Financial Services Applications 3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.0
|
— | |
|
Oracle Financial Services Applications 3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.1
|
— | |
|
Oracle Financial Services Applications 11.10
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.10
|
— | |
|
Oracle Financial Services Applications 8.1.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.0
|
— | |
|
Oracle Financial Services Applications 11.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.8
|
— | |
|
Oracle Financial Services Applications 8.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.1
|
— | |
|
Oracle Financial Services Applications 11.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.0
|
— | |
|
Oracle Financial Services Applications 18.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.3
|
— | |
|
Oracle Financial Services Applications 2.7.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.0
|
— | |
|
Oracle Financial Services Applications 11.11
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.11
|
— | |
|
Oracle Financial Services Applications 8.0.7.1.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.1.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0.0
|
— | |
|
Oracle Financial Services Applications 11.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.6
|
— | |
|
Oracle Financial Services Applications 8.1.2.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2.1
|
— | |
|
Oracle Financial Services Applications 8.0.7.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.3.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.0.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.1
|
— | |
|
Oracle Financial Services Applications 2.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7
|
— | |
|
Oracle Financial Services Applications 2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9
|
— | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
— | |
|
Oracle Financial Services Applications 8.0.9.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.9.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.1
|
— | |
|
Oracle Financial Services Applications 21.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.5
|
— | |
|
Oracle Financial Services Applications 19.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.2
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.1
|
— | |
|
Oracle Financial Services Applications 19.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2.1
|
— | |
|
Oracle Financial Services Applications 22.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2
|
— |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <= 14.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7
|
— |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
49 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.2.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4
|
— | |
|
Oracle Financial Services Applications 8.1.2.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.3
|
— | |
|
Oracle Financial Services Applications 22.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2
|
— | |
|
Oracle Financial Services Applications 2.9.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.4.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4.1
|
— | |
|
Oracle Financial Services Applications 2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.8
|
— | |
|
Oracle Financial Services Applications 18.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.2
|
— | |
|
Oracle Financial Services Applications 3.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.2
|
— | |
|
Oracle Financial Services Applications 4.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:4.0
|
— | |
|
Oracle Financial Services Applications 3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.0
|
— | |
|
Oracle Financial Services Applications 3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.1
|
— | |
|
Oracle Financial Services Applications 11.10
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.10
|
— | |
|
Oracle Financial Services Applications 8.1.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.0
|
— | |
|
Oracle Financial Services Applications 11.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.8
|
— | |
|
Oracle Financial Services Applications 8.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.1
|
— | |
|
Oracle Financial Services Applications 11.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.0
|
— | |
|
Oracle Financial Services Applications 18.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.3
|
— | |
|
Oracle Financial Services Applications 2.7.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.0
|
— | |
|
Oracle Financial Services Applications 11.11
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.11
|
— | |
|
Oracle Financial Services Applications 8.0.7.1.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.1.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0.0
|
— | |
|
Oracle Financial Services Applications 11.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.6
|
— | |
|
Oracle Financial Services Applications 8.1.2.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2.1
|
— | |
|
Oracle Financial Services Applications 8.0.7.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.3.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.0.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.1
|
— | |
|
Oracle Financial Services Applications 2.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7
|
— | |
|
Oracle Financial Services Applications 2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9
|
— | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
— | |
|
Oracle Financial Services Applications 8.0.9.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.9.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.1
|
— | |
|
Oracle Financial Services Applications 21.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.5
|
— | |
|
Oracle Financial Services Applications 19.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.2
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.1
|
— | |
|
Oracle Financial Services Applications 19.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2.1
|
— | |
|
Oracle Financial Services Applications 22.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2
|
— |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <= 14.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7
|
— |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
49 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.2.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4
|
— | |
|
Oracle Financial Services Applications 8.1.2.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.3
|
— | |
|
Oracle Financial Services Applications 22.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2
|
— | |
|
Oracle Financial Services Applications 2.9.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.4.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4.1
|
— | |
|
Oracle Financial Services Applications 2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.8
|
— | |
|
Oracle Financial Services Applications 18.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.2
|
— | |
|
Oracle Financial Services Applications 3.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.2
|
— | |
|
Oracle Financial Services Applications 4.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:4.0
|
— | |
|
Oracle Financial Services Applications 3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.0
|
— | |
|
Oracle Financial Services Applications 3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:3.1
|
— | |
|
Oracle Financial Services Applications 11.10
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.10
|
— | |
|
Oracle Financial Services Applications 8.1.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.0
|
— | |
|
Oracle Financial Services Applications 11.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.8
|
— | |
|
Oracle Financial Services Applications 8.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1
|
— | |
|
Oracle Financial Services Applications 8.1.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.1
|
— | |
|
Oracle Financial Services Applications 11.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.0
|
— | |
|
Oracle Financial Services Applications 18.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.3
|
— | |
|
Oracle Financial Services Applications 2.7.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.7
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.0
|
— | |
|
Oracle Financial Services Applications 11.11
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.11
|
— | |
|
Oracle Financial Services Applications 8.0.7.1.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.1.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0.0
|
— | |
|
Oracle Financial Services Applications 11.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:11.6
|
— | |
|
Oracle Financial Services Applications 8.1.2.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2.1
|
— | |
|
Oracle Financial Services Applications 8.0.7.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.3.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.0.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0.1.4
|
— | |
|
Oracle Financial Services Applications 8.1.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1.1
|
— | |
|
Oracle Financial Services Applications 2.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.7
|
— | |
|
Oracle Financial Services Applications 2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9
|
— | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
— | |
|
Oracle Financial Services Applications 8.0.9.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.9.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.0
|
— | |
|
Oracle Financial Services Applications 8.1.2.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.2
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.1
|
— | |
|
Oracle Financial Services Applications 21.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1
|
— | |
|
Oracle Financial Services Applications 8.1.1.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.2.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.3.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.3.5
|
— | |
|
Oracle Financial Services Applications 19.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.2
|
— | |
|
Oracle Financial Services Applications 8.0.7.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8.1
|
— | |
|
Oracle Financial Services Applications 19.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2.1
|
— | |
|
Oracle Financial Services Applications 22.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1
|
— | |
|
Oracle Financial Services Applications 8.0.8.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2
|
— |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <= 14.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7
|
— |
References
3 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Oracle Financial Services ist eine Zusammenstellung von Anwendungen f\u00fcr den Finanzsektor und eine Technologiebasis zur Erf\u00fcllung von IT- und Gesch\u00e4ftsanforderungen.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Oracle Financial Services Applications ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- UNIX\n- Linux\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-1017 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1017.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-1017 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1017"
},
{
"category": "external",
"summary": "Oracle Critical Patch Update Advisory - April 2023 - Appendix Oracle Financial Services Applications vom 2023-04-18",
"url": "https://www.oracle.com/security-alerts/cpuapr2023.html#AppendixIFLX"
}
],
"source_lang": "en-US",
"title": "Oracle Financial Services Applications: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2023-04-18T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:49:16.791+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2023-1017",
"initial_release_date": "2023-04-18T22:00:00.000+00:00",
"revision_history": [
{
"date": "2023-04-18T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Oracle Financial Services Applications 2.7.1",
"product": {
"name": "Oracle Financial Services Applications 2.7.1",
"product_id": "T018979",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:2.7.1"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 11.7",
"product": {
"name": "Oracle Financial Services Applications 11.7",
"product_id": "T020695",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:11.7"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 11.8",
"product": {
"name": "Oracle Financial Services Applications 11.8",
"product_id": "T020696",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:11.8"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 11.10",
"product": {
"name": "Oracle Financial Services Applications 11.10",
"product_id": "T020698",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:11.10"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 18.3",
"product": {
"name": "Oracle Financial Services Applications 18.3",
"product_id": "T021669",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:18.3"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 19.1",
"product": {
"name": "Oracle Financial Services Applications 19.1",
"product_id": "T021670",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:19.1"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 19.2",
"product": {
"name": "Oracle Financial Services Applications 19.2",
"product_id": "T021671",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:19.2"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 21.1",
"product": {
"name": "Oracle Financial Services Applications 21.1",
"product_id": "T021673",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:21.1"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 8.1.1.0",
"product": {
"name": "Oracle Financial Services Applications 8.1.1.0",
"product_id": "T022833",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.1.1.0"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 8.1.2.0",
"product": {
"name": "Oracle Financial Services Applications 8.1.2.0",
"product_id": "T022834",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.1.2.0"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 8.1.1.1",
"product": {
"name": "Oracle Financial Services Applications 8.1.1.1",
"product_id": "T022835",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.1.1.1"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 8.0.9.0",
"product": {
"name": "Oracle Financial Services Applications 8.0.9.0",
"product_id": "T022840",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.0.9.0"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 8.0.8.0",
"product": {
"name": "Oracle Financial Services Applications 8.0.8.0",
"product_id": "T022841",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.0.8.0"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 8.0.8.1",
"product": {
"name": "Oracle Financial Services Applications 8.0.8.1",
"product_id": "T022844",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.0.8.1"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 8.1.0.0",
"product": {
"name": "Oracle Financial Services Applications 8.1.0.0",
"product_id": "T023923",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.1.0.0"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 8.1.2.1",
"product": {
"name": "Oracle Financial Services Applications 8.1.2.1",
"product_id": "T023924",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.1.2.1"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 8.0.7.0",
"product": {
"name": "Oracle Financial Services Applications 8.0.7.0",
"product_id": "T023925",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.0.7.0"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 2.7",
"product": {
"name": "Oracle Financial Services Applications 2.7",
"product_id": "T023927",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:2.7"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 2.9",
"product": {
"name": "Oracle Financial Services Applications 2.9",
"product_id": "T023928",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:2.9"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 8.1.2.2",
"product": {
"name": "Oracle Financial Services Applications 8.1.2.2",
"product_id": "T024988",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.1.2.2"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 8.0.8.2",
"product": {
"name": "Oracle Financial Services Applications 8.0.8.2",
"product_id": "T024990",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.0.8.2"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 8.0.8.3.1",
"product": {
"name": "Oracle Financial Services Applications 8.0.8.3.1",
"product_id": "T025878",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.0.8.3.1"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications \u003c= 14.7",
"product": {
"name": "Oracle Financial Services Applications \u003c= 14.7",
"product_id": "T027348",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:14.7"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 22.1",
"product": {
"name": "Oracle Financial Services Applications 22.1",
"product_id": "T027349",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:22.1"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 22.2",
"product": {
"name": "Oracle Financial Services Applications 22.2",
"product_id": "T027350",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:22.2"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 8.1.2.4",
"product": {
"name": "Oracle Financial Services Applications 8.1.2.4",
"product_id": "T027351",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.1.2.4"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 8.1.2.3",
"product": {
"name": "Oracle Financial Services Applications 8.1.2.3",
"product_id": "T027352",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.1.2.3"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 2.8",
"product": {
"name": "Oracle Financial Services Applications 2.8",
"product_id": "T027353",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:2.8"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 18.2",
"product": {
"name": "Oracle Financial Services Applications 18.2",
"product_id": "T027354",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:18.2"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 8.1.2.4.1",
"product": {
"name": "Oracle Financial Services Applications 8.1.2.4.1",
"product_id": "T027358",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.1.2.4.1"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 2.9.1",
"product": {
"name": "Oracle Financial Services Applications 2.9.1",
"product_id": "T027359",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:2.9.1"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 3.0",
"product": {
"name": "Oracle Financial Services Applications 3.0",
"product_id": "T027360",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:3.0"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 3.1",
"product": {
"name": "Oracle Financial Services Applications 3.1",
"product_id": "T027361",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:3.1"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 3.2",
"product": {
"name": "Oracle Financial Services Applications 3.2",
"product_id": "T027362",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:3.2"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 4.0",
"product": {
"name": "Oracle Financial Services Applications 4.0",
"product_id": "T027363",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:4.0"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 8.0.8.0.0",
"product": {
"name": "Oracle Financial Services Applications 8.0.8.0.0",
"product_id": "T027364",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.0.8.0.0"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 11.6",
"product": {
"name": "Oracle Financial Services Applications 11.6",
"product_id": "T027365",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:11.6"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 11.11",
"product": {
"name": "Oracle Financial Services Applications 11.11",
"product_id": "T027366",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:11.11"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 8.0.7.1.2",
"product": {
"name": "Oracle Financial Services Applications 8.0.7.1.2",
"product_id": "T027367",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.0.7.1.2"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 8.1.1.1.7",
"product": {
"name": "Oracle Financial Services Applications 8.1.1.1.7",
"product_id": "T027368",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.1.1.1.7"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 8.0.7.8.0",
"product": {
"name": "Oracle Financial Services Applications 8.0.7.8.0",
"product_id": "T027369",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.0.7.8.0"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 8.1.1.1.1",
"product": {
"name": "Oracle Financial Services Applications 8.1.1.1.1",
"product_id": "T027370",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.1.1.1.1"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 8.0.8.1.4",
"product": {
"name": "Oracle Financial Services Applications 8.0.8.1.4",
"product_id": "T027371",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.0.8.1.4"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 8.1.0.1.4",
"product": {
"name": "Oracle Financial Services Applications 8.1.0.1.4",
"product_id": "T027372",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.1.0.1.4"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 8.1.2.2.1",
"product": {
"name": "Oracle Financial Services Applications 8.1.2.2.1",
"product_id": "T027373",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.1.2.2.1"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 8.0.7.3.1",
"product": {
"name": "Oracle Financial Services Applications 8.0.7.3.1",
"product_id": "T027374",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.0.7.3.1"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 8.0.7.8.1",
"product": {
"name": "Oracle Financial Services Applications 8.0.7.8.1",
"product_id": "T027375",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.0.7.8.1"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 8.0.8.2.1",
"product": {
"name": "Oracle Financial Services Applications 8.0.8.2.1",
"product_id": "T027376",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.0.8.2.1"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 8.1.1.2.0",
"product": {
"name": "Oracle Financial Services Applications 8.1.1.2.0",
"product_id": "T027377",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.1.1.2.0"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 8.0.8.3.5",
"product": {
"name": "Oracle Financial Services Applications 8.0.8.3.5",
"product_id": "T027378",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.0.8.3.5"
}
}
}
],
"category": "product_name",
"name": "Financial Services Applications"
}
],
"category": "vendor",
"name": "Oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-28708",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T027351",
"T027352",
"T027350",
"T027359",
"T027358",
"T027353",
"T027354",
"T027362",
"T027363",
"T027360",
"T027361",
"T020698",
"T022833",
"T022834",
"T023923",
"T020696",
"T022835",
"T023924",
"T020695",
"T023925",
"T021669",
"T018979",
"T027368",
"T027369",
"T027366",
"T027367",
"T027364",
"T027365",
"T027373",
"T027374",
"T027371",
"T027372",
"T027370",
"T023927",
"T023928",
"T022844",
"T022840",
"T022841",
"T024988",
"T025878",
"T021673",
"T027377",
"T027378",
"T021671",
"T027375",
"T021670",
"T027376",
"T027349",
"T024990"
],
"last_affected": [
"T027348"
]
},
"release_date": "2023-04-18T22:00:00.000+00:00",
"title": "CVE-2023-28708"
},
{
"cve": "CVE-2023-25194",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T027351",
"T027352",
"T027350",
"T027359",
"T027358",
"T027353",
"T027354",
"T027362",
"T027363",
"T027360",
"T027361",
"T020698",
"T022833",
"T022834",
"T023923",
"T020696",
"T022835",
"T023924",
"T020695",
"T023925",
"T021669",
"T018979",
"T027368",
"T027369",
"T027366",
"T027367",
"T027364",
"T027365",
"T027373",
"T027374",
"T027371",
"T027372",
"T027370",
"T023927",
"T023928",
"T022844",
"T022840",
"T022841",
"T024988",
"T025878",
"T021673",
"T027377",
"T027378",
"T021671",
"T027375",
"T021670",
"T027376",
"T027349",
"T024990"
],
"last_affected": [
"T027348"
]
},
"release_date": "2023-04-18T22:00:00.000+00:00",
"title": "CVE-2023-25194"
},
{
"cve": "CVE-2023-24998",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T027351",
"T027352",
"T027350",
"T027359",
"T027358",
"T027353",
"T027354",
"T027362",
"T027363",
"T027360",
"T027361",
"T020698",
"T022833",
"T022834",
"T023923",
"T020696",
"T022835",
"T023924",
"T020695",
"T023925",
"T021669",
"T018979",
"T027368",
"T027369",
"T027366",
"T027367",
"T027364",
"T027365",
"T027373",
"T027374",
"T027371",
"T027372",
"T027370",
"T023927",
"T023928",
"T022844",
"T022840",
"T022841",
"T024988",
"T025878",
"T021673",
"T027377",
"T027378",
"T021671",
"T027375",
"T021670",
"T027376",
"T027349",
"T024990"
],
"last_affected": [
"T027348"
]
},
"release_date": "2023-04-18T22:00:00.000+00:00",
"title": "CVE-2023-24998"
},
{
"cve": "CVE-2023-21915",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T027351",
"T027352",
"T027350",
"T027359",
"T027358",
"T027353",
"T027354",
"T027362",
"T027363",
"T027360",
"T027361",
"T020698",
"T022833",
"T022834",
"T023923",
"T020696",
"T022835",
"T023924",
"T020695",
"T023925",
"T021669",
"T018979",
"T027368",
"T027369",
"T027366",
"T027367",
"T027364",
"T027365",
"T027373",
"T027374",
"T027371",
"T027372",
"T027370",
"T023927",
"T023928",
"T022844",
"T022840",
"T022841",
"T024988",
"T025878",
"T021673",
"T027377",
"T027378",
"T021671",
"T027375",
"T021670",
"T027376",
"T027349",
"T024990"
],
"last_affected": [
"T027348"
]
},
"release_date": "2023-04-18T22:00:00.000+00:00",
"title": "CVE-2023-21915"
},
{
"cve": "CVE-2023-21908",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T027351",
"T027352",
"T027350",
"T027359",
"T027358",
"T027353",
"T027354",
"T027362",
"T027363",
"T027360",
"T027361",
"T020698",
"T022833",
"T022834",
"T023923",
"T020696",
"T022835",
"T023924",
"T020695",
"T023925",
"T021669",
"T018979",
"T027368",
"T027369",
"T027366",
"T027367",
"T027364",
"T027365",
"T027373",
"T027374",
"T027371",
"T027372",
"T027370",
"T023927",
"T023928",
"T022844",
"T022840",
"T022841",
"T024988",
"T025878",
"T021673",
"T027377",
"T027378",
"T021671",
"T027375",
"T021670",
"T027376",
"T027349",
"T024990"
],
"last_affected": [
"T027348"
]
},
"release_date": "2023-04-18T22:00:00.000+00:00",
"title": "CVE-2023-21908"
},
{
"cve": "CVE-2023-21907",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T027351",
"T027352",
"T027350",
"T027359",
"T027358",
"T027353",
"T027354",
"T027362",
"T027363",
"T027360",
"T027361",
"T020698",
"T022833",
"T022834",
"T023923",
"T020696",
"T022835",
"T023924",
"T020695",
"T023925",
"T021669",
"T018979",
"T027368",
"T027369",
"T027366",
"T027367",
"T027364",
"T027365",
"T027373",
"T027374",
"T027371",
"T027372",
"T027370",
"T023927",
"T023928",
"T022844",
"T022840",
"T022841",
"T024988",
"T025878",
"T021673",
"T027377",
"T027378",
"T021671",
"T027375",
"T021670",
"T027376",
"T027349",
"T024990"
],
"last_affected": [
"T027348"
]
},
"release_date": "2023-04-18T22:00:00.000+00:00",
"title": "CVE-2023-21907"
},
{
"cve": "CVE-2023-21906",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T027351",
"T027352",
"T027350",
"T027359",
"T027358",
"T027353",
"T027354",
"T027362",
"T027363",
"T027360",
"T027361",
"T020698",
"T022833",
"T022834",
"T023923",
"T020696",
"T022835",
"T023924",
"T020695",
"T023925",
"T021669",
"T018979",
"T027368",
"T027369",
"T027366",
"T027367",
"T027364",
"T027365",
"T027373",
"T027374",
"T027371",
"T027372",
"T027370",
"T023927",
"T023928",
"T022844",
"T022840",
"T022841",
"T024988",
"T025878",
"T021673",
"T027377",
"T027378",
"T021671",
"T027375",
"T021670",
"T027376",
"T027349",
"T024990"
],
"last_affected": [
"T027348"
]
},
"release_date": "2023-04-18T22:00:00.000+00:00",
"title": "CVE-2023-21906"
},
{
"cve": "CVE-2023-21905",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T027351",
"T027352",
"T027350",
"T027359",
"T027358",
"T027353",
"T027354",
"T027362",
"T027363",
"T027360",
"T027361",
"T020698",
"T022833",
"T022834",
"T023923",
"T020696",
"T022835",
"T023924",
"T020695",
"T023925",
"T021669",
"T018979",
"T027368",
"T027369",
"T027366",
"T027367",
"T027364",
"T027365",
"T027373",
"T027374",
"T027371",
"T027372",
"T027370",
"T023927",
"T023928",
"T022844",
"T022840",
"T022841",
"T024988",
"T025878",
"T021673",
"T027377",
"T027378",
"T021671",
"T027375",
"T021670",
"T027376",
"T027349",
"T024990"
],
"last_affected": [
"T027348"
]
},
"release_date": "2023-04-18T22:00:00.000+00:00",
"title": "CVE-2023-21905"
},
{
"cve": "CVE-2023-21904",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T027351",
"T027352",
"T027350",
"T027359",
"T027358",
"T027353",
"T027354",
"T027362",
"T027363",
"T027360",
"T027361",
"T020698",
"T022833",
"T022834",
"T023923",
"T020696",
"T022835",
"T023924",
"T020695",
"T023925",
"T021669",
"T018979",
"T027368",
"T027369",
"T027366",
"T027367",
"T027364",
"T027365",
"T027373",
"T027374",
"T027371",
"T027372",
"T027370",
"T023927",
"T023928",
"T022844",
"T022840",
"T022841",
"T024988",
"T025878",
"T021673",
"T027377",
"T027378",
"T021671",
"T027375",
"T021670",
"T027376",
"T027349",
"T024990"
],
"last_affected": [
"T027348"
]
},
"release_date": "2023-04-18T22:00:00.000+00:00",
"title": "CVE-2023-21904"
},
{
"cve": "CVE-2023-21903",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T027351",
"T027352",
"T027350",
"T027359",
"T027358",
"T027353",
"T027354",
"T027362",
"T027363",
"T027360",
"T027361",
"T020698",
"T022833",
"T022834",
"T023923",
"T020696",
"T022835",
"T023924",
"T020695",
"T023925",
"T021669",
"T018979",
"T027368",
"T027369",
"T027366",
"T027367",
"T027364",
"T027365",
"T027373",
"T027374",
"T027371",
"T027372",
"T027370",
"T023927",
"T023928",
"T022844",
"T022840",
"T022841",
"T024988",
"T025878",
"T021673",
"T027377",
"T027378",
"T021671",
"T027375",
"T021670",
"T027376",
"T027349",
"T024990"
],
"last_affected": [
"T027348"
]
},
"release_date": "2023-04-18T22:00:00.000+00:00",
"title": "CVE-2023-21903"
},
{
"cve": "CVE-2023-21902",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T027351",
"T027352",
"T027350",
"T027359",
"T027358",
"T027353",
"T027354",
"T027362",
"T027363",
"T027360",
"T027361",
"T020698",
"T022833",
"T022834",
"T023923",
"T020696",
"T022835",
"T023924",
"T020695",
"T023925",
"T021669",
"T018979",
"T027368",
"T027369",
"T027366",
"T027367",
"T027364",
"T027365",
"T027373",
"T027374",
"T027371",
"T027372",
"T027370",
"T023927",
"T023928",
"T022844",
"T022840",
"T022841",
"T024988",
"T025878",
"T021673",
"T027377",
"T027378",
"T021671",
"T027375",
"T021670",
"T027376",
"T027349",
"T024990"
],
"last_affected": [
"T027348"
]
},
"release_date": "2023-04-18T22:00:00.000+00:00",
"title": "CVE-2023-21902"
},
{
"cve": "CVE-2022-46908",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T027351",
"T027352",
"T027350",
"T027359",
"T027358",
"T027353",
"T027354",
"T027362",
"T027363",
"T027360",
"T027361",
"T020698",
"T022833",
"T022834",
"T023923",
"T020696",
"T022835",
"T023924",
"T020695",
"T023925",
"T021669",
"T018979",
"T027368",
"T027369",
"T027366",
"T027367",
"T027364",
"T027365",
"T027373",
"T027374",
"T027371",
"T027372",
"T027370",
"T023927",
"T023928",
"T022844",
"T022840",
"T022841",
"T024988",
"T025878",
"T021673",
"T027377",
"T027378",
"T021671",
"T027375",
"T021670",
"T027376",
"T027349",
"T024990"
],
"last_affected": [
"T027348"
]
},
"release_date": "2023-04-18T22:00:00.000+00:00",
"title": "CVE-2022-46908"
},
{
"cve": "CVE-2022-46364",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T027351",
"T027352",
"T027350",
"T027359",
"T027358",
"T027353",
"T027354",
"T027362",
"T027363",
"T027360",
"T027361",
"T020698",
"T022833",
"T022834",
"T023923",
"T020696",
"T022835",
"T023924",
"T020695",
"T023925",
"T021669",
"T018979",
"T027368",
"T027369",
"T027366",
"T027367",
"T027364",
"T027365",
"T027373",
"T027374",
"T027371",
"T027372",
"T027370",
"T023927",
"T023928",
"T022844",
"T022840",
"T022841",
"T024988",
"T025878",
"T021673",
"T027377",
"T027378",
"T021671",
"T027375",
"T021670",
"T027376",
"T027349",
"T024990"
],
"last_affected": [
"T027348"
]
},
"release_date": "2023-04-18T22:00:00.000+00:00",
"title": "CVE-2022-46364"
},
{
"cve": "CVE-2022-43680",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T027351",
"T027352",
"T027350",
"T027359",
"T027358",
"T027353",
"T027354",
"T027362",
"T027363",
"T027360",
"T027361",
"T020698",
"T022833",
"T022834",
"T023923",
"T020696",
"T022835",
"T023924",
"T020695",
"T023925",
"T021669",
"T018979",
"T027368",
"T027369",
"T027366",
"T027367",
"T027364",
"T027365",
"T027373",
"T027374",
"T027371",
"T027372",
"T027370",
"T023927",
"T023928",
"T022844",
"T022840",
"T022841",
"T024988",
"T025878",
"T021673",
"T027377",
"T027378",
"T021671",
"T027375",
"T021670",
"T027376",
"T027349",
"T024990"
],
"last_affected": [
"T027348"
]
},
"release_date": "2023-04-18T22:00:00.000+00:00",
"title": "CVE-2022-43680"
},
{
"cve": "CVE-2022-42890",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T027351",
"T027352",
"T027350",
"T027359",
"T027358",
"T027353",
"T027354",
"T027362",
"T027363",
"T027360",
"T027361",
"T020698",
"T022833",
"T022834",
"T023923",
"T020696",
"T022835",
"T023924",
"T020695",
"T023925",
"T021669",
"T018979",
"T027368",
"T027369",
"T027366",
"T027367",
"T027364",
"T027365",
"T027373",
"T027374",
"T027371",
"T027372",
"T027370",
"T023927",
"T023928",
"T022844",
"T022840",
"T022841",
"T024988",
"T025878",
"T021673",
"T027377",
"T027378",
"T021671",
"T027375",
"T021670",
"T027376",
"T027349",
"T024990"
],
"last_affected": [
"T027348"
]
},
"release_date": "2023-04-18T22:00:00.000+00:00",
"title": "CVE-2022-42890"
},
{
"cve": "CVE-2022-42889",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T027351",
"T027352",
"T027350",
"T027359",
"T027358",
"T027353",
"T027354",
"T027362",
"T027363",
"T027360",
"T027361",
"T020698",
"T022833",
"T022834",
"T023923",
"T020696",
"T022835",
"T023924",
"T020695",
"T023925",
"T021669",
"T018979",
"T027368",
"T027369",
"T027366",
"T027367",
"T027364",
"T027365",
"T027373",
"T027374",
"T027371",
"T027372",
"T027370",
"T023927",
"T023928",
"T022844",
"T022840",
"T022841",
"T024988",
"T025878",
"T021673",
"T027377",
"T027378",
"T021671",
"T027375",
"T021670",
"T027376",
"T027349",
"T024990"
],
"last_affected": [
"T027348"
]
},
"release_date": "2023-04-18T22:00:00.000+00:00",
"title": "CVE-2022-42889"
},
{
"cve": "CVE-2022-42252",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T027351",
"T027352",
"T027350",
"T027359",
"T027358",
"T027353",
"T027354",
"T027362",
"T027363",
"T027360",
"T027361",
"T020698",
"T022833",
"T022834",
"T023923",
"T020696",
"T022835",
"T023924",
"T020695",
"T023925",
"T021669",
"T018979",
"T027368",
"T027369",
"T027366",
"T027367",
"T027364",
"T027365",
"T027373",
"T027374",
"T027371",
"T027372",
"T027370",
"T023927",
"T023928",
"T022844",
"T022840",
"T022841",
"T024988",
"T025878",
"T021673",
"T027377",
"T027378",
"T021671",
"T027375",
"T021670",
"T027376",
"T027349",
"T024990"
],
"last_affected": [
"T027348"
]
},
"release_date": "2023-04-18T22:00:00.000+00:00",
"title": "CVE-2022-42252"
},
{
"cve": "CVE-2022-42003",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T027351",
"T027352",
"T027350",
"T027359",
"T027358",
"T027353",
"T027354",
"T027362",
"T027363",
"T027360",
"T027361",
"T020698",
"T022833",
"T022834",
"T023923",
"T020696",
"T022835",
"T023924",
"T020695",
"T023925",
"T021669",
"T018979",
"T027368",
"T027369",
"T027366",
"T027367",
"T027364",
"T027365",
"T027373",
"T027374",
"T027371",
"T027372",
"T027370",
"T023927",
"T023928",
"T022844",
"T022840",
"T022841",
"T024988",
"T025878",
"T021673",
"T027377",
"T027378",
"T021671",
"T027375",
"T021670",
"T027376",
"T027349",
"T024990"
],
"last_affected": [
"T027348"
]
},
"release_date": "2023-04-18T22:00:00.000+00:00",
"title": "CVE-2022-42003"
},
{
"cve": "CVE-2022-41881",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T027351",
"T027352",
"T027350",
"T027359",
"T027358",
"T027353",
"T027354",
"T027362",
"T027363",
"T027360",
"T027361",
"T020698",
"T022833",
"T022834",
"T023923",
"T020696",
"T022835",
"T023924",
"T020695",
"T023925",
"T021669",
"T018979",
"T027368",
"T027369",
"T027366",
"T027367",
"T027364",
"T027365",
"T027373",
"T027374",
"T027371",
"T027372",
"T027370",
"T023927",
"T023928",
"T022844",
"T022840",
"T022841",
"T024988",
"T025878",
"T021673",
"T027377",
"T027378",
"T021671",
"T027375",
"T021670",
"T027376",
"T027349",
"T024990"
],
"last_affected": [
"T027348"
]
},
"release_date": "2023-04-18T22:00:00.000+00:00",
"title": "CVE-2022-41881"
},
{
"cve": "CVE-2022-40146",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T027351",
"T027352",
"T027350",
"T027359",
"T027358",
"T027353",
"T027354",
"T027362",
"T027363",
"T027360",
"T027361",
"T020698",
"T022833",
"T022834",
"T023923",
"T020696",
"T022835",
"T023924",
"T020695",
"T023925",
"T021669",
"T018979",
"T027368",
"T027369",
"T027366",
"T027367",
"T027364",
"T027365",
"T027373",
"T027374",
"T027371",
"T027372",
"T027370",
"T023927",
"T023928",
"T022844",
"T022840",
"T022841",
"T024988",
"T025878",
"T021673",
"T027377",
"T027378",
"T021671",
"T027375",
"T021670",
"T027376",
"T027349",
"T024990"
],
"last_affected": [
"T027348"
]
},
"release_date": "2023-04-18T22:00:00.000+00:00",
"title": "CVE-2022-40146"
},
{
"cve": "CVE-2022-38752",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T027351",
"T027352",
"T027350",
"T027359",
"T027358",
"T027353",
"T027354",
"T027362",
"T027363",
"T027360",
"T027361",
"T020698",
"T022833",
"T022834",
"T023923",
"T020696",
"T022835",
"T023924",
"T020695",
"T023925",
"T021669",
"T018979",
"T027368",
"T027369",
"T027366",
"T027367",
"T027364",
"T027365",
"T027373",
"T027374",
"T027371",
"T027372",
"T027370",
"T023927",
"T023928",
"T022844",
"T022840",
"T022841",
"T024988",
"T025878",
"T021673",
"T027377",
"T027378",
"T021671",
"T027375",
"T021670",
"T027376",
"T027349",
"T024990"
],
"last_affected": [
"T027348"
]
},
"release_date": "2023-04-18T22:00:00.000+00:00",
"title": "CVE-2022-38752"
},
{
"cve": "CVE-2022-36033",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T027351",
"T027352",
"T027350",
"T027359",
"T027358",
"T027353",
"T027354",
"T027362",
"T027363",
"T027360",
"T027361",
"T020698",
"T022833",
"T022834",
"T023923",
"T020696",
"T022835",
"T023924",
"T020695",
"T023925",
"T021669",
"T018979",
"T027368",
"T027369",
"T027366",
"T027367",
"T027364",
"T027365",
"T027373",
"T027374",
"T027371",
"T027372",
"T027370",
"T023927",
"T023928",
"T022844",
"T022840",
"T022841",
"T024988",
"T025878",
"T021673",
"T027377",
"T027378",
"T021671",
"T027375",
"T021670",
"T027376",
"T027349",
"T024990"
],
"last_affected": [
"T027348"
]
},
"release_date": "2023-04-18T22:00:00.000+00:00",
"title": "CVE-2022-36033"
},
{
"cve": "CVE-2022-34169",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T027351",
"T027352",
"T027350",
"T027359",
"T027358",
"T027353",
"T027354",
"T027362",
"T027363",
"T027360",
"T027361",
"T020698",
"T022833",
"T022834",
"T023923",
"T020696",
"T022835",
"T023924",
"T020695",
"T023925",
"T021669",
"T018979",
"T027368",
"T027369",
"T027366",
"T027367",
"T027364",
"T027365",
"T027373",
"T027374",
"T027371",
"T027372",
"T027370",
"T023927",
"T023928",
"T022844",
"T022840",
"T022841",
"T024988",
"T025878",
"T021673",
"T027377",
"T027378",
"T021671",
"T027375",
"T021670",
"T027376",
"T027349",
"T024990"
],
"last_affected": [
"T027348"
]
},
"release_date": "2023-04-18T22:00:00.000+00:00",
"title": "CVE-2022-34169"
},
{
"cve": "CVE-2022-3171",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T027351",
"T027352",
"T027350",
"T027359",
"T027358",
"T027353",
"T027354",
"T027362",
"T027363",
"T027360",
"T027361",
"T020698",
"T022833",
"T022834",
"T023923",
"T020696",
"T022835",
"T023924",
"T020695",
"T023925",
"T021669",
"T018979",
"T027368",
"T027369",
"T027366",
"T027367",
"T027364",
"T027365",
"T027373",
"T027374",
"T027371",
"T027372",
"T027370",
"T023927",
"T023928",
"T022844",
"T022840",
"T022841",
"T024988",
"T025878",
"T021673",
"T027377",
"T027378",
"T021671",
"T027375",
"T021670",
"T027376",
"T027349",
"T024990"
],
"last_affected": [
"T027348"
]
},
"release_date": "2023-04-18T22:00:00.000+00:00",
"title": "CVE-2022-3171"
},
{
"cve": "CVE-2022-29577",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T027351",
"T027352",
"T027350",
"T027359",
"T027358",
"T027353",
"T027354",
"T027362",
"T027363",
"T027360",
"T027361",
"T020698",
"T022833",
"T022834",
"T023923",
"T020696",
"T022835",
"T023924",
"T020695",
"T023925",
"T021669",
"T018979",
"T027368",
"T027369",
"T027366",
"T027367",
"T027364",
"T027365",
"T027373",
"T027374",
"T027371",
"T027372",
"T027370",
"T023927",
"T023928",
"T022844",
"T022840",
"T022841",
"T024988",
"T025878",
"T021673",
"T027377",
"T027378",
"T021671",
"T027375",
"T021670",
"T027376",
"T027349",
"T024990"
],
"last_affected": [
"T027348"
]
},
"release_date": "2023-04-18T22:00:00.000+00:00",
"title": "CVE-2022-29577"
},
{
"cve": "CVE-2022-25647",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T027351",
"T027352",
"T027350",
"T027359",
"T027358",
"T027353",
"T027354",
"T027362",
"T027363",
"T027360",
"T027361",
"T020698",
"T022833",
"T022834",
"T023923",
"T020696",
"T022835",
"T023924",
"T020695",
"T023925",
"T021669",
"T018979",
"T027368",
"T027369",
"T027366",
"T027367",
"T027364",
"T027365",
"T027373",
"T027374",
"T027371",
"T027372",
"T027370",
"T023927",
"T023928",
"T022844",
"T022840",
"T022841",
"T024988",
"T025878",
"T021673",
"T027377",
"T027378",
"T021671",
"T027375",
"T021670",
"T027376",
"T027349",
"T024990"
],
"last_affected": [
"T027348"
]
},
"release_date": "2023-04-18T22:00:00.000+00:00",
"title": "CVE-2022-25647"
},
{
"cve": "CVE-2022-24839",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T027351",
"T027352",
"T027350",
"T027359",
"T027358",
"T027353",
"T027354",
"T027362",
"T027363",
"T027360",
"T027361",
"T020698",
"T022833",
"T022834",
"T023923",
"T020696",
"T022835",
"T023924",
"T020695",
"T023925",
"T021669",
"T018979",
"T027368",
"T027369",
"T027366",
"T027367",
"T027364",
"T027365",
"T027373",
"T027374",
"T027371",
"T027372",
"T027370",
"T023927",
"T023928",
"T022844",
"T022840",
"T022841",
"T024988",
"T025878",
"T021673",
"T027377",
"T027378",
"T021671",
"T027375",
"T021670",
"T027376",
"T027349",
"T024990"
],
"last_affected": [
"T027348"
]
},
"release_date": "2023-04-18T22:00:00.000+00:00",
"title": "CVE-2022-24839"
},
{
"cve": "CVE-2022-23437",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T027351",
"T027352",
"T027350",
"T027359",
"T027358",
"T027353",
"T027354",
"T027362",
"T027363",
"T027360",
"T027361",
"T020698",
"T022833",
"T022834",
"T023923",
"T020696",
"T022835",
"T023924",
"T020695",
"T023925",
"T021669",
"T018979",
"T027368",
"T027369",
"T027366",
"T027367",
"T027364",
"T027365",
"T027373",
"T027374",
"T027371",
"T027372",
"T027370",
"T023927",
"T023928",
"T022844",
"T022840",
"T022841",
"T024988",
"T025878",
"T021673",
"T027377",
"T027378",
"T021671",
"T027375",
"T021670",
"T027376",
"T027349",
"T024990"
],
"last_affected": [
"T027348"
]
},
"release_date": "2023-04-18T22:00:00.000+00:00",
"title": "CVE-2022-23437"
},
{
"cve": "CVE-2022-22979",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T027351",
"T027352",
"T027350",
"T027359",
"T027358",
"T027353",
"T027354",
"T027362",
"T027363",
"T027360",
"T027361",
"T020698",
"T022833",
"T022834",
"T023923",
"T020696",
"T022835",
"T023924",
"T020695",
"T023925",
"T021669",
"T018979",
"T027368",
"T027369",
"T027366",
"T027367",
"T027364",
"T027365",
"T027373",
"T027374",
"T027371",
"T027372",
"T027370",
"T023927",
"T023928",
"T022844",
"T022840",
"T022841",
"T024988",
"T025878",
"T021673",
"T027377",
"T027378",
"T021671",
"T027375",
"T021670",
"T027376",
"T027349",
"T024990"
],
"last_affected": [
"T027348"
]
},
"release_date": "2023-04-18T22:00:00.000+00:00",
"title": "CVE-2022-22979"
},
{
"cve": "CVE-2022-22978",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T027351",
"T027352",
"T027350",
"T027359",
"T027358",
"T027353",
"T027354",
"T027362",
"T027363",
"T027360",
"T027361",
"T020698",
"T022833",
"T022834",
"T023923",
"T020696",
"T022835",
"T023924",
"T020695",
"T023925",
"T021669",
"T018979",
"T027368",
"T027369",
"T027366",
"T027367",
"T027364",
"T027365",
"T027373",
"T027374",
"T027371",
"T027372",
"T027370",
"T023927",
"T023928",
"T022844",
"T022840",
"T022841",
"T024988",
"T025878",
"T021673",
"T027377",
"T027378",
"T021671",
"T027375",
"T021670",
"T027376",
"T027349",
"T024990"
],
"last_affected": [
"T027348"
]
},
"release_date": "2023-04-18T22:00:00.000+00:00",
"title": "CVE-2022-22978"
},
{
"cve": "CVE-2022-22971",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T027351",
"T027352",
"T027350",
"T027359",
"T027358",
"T027353",
"T027354",
"T027362",
"T027363",
"T027360",
"T027361",
"T020698",
"T022833",
"T022834",
"T023923",
"T020696",
"T022835",
"T023924",
"T020695",
"T023925",
"T021669",
"T018979",
"T027368",
"T027369",
"T027366",
"T027367",
"T027364",
"T027365",
"T027373",
"T027374",
"T027371",
"T027372",
"T027370",
"T023927",
"T023928",
"T022844",
"T022840",
"T022841",
"T024988",
"T025878",
"T021673",
"T027377",
"T027378",
"T021671",
"T027375",
"T021670",
"T027376",
"T027349",
"T024990"
],
"last_affected": [
"T027348"
]
},
"release_date": "2023-04-18T22:00:00.000+00:00",
"title": "CVE-2022-22971"
},
{
"cve": "CVE-2022-2048",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T027351",
"T027352",
"T027350",
"T027359",
"T027358",
"T027353",
"T027354",
"T027362",
"T027363",
"T027360",
"T027361",
"T020698",
"T022833",
"T022834",
"T023923",
"T020696",
"T022835",
"T023924",
"T020695",
"T023925",
"T021669",
"T018979",
"T027368",
"T027369",
"T027366",
"T027367",
"T027364",
"T027365",
"T027373",
"T027374",
"T027371",
"T027372",
"T027370",
"T023927",
"T023928",
"T022844",
"T022840",
"T022841",
"T024988",
"T025878",
"T021673",
"T027377",
"T027378",
"T021671",
"T027375",
"T021670",
"T027376",
"T027349",
"T024990"
],
"last_affected": [
"T027348"
]
},
"release_date": "2023-04-18T22:00:00.000+00:00",
"title": "CVE-2022-2048"
},
{
"cve": "CVE-2021-43859",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T027351",
"T027352",
"T027350",
"T027359",
"T027358",
"T027353",
"T027354",
"T027362",
"T027363",
"T027360",
"T027361",
"T020698",
"T022833",
"T022834",
"T023923",
"T020696",
"T022835",
"T023924",
"T020695",
"T023925",
"T021669",
"T018979",
"T027368",
"T027369",
"T027366",
"T027367",
"T027364",
"T027365",
"T027373",
"T027374",
"T027371",
"T027372",
"T027370",
"T023927",
"T023928",
"T022844",
"T022840",
"T022841",
"T024988",
"T025878",
"T021673",
"T027377",
"T027378",
"T021671",
"T027375",
"T021670",
"T027376",
"T027349",
"T024990"
],
"last_affected": [
"T027348"
]
},
"release_date": "2023-04-18T22:00:00.000+00:00",
"title": "CVE-2021-43859"
},
{
"cve": "CVE-2021-41184",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T027351",
"T027352",
"T027350",
"T027359",
"T027358",
"T027353",
"T027354",
"T027362",
"T027363",
"T027360",
"T027361",
"T020698",
"T022833",
"T022834",
"T023923",
"T020696",
"T022835",
"T023924",
"T020695",
"T023925",
"T021669",
"T018979",
"T027368",
"T027369",
"T027366",
"T027367",
"T027364",
"T027365",
"T027373",
"T027374",
"T027371",
"T027372",
"T027370",
"T023927",
"T023928",
"T022844",
"T022840",
"T022841",
"T024988",
"T025878",
"T021673",
"T027377",
"T027378",
"T021671",
"T027375",
"T021670",
"T027376",
"T027349",
"T024990"
],
"last_affected": [
"T027348"
]
},
"release_date": "2023-04-18T22:00:00.000+00:00",
"title": "CVE-2021-41184"
},
{
"cve": "CVE-2021-36090",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T027351",
"T027352",
"T027350",
"T027359",
"T027358",
"T027353",
"T027354",
"T027362",
"T027363",
"T027360",
"T027361",
"T020698",
"T022833",
"T022834",
"T023923",
"T020696",
"T022835",
"T023924",
"T020695",
"T023925",
"T021669",
"T018979",
"T027368",
"T027369",
"T027366",
"T027367",
"T027364",
"T027365",
"T027373",
"T027374",
"T027371",
"T027372",
"T027370",
"T023927",
"T023928",
"T022844",
"T022840",
"T022841",
"T024988",
"T025878",
"T021673",
"T027377",
"T027378",
"T021671",
"T027375",
"T021670",
"T027376",
"T027349",
"T024990"
],
"last_affected": [
"T027348"
]
},
"release_date": "2023-04-18T22:00:00.000+00:00",
"title": "CVE-2021-36090"
},
{
"cve": "CVE-2021-29425",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T027351",
"T027352",
"T027350",
"T027359",
"T027358",
"T027353",
"T027354",
"T027362",
"T027363",
"T027360",
"T027361",
"T020698",
"T022833",
"T022834",
"T023923",
"T020696",
"T022835",
"T023924",
"T020695",
"T023925",
"T021669",
"T018979",
"T027368",
"T027369",
"T027366",
"T027367",
"T027364",
"T027365",
"T027373",
"T027374",
"T027371",
"T027372",
"T027370",
"T023927",
"T023928",
"T022844",
"T022840",
"T022841",
"T024988",
"T025878",
"T021673",
"T027377",
"T027378",
"T021671",
"T027375",
"T021670",
"T027376",
"T027349",
"T024990"
],
"last_affected": [
"T027348"
]
},
"release_date": "2023-04-18T22:00:00.000+00:00",
"title": "CVE-2021-29425"
},
{
"cve": "CVE-2020-11988",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T027351",
"T027352",
"T027350",
"T027359",
"T027358",
"T027353",
"T027354",
"T027362",
"T027363",
"T027360",
"T027361",
"T020698",
"T022833",
"T022834",
"T023923",
"T020696",
"T022835",
"T023924",
"T020695",
"T023925",
"T021669",
"T018979",
"T027368",
"T027369",
"T027366",
"T027367",
"T027364",
"T027365",
"T027373",
"T027374",
"T027371",
"T027372",
"T027370",
"T023927",
"T023928",
"T022844",
"T022840",
"T022841",
"T024988",
"T025878",
"T021673",
"T027377",
"T027378",
"T021671",
"T027375",
"T021670",
"T027376",
"T027349",
"T024990"
],
"last_affected": [
"T027348"
]
},
"release_date": "2023-04-18T22:00:00.000+00:00",
"title": "CVE-2020-11988"
},
{
"cve": "CVE-2019-12415",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T027351",
"T027352",
"T027350",
"T027359",
"T027358",
"T027353",
"T027354",
"T027362",
"T027363",
"T027360",
"T027361",
"T020698",
"T022833",
"T022834",
"T023923",
"T020696",
"T022835",
"T023924",
"T020695",
"T023925",
"T021669",
"T018979",
"T027368",
"T027369",
"T027366",
"T027367",
"T027364",
"T027365",
"T027373",
"T027374",
"T027371",
"T027372",
"T027370",
"T023927",
"T023928",
"T022844",
"T022840",
"T022841",
"T024988",
"T025878",
"T021673",
"T027377",
"T027378",
"T021671",
"T027375",
"T021670",
"T027376",
"T027349",
"T024990"
],
"last_affected": [
"T027348"
]
},
"release_date": "2023-04-18T22:00:00.000+00:00",
"title": "CVE-2019-12415"
}
]
}
WID-SEC-W-2023-1808
Vulnerability from csaf_certbund - Published: 2023-07-18 22:00 - Updated: 2023-07-18 22:00Summary
Oracle Financial Services Applications: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Oracle Financial Services ist eine Zusammenstellung von Anwendungen für den Finanzsektor und eine Technologiebasis zur Erfüllung von IT- und Geschäftsanforderungen.
Angriff: Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Financial Services Applications ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme: - UNIX
- Linux
- Windows
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.2.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4
|
— | |
|
Oracle Financial Services Applications 8.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1
|
— | |
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
— | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
— | |
|
Oracle Financial Services Applications 8.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0
|
— | |
|
Oracle Financial Services Applications 8.0.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7
|
— | |
|
Oracle Financial Services Applications 14.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0
|
— | |
|
Oracle Financial Services Applications 8.1.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2
|
— | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
— | |
|
Oracle Financial Services Applications 14.6.0.3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.3.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.1.0
|
— | |
|
Oracle Financial Services Applications 14.6.0.4.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.4.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
— | |
|
Oracle Financial Services Applications 14.5.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.8.0
|
— | |
|
Oracle Financial Services Applications 14.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6
|
— | |
|
Oracle Financial Services Applications 19.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.1.0.0.0
|
— | |
|
Oracle Financial Services Applications 19.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 18.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 18.3.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.3.0.0.0
|
— | |
|
Oracle Financial Services Applications 8.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1
|
— | |
|
Oracle Financial Services Applications 14.7.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.1.0.0
|
— | |
|
Oracle Financial Services Applications 22.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.2.0
|
— | |
|
Oracle Financial Services Applications 21.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1.0.0.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2
|
— | |
|
Oracle Financial Services Applications 22.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1.0.0.0
|
— |
Last affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <= 14.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.3
|
— | |
|
Oracle Financial Services Applications <= 14.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7
|
— |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.2.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4
|
— | |
|
Oracle Financial Services Applications 8.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1
|
— | |
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
— | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
— | |
|
Oracle Financial Services Applications 8.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0
|
— | |
|
Oracle Financial Services Applications 8.0.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7
|
— | |
|
Oracle Financial Services Applications 14.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0
|
— | |
|
Oracle Financial Services Applications 8.1.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2
|
— | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
— | |
|
Oracle Financial Services Applications 14.6.0.3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.3.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.1.0
|
— | |
|
Oracle Financial Services Applications 14.6.0.4.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.4.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
— | |
|
Oracle Financial Services Applications 14.5.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.8.0
|
— | |
|
Oracle Financial Services Applications 14.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6
|
— | |
|
Oracle Financial Services Applications 19.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.1.0.0.0
|
— | |
|
Oracle Financial Services Applications 19.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 18.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 18.3.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.3.0.0.0
|
— | |
|
Oracle Financial Services Applications 8.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1
|
— | |
|
Oracle Financial Services Applications 14.7.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.1.0.0
|
— | |
|
Oracle Financial Services Applications 22.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.2.0
|
— | |
|
Oracle Financial Services Applications 21.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1.0.0.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2
|
— | |
|
Oracle Financial Services Applications 22.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1.0.0.0
|
— |
Last affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <= 14.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.3
|
— | |
|
Oracle Financial Services Applications <= 14.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7
|
— |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.2.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4
|
— | |
|
Oracle Financial Services Applications 8.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1
|
— | |
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
— | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
— | |
|
Oracle Financial Services Applications 8.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0
|
— | |
|
Oracle Financial Services Applications 8.0.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7
|
— | |
|
Oracle Financial Services Applications 14.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0
|
— | |
|
Oracle Financial Services Applications 8.1.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2
|
— | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
— | |
|
Oracle Financial Services Applications 14.6.0.3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.3.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.1.0
|
— | |
|
Oracle Financial Services Applications 14.6.0.4.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.4.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
— | |
|
Oracle Financial Services Applications 14.5.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.8.0
|
— | |
|
Oracle Financial Services Applications 14.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6
|
— | |
|
Oracle Financial Services Applications 19.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.1.0.0.0
|
— | |
|
Oracle Financial Services Applications 19.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 18.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 18.3.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.3.0.0.0
|
— | |
|
Oracle Financial Services Applications 8.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1
|
— | |
|
Oracle Financial Services Applications 14.7.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.1.0.0
|
— | |
|
Oracle Financial Services Applications 22.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.2.0
|
— | |
|
Oracle Financial Services Applications 21.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1.0.0.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2
|
— | |
|
Oracle Financial Services Applications 22.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1.0.0.0
|
— |
Last affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <= 14.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.3
|
— | |
|
Oracle Financial Services Applications <= 14.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7
|
— |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.2.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4
|
— | |
|
Oracle Financial Services Applications 8.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1
|
— | |
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
— | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
— | |
|
Oracle Financial Services Applications 8.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0
|
— | |
|
Oracle Financial Services Applications 8.0.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7
|
— | |
|
Oracle Financial Services Applications 14.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0
|
— | |
|
Oracle Financial Services Applications 8.1.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2
|
— | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
— | |
|
Oracle Financial Services Applications 14.6.0.3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.3.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.1.0
|
— | |
|
Oracle Financial Services Applications 14.6.0.4.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.4.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
— | |
|
Oracle Financial Services Applications 14.5.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.8.0
|
— | |
|
Oracle Financial Services Applications 14.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6
|
— | |
|
Oracle Financial Services Applications 19.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.1.0.0.0
|
— | |
|
Oracle Financial Services Applications 19.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 18.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 18.3.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.3.0.0.0
|
— | |
|
Oracle Financial Services Applications 8.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1
|
— | |
|
Oracle Financial Services Applications 14.7.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.1.0.0
|
— | |
|
Oracle Financial Services Applications 22.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.2.0
|
— | |
|
Oracle Financial Services Applications 21.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1.0.0.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2
|
— | |
|
Oracle Financial Services Applications 22.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1.0.0.0
|
— |
Last affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <= 14.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.3
|
— | |
|
Oracle Financial Services Applications <= 14.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7
|
— |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.2.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4
|
— | |
|
Oracle Financial Services Applications 8.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1
|
— | |
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
— | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
— | |
|
Oracle Financial Services Applications 8.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0
|
— | |
|
Oracle Financial Services Applications 8.0.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7
|
— | |
|
Oracle Financial Services Applications 14.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0
|
— | |
|
Oracle Financial Services Applications 8.1.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2
|
— | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
— | |
|
Oracle Financial Services Applications 14.6.0.3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.3.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.1.0
|
— | |
|
Oracle Financial Services Applications 14.6.0.4.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.4.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
— | |
|
Oracle Financial Services Applications 14.5.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.8.0
|
— | |
|
Oracle Financial Services Applications 14.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6
|
— | |
|
Oracle Financial Services Applications 19.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.1.0.0.0
|
— | |
|
Oracle Financial Services Applications 19.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 18.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 18.3.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.3.0.0.0
|
— | |
|
Oracle Financial Services Applications 8.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1
|
— | |
|
Oracle Financial Services Applications 14.7.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.1.0.0
|
— | |
|
Oracle Financial Services Applications 22.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.2.0
|
— | |
|
Oracle Financial Services Applications 21.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1.0.0.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2
|
— | |
|
Oracle Financial Services Applications 22.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1.0.0.0
|
— |
Last affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <= 14.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.3
|
— | |
|
Oracle Financial Services Applications <= 14.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7
|
— |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.2.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4
|
— | |
|
Oracle Financial Services Applications 8.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1
|
— | |
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
— | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
— | |
|
Oracle Financial Services Applications 8.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0
|
— | |
|
Oracle Financial Services Applications 8.0.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7
|
— | |
|
Oracle Financial Services Applications 14.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0
|
— | |
|
Oracle Financial Services Applications 8.1.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2
|
— | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
— | |
|
Oracle Financial Services Applications 14.6.0.3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.3.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.1.0
|
— | |
|
Oracle Financial Services Applications 14.6.0.4.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.4.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
— | |
|
Oracle Financial Services Applications 14.5.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.8.0
|
— | |
|
Oracle Financial Services Applications 14.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6
|
— | |
|
Oracle Financial Services Applications 19.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.1.0.0.0
|
— | |
|
Oracle Financial Services Applications 19.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 18.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 18.3.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.3.0.0.0
|
— | |
|
Oracle Financial Services Applications 8.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1
|
— | |
|
Oracle Financial Services Applications 14.7.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.1.0.0
|
— | |
|
Oracle Financial Services Applications 22.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.2.0
|
— | |
|
Oracle Financial Services Applications 21.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1.0.0.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2
|
— | |
|
Oracle Financial Services Applications 22.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1.0.0.0
|
— |
Last affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <= 14.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.3
|
— | |
|
Oracle Financial Services Applications <= 14.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7
|
— |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.2.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4
|
— | |
|
Oracle Financial Services Applications 8.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1
|
— | |
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
— | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
— | |
|
Oracle Financial Services Applications 8.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0
|
— | |
|
Oracle Financial Services Applications 8.0.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7
|
— | |
|
Oracle Financial Services Applications 14.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0
|
— | |
|
Oracle Financial Services Applications 8.1.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2
|
— | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
— | |
|
Oracle Financial Services Applications 14.6.0.3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.3.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.1.0
|
— | |
|
Oracle Financial Services Applications 14.6.0.4.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.4.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
— | |
|
Oracle Financial Services Applications 14.5.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.8.0
|
— | |
|
Oracle Financial Services Applications 14.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6
|
— | |
|
Oracle Financial Services Applications 19.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.1.0.0.0
|
— | |
|
Oracle Financial Services Applications 19.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 18.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 18.3.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.3.0.0.0
|
— | |
|
Oracle Financial Services Applications 8.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1
|
— | |
|
Oracle Financial Services Applications 14.7.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.1.0.0
|
— | |
|
Oracle Financial Services Applications 22.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.2.0
|
— | |
|
Oracle Financial Services Applications 21.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1.0.0.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2
|
— | |
|
Oracle Financial Services Applications 22.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1.0.0.0
|
— |
Last affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <= 14.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.3
|
— | |
|
Oracle Financial Services Applications <= 14.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7
|
— |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.2.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4
|
— | |
|
Oracle Financial Services Applications 8.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1
|
— | |
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
— | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
— | |
|
Oracle Financial Services Applications 8.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0
|
— | |
|
Oracle Financial Services Applications 8.0.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7
|
— | |
|
Oracle Financial Services Applications 14.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0
|
— | |
|
Oracle Financial Services Applications 8.1.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2
|
— | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
— | |
|
Oracle Financial Services Applications 14.6.0.3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.3.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.1.0
|
— | |
|
Oracle Financial Services Applications 14.6.0.4.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.4.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
— | |
|
Oracle Financial Services Applications 14.5.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.8.0
|
— | |
|
Oracle Financial Services Applications 14.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6
|
— | |
|
Oracle Financial Services Applications 19.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.1.0.0.0
|
— | |
|
Oracle Financial Services Applications 19.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 18.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 18.3.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.3.0.0.0
|
— | |
|
Oracle Financial Services Applications 8.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1
|
— | |
|
Oracle Financial Services Applications 14.7.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.1.0.0
|
— | |
|
Oracle Financial Services Applications 22.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.2.0
|
— | |
|
Oracle Financial Services Applications 21.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1.0.0.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2
|
— | |
|
Oracle Financial Services Applications 22.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1.0.0.0
|
— |
Last affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <= 14.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.3
|
— | |
|
Oracle Financial Services Applications <= 14.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7
|
— |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.2.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4
|
— | |
|
Oracle Financial Services Applications 8.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1
|
— | |
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
— | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
— | |
|
Oracle Financial Services Applications 8.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0
|
— | |
|
Oracle Financial Services Applications 8.0.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7
|
— | |
|
Oracle Financial Services Applications 14.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0
|
— | |
|
Oracle Financial Services Applications 8.1.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2
|
— | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
— | |
|
Oracle Financial Services Applications 14.6.0.3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.3.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.1.0
|
— | |
|
Oracle Financial Services Applications 14.6.0.4.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.4.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
— | |
|
Oracle Financial Services Applications 14.5.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.8.0
|
— | |
|
Oracle Financial Services Applications 14.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6
|
— | |
|
Oracle Financial Services Applications 19.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.1.0.0.0
|
— | |
|
Oracle Financial Services Applications 19.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 18.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 18.3.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.3.0.0.0
|
— | |
|
Oracle Financial Services Applications 8.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1
|
— | |
|
Oracle Financial Services Applications 14.7.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.1.0.0
|
— | |
|
Oracle Financial Services Applications 22.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.2.0
|
— | |
|
Oracle Financial Services Applications 21.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1.0.0.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2
|
— | |
|
Oracle Financial Services Applications 22.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1.0.0.0
|
— |
Last affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <= 14.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.3
|
— | |
|
Oracle Financial Services Applications <= 14.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7
|
— |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.2.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4
|
— | |
|
Oracle Financial Services Applications 8.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1
|
— | |
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
— | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
— | |
|
Oracle Financial Services Applications 8.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0
|
— | |
|
Oracle Financial Services Applications 8.0.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7
|
— | |
|
Oracle Financial Services Applications 14.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0
|
— | |
|
Oracle Financial Services Applications 8.1.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2
|
— | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
— | |
|
Oracle Financial Services Applications 14.6.0.3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.3.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.1.0
|
— | |
|
Oracle Financial Services Applications 14.6.0.4.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.4.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
— | |
|
Oracle Financial Services Applications 14.5.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.8.0
|
— | |
|
Oracle Financial Services Applications 14.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6
|
— | |
|
Oracle Financial Services Applications 19.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.1.0.0.0
|
— | |
|
Oracle Financial Services Applications 19.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 18.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 18.3.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.3.0.0.0
|
— | |
|
Oracle Financial Services Applications 8.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1
|
— | |
|
Oracle Financial Services Applications 14.7.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.1.0.0
|
— | |
|
Oracle Financial Services Applications 22.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.2.0
|
— | |
|
Oracle Financial Services Applications 21.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1.0.0.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2
|
— | |
|
Oracle Financial Services Applications 22.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1.0.0.0
|
— |
Last affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <= 14.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.3
|
— | |
|
Oracle Financial Services Applications <= 14.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7
|
— |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.2.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4
|
— | |
|
Oracle Financial Services Applications 8.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1
|
— | |
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
— | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
— | |
|
Oracle Financial Services Applications 8.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0
|
— | |
|
Oracle Financial Services Applications 8.0.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7
|
— | |
|
Oracle Financial Services Applications 14.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0
|
— | |
|
Oracle Financial Services Applications 8.1.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2
|
— | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
— | |
|
Oracle Financial Services Applications 14.6.0.3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.3.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.1.0
|
— | |
|
Oracle Financial Services Applications 14.6.0.4.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.4.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
— | |
|
Oracle Financial Services Applications 14.5.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.8.0
|
— | |
|
Oracle Financial Services Applications 14.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6
|
— | |
|
Oracle Financial Services Applications 19.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.1.0.0.0
|
— | |
|
Oracle Financial Services Applications 19.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 18.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 18.3.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.3.0.0.0
|
— | |
|
Oracle Financial Services Applications 8.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1
|
— | |
|
Oracle Financial Services Applications 14.7.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.1.0.0
|
— | |
|
Oracle Financial Services Applications 22.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.2.0
|
— | |
|
Oracle Financial Services Applications 21.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1.0.0.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2
|
— | |
|
Oracle Financial Services Applications 22.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1.0.0.0
|
— |
Last affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <= 14.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.3
|
— | |
|
Oracle Financial Services Applications <= 14.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7
|
— |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.2.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4
|
— | |
|
Oracle Financial Services Applications 8.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1
|
— | |
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
— | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
— | |
|
Oracle Financial Services Applications 8.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0
|
— | |
|
Oracle Financial Services Applications 8.0.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7
|
— | |
|
Oracle Financial Services Applications 14.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0
|
— | |
|
Oracle Financial Services Applications 8.1.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2
|
— | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
— | |
|
Oracle Financial Services Applications 14.6.0.3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.3.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.1.0
|
— | |
|
Oracle Financial Services Applications 14.6.0.4.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.4.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
— | |
|
Oracle Financial Services Applications 14.5.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.8.0
|
— | |
|
Oracle Financial Services Applications 14.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6
|
— | |
|
Oracle Financial Services Applications 19.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.1.0.0.0
|
— | |
|
Oracle Financial Services Applications 19.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 18.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 18.3.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.3.0.0.0
|
— | |
|
Oracle Financial Services Applications 8.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1
|
— | |
|
Oracle Financial Services Applications 14.7.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.1.0.0
|
— | |
|
Oracle Financial Services Applications 22.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.2.0
|
— | |
|
Oracle Financial Services Applications 21.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1.0.0.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2
|
— | |
|
Oracle Financial Services Applications 22.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1.0.0.0
|
— |
Last affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <= 14.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.3
|
— | |
|
Oracle Financial Services Applications <= 14.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7
|
— |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.2.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4
|
— | |
|
Oracle Financial Services Applications 8.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1
|
— | |
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
— | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
— | |
|
Oracle Financial Services Applications 8.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0
|
— | |
|
Oracle Financial Services Applications 8.0.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7
|
— | |
|
Oracle Financial Services Applications 14.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0
|
— | |
|
Oracle Financial Services Applications 8.1.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2
|
— | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
— | |
|
Oracle Financial Services Applications 14.6.0.3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.3.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.1.0
|
— | |
|
Oracle Financial Services Applications 14.6.0.4.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.4.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
— | |
|
Oracle Financial Services Applications 14.5.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.8.0
|
— | |
|
Oracle Financial Services Applications 14.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6
|
— | |
|
Oracle Financial Services Applications 19.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.1.0.0.0
|
— | |
|
Oracle Financial Services Applications 19.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 18.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 18.3.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.3.0.0.0
|
— | |
|
Oracle Financial Services Applications 8.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1
|
— | |
|
Oracle Financial Services Applications 14.7.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.1.0.0
|
— | |
|
Oracle Financial Services Applications 22.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.2.0
|
— | |
|
Oracle Financial Services Applications 21.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1.0.0.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2
|
— | |
|
Oracle Financial Services Applications 22.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1.0.0.0
|
— |
Last affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <= 14.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.3
|
— | |
|
Oracle Financial Services Applications <= 14.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7
|
— |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.2.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4
|
— | |
|
Oracle Financial Services Applications 8.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1
|
— | |
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
— | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
— | |
|
Oracle Financial Services Applications 8.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0
|
— | |
|
Oracle Financial Services Applications 8.0.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7
|
— | |
|
Oracle Financial Services Applications 14.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0
|
— | |
|
Oracle Financial Services Applications 8.1.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2
|
— | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
— | |
|
Oracle Financial Services Applications 14.6.0.3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.3.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.1.0
|
— | |
|
Oracle Financial Services Applications 14.6.0.4.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.4.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
— | |
|
Oracle Financial Services Applications 14.5.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.8.0
|
— | |
|
Oracle Financial Services Applications 14.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6
|
— | |
|
Oracle Financial Services Applications 19.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.1.0.0.0
|
— | |
|
Oracle Financial Services Applications 19.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 18.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 18.3.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.3.0.0.0
|
— | |
|
Oracle Financial Services Applications 8.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1
|
— | |
|
Oracle Financial Services Applications 14.7.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.1.0.0
|
— | |
|
Oracle Financial Services Applications 22.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.2.0
|
— | |
|
Oracle Financial Services Applications 21.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1.0.0.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2
|
— | |
|
Oracle Financial Services Applications 22.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1.0.0.0
|
— |
Last affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <= 14.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.3
|
— | |
|
Oracle Financial Services Applications <= 14.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7
|
— |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.2.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4
|
— | |
|
Oracle Financial Services Applications 8.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1
|
— | |
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
— | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
— | |
|
Oracle Financial Services Applications 8.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0
|
— | |
|
Oracle Financial Services Applications 8.0.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7
|
— | |
|
Oracle Financial Services Applications 14.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0
|
— | |
|
Oracle Financial Services Applications 8.1.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2
|
— | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
— | |
|
Oracle Financial Services Applications 14.6.0.3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.3.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.1.0
|
— | |
|
Oracle Financial Services Applications 14.6.0.4.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.4.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
— | |
|
Oracle Financial Services Applications 14.5.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.8.0
|
— | |
|
Oracle Financial Services Applications 14.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6
|
— | |
|
Oracle Financial Services Applications 19.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.1.0.0.0
|
— | |
|
Oracle Financial Services Applications 19.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 18.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 18.3.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.3.0.0.0
|
— | |
|
Oracle Financial Services Applications 8.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1
|
— | |
|
Oracle Financial Services Applications 14.7.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.1.0.0
|
— | |
|
Oracle Financial Services Applications 22.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.2.0
|
— | |
|
Oracle Financial Services Applications 21.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1.0.0.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2
|
— | |
|
Oracle Financial Services Applications 22.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1.0.0.0
|
— |
Last affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <= 14.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.3
|
— | |
|
Oracle Financial Services Applications <= 14.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7
|
— |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.2.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4
|
— | |
|
Oracle Financial Services Applications 8.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1
|
— | |
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
— | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
— | |
|
Oracle Financial Services Applications 8.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0
|
— | |
|
Oracle Financial Services Applications 8.0.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7
|
— | |
|
Oracle Financial Services Applications 14.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0
|
— | |
|
Oracle Financial Services Applications 8.1.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2
|
— | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
— | |
|
Oracle Financial Services Applications 14.6.0.3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.3.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.1.0
|
— | |
|
Oracle Financial Services Applications 14.6.0.4.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.4.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
— | |
|
Oracle Financial Services Applications 14.5.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.8.0
|
— | |
|
Oracle Financial Services Applications 14.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6
|
— | |
|
Oracle Financial Services Applications 19.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.1.0.0.0
|
— | |
|
Oracle Financial Services Applications 19.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 18.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 18.3.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.3.0.0.0
|
— | |
|
Oracle Financial Services Applications 8.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1
|
— | |
|
Oracle Financial Services Applications 14.7.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.1.0.0
|
— | |
|
Oracle Financial Services Applications 22.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.2.0
|
— | |
|
Oracle Financial Services Applications 21.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1.0.0.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2
|
— | |
|
Oracle Financial Services Applications 22.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1.0.0.0
|
— |
Last affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <= 14.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.3
|
— | |
|
Oracle Financial Services Applications <= 14.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7
|
— |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.2.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4
|
— | |
|
Oracle Financial Services Applications 8.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1
|
— | |
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
— | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
— | |
|
Oracle Financial Services Applications 8.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0
|
— | |
|
Oracle Financial Services Applications 8.0.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7
|
— | |
|
Oracle Financial Services Applications 14.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0
|
— | |
|
Oracle Financial Services Applications 8.1.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2
|
— | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
— | |
|
Oracle Financial Services Applications 14.6.0.3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.3.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.1.0
|
— | |
|
Oracle Financial Services Applications 14.6.0.4.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.4.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
— | |
|
Oracle Financial Services Applications 14.5.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.8.0
|
— | |
|
Oracle Financial Services Applications 14.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6
|
— | |
|
Oracle Financial Services Applications 19.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.1.0.0.0
|
— | |
|
Oracle Financial Services Applications 19.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 18.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 18.3.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.3.0.0.0
|
— | |
|
Oracle Financial Services Applications 8.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1
|
— | |
|
Oracle Financial Services Applications 14.7.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.1.0.0
|
— | |
|
Oracle Financial Services Applications 22.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.2.0
|
— | |
|
Oracle Financial Services Applications 21.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1.0.0.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2
|
— | |
|
Oracle Financial Services Applications 22.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1.0.0.0
|
— |
Last affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <= 14.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.3
|
— | |
|
Oracle Financial Services Applications <= 14.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7
|
— |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.2.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4
|
— | |
|
Oracle Financial Services Applications 8.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1
|
— | |
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
— | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
— | |
|
Oracle Financial Services Applications 8.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0
|
— | |
|
Oracle Financial Services Applications 8.0.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7
|
— | |
|
Oracle Financial Services Applications 14.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0
|
— | |
|
Oracle Financial Services Applications 8.1.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2
|
— | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
— | |
|
Oracle Financial Services Applications 14.6.0.3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.3.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.1.0
|
— | |
|
Oracle Financial Services Applications 14.6.0.4.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.4.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
— | |
|
Oracle Financial Services Applications 14.5.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.8.0
|
— | |
|
Oracle Financial Services Applications 14.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6
|
— | |
|
Oracle Financial Services Applications 19.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.1.0.0.0
|
— | |
|
Oracle Financial Services Applications 19.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 18.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 18.3.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.3.0.0.0
|
— | |
|
Oracle Financial Services Applications 8.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1
|
— | |
|
Oracle Financial Services Applications 14.7.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.1.0.0
|
— | |
|
Oracle Financial Services Applications 22.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.2.0
|
— | |
|
Oracle Financial Services Applications 21.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1.0.0.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2
|
— | |
|
Oracle Financial Services Applications 22.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1.0.0.0
|
— |
Last affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <= 14.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.3
|
— | |
|
Oracle Financial Services Applications <= 14.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7
|
— |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.2.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4
|
— | |
|
Oracle Financial Services Applications 8.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1
|
— | |
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
— | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
— | |
|
Oracle Financial Services Applications 8.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0
|
— | |
|
Oracle Financial Services Applications 8.0.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7
|
— | |
|
Oracle Financial Services Applications 14.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0
|
— | |
|
Oracle Financial Services Applications 8.1.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2
|
— | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
— | |
|
Oracle Financial Services Applications 14.6.0.3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.3.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.1.0
|
— | |
|
Oracle Financial Services Applications 14.6.0.4.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.4.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
— | |
|
Oracle Financial Services Applications 14.5.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.8.0
|
— | |
|
Oracle Financial Services Applications 14.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6
|
— | |
|
Oracle Financial Services Applications 19.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.1.0.0.0
|
— | |
|
Oracle Financial Services Applications 19.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 18.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 18.3.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.3.0.0.0
|
— | |
|
Oracle Financial Services Applications 8.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1
|
— | |
|
Oracle Financial Services Applications 14.7.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.1.0.0
|
— | |
|
Oracle Financial Services Applications 22.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.2.0
|
— | |
|
Oracle Financial Services Applications 21.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1.0.0.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2
|
— | |
|
Oracle Financial Services Applications 22.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1.0.0.0
|
— |
Last affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <= 14.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.3
|
— | |
|
Oracle Financial Services Applications <= 14.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7
|
— |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.2.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4
|
— | |
|
Oracle Financial Services Applications 8.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1
|
— | |
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
— | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
— | |
|
Oracle Financial Services Applications 8.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0
|
— | |
|
Oracle Financial Services Applications 8.0.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7
|
— | |
|
Oracle Financial Services Applications 14.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0
|
— | |
|
Oracle Financial Services Applications 8.1.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2
|
— | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
— | |
|
Oracle Financial Services Applications 14.6.0.3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.3.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.1.0
|
— | |
|
Oracle Financial Services Applications 14.6.0.4.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.4.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
— | |
|
Oracle Financial Services Applications 14.5.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.8.0
|
— | |
|
Oracle Financial Services Applications 14.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6
|
— | |
|
Oracle Financial Services Applications 19.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.1.0.0.0
|
— | |
|
Oracle Financial Services Applications 19.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 18.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 18.3.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.3.0.0.0
|
— | |
|
Oracle Financial Services Applications 8.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1
|
— | |
|
Oracle Financial Services Applications 14.7.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.1.0.0
|
— | |
|
Oracle Financial Services Applications 22.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.2.0
|
— | |
|
Oracle Financial Services Applications 21.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1.0.0.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2
|
— | |
|
Oracle Financial Services Applications 22.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1.0.0.0
|
— |
Last affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <= 14.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.3
|
— | |
|
Oracle Financial Services Applications <= 14.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7
|
— |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.2.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4
|
— | |
|
Oracle Financial Services Applications 8.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1
|
— | |
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
— | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
— | |
|
Oracle Financial Services Applications 8.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0
|
— | |
|
Oracle Financial Services Applications 8.0.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7
|
— | |
|
Oracle Financial Services Applications 14.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0
|
— | |
|
Oracle Financial Services Applications 8.1.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2
|
— | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
— | |
|
Oracle Financial Services Applications 14.6.0.3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.3.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.1.0
|
— | |
|
Oracle Financial Services Applications 14.6.0.4.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.4.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
— | |
|
Oracle Financial Services Applications 14.5.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.8.0
|
— | |
|
Oracle Financial Services Applications 14.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6
|
— | |
|
Oracle Financial Services Applications 19.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.1.0.0.0
|
— | |
|
Oracle Financial Services Applications 19.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 18.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 18.3.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.3.0.0.0
|
— | |
|
Oracle Financial Services Applications 8.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1
|
— | |
|
Oracle Financial Services Applications 14.7.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.1.0.0
|
— | |
|
Oracle Financial Services Applications 22.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.2.0
|
— | |
|
Oracle Financial Services Applications 21.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1.0.0.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2
|
— | |
|
Oracle Financial Services Applications 22.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1.0.0.0
|
— |
Last affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <= 14.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.3
|
— | |
|
Oracle Financial Services Applications <= 14.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7
|
— |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.2.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4
|
— | |
|
Oracle Financial Services Applications 8.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1
|
— | |
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
— | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
— | |
|
Oracle Financial Services Applications 8.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0
|
— | |
|
Oracle Financial Services Applications 8.0.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7
|
— | |
|
Oracle Financial Services Applications 14.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0
|
— | |
|
Oracle Financial Services Applications 8.1.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2
|
— | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
— | |
|
Oracle Financial Services Applications 14.6.0.3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.3.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.1.0
|
— | |
|
Oracle Financial Services Applications 14.6.0.4.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.4.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
— | |
|
Oracle Financial Services Applications 14.5.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.8.0
|
— | |
|
Oracle Financial Services Applications 14.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6
|
— | |
|
Oracle Financial Services Applications 19.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.1.0.0.0
|
— | |
|
Oracle Financial Services Applications 19.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 18.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 18.3.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.3.0.0.0
|
— | |
|
Oracle Financial Services Applications 8.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1
|
— | |
|
Oracle Financial Services Applications 14.7.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.1.0.0
|
— | |
|
Oracle Financial Services Applications 22.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.2.0
|
— | |
|
Oracle Financial Services Applications 21.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1.0.0.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2
|
— | |
|
Oracle Financial Services Applications 22.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1.0.0.0
|
— |
Last affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <= 14.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.3
|
— | |
|
Oracle Financial Services Applications <= 14.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7
|
— |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.2.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4
|
— | |
|
Oracle Financial Services Applications 8.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1
|
— | |
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
— | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
— | |
|
Oracle Financial Services Applications 8.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0
|
— | |
|
Oracle Financial Services Applications 8.0.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7
|
— | |
|
Oracle Financial Services Applications 14.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0
|
— | |
|
Oracle Financial Services Applications 8.1.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2
|
— | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
— | |
|
Oracle Financial Services Applications 14.6.0.3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.3.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.1.0
|
— | |
|
Oracle Financial Services Applications 14.6.0.4.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.4.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
— | |
|
Oracle Financial Services Applications 14.5.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.8.0
|
— | |
|
Oracle Financial Services Applications 14.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6
|
— | |
|
Oracle Financial Services Applications 19.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.1.0.0.0
|
— | |
|
Oracle Financial Services Applications 19.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 18.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 18.3.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.3.0.0.0
|
— | |
|
Oracle Financial Services Applications 8.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1
|
— | |
|
Oracle Financial Services Applications 14.7.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.1.0.0
|
— | |
|
Oracle Financial Services Applications 22.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.2.0
|
— | |
|
Oracle Financial Services Applications 21.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1.0.0.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2
|
— | |
|
Oracle Financial Services Applications 22.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1.0.0.0
|
— |
Last affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <= 14.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.3
|
— | |
|
Oracle Financial Services Applications <= 14.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7
|
— |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.2.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4
|
— | |
|
Oracle Financial Services Applications 8.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1
|
— | |
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
— | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
— | |
|
Oracle Financial Services Applications 8.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0
|
— | |
|
Oracle Financial Services Applications 8.0.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7
|
— | |
|
Oracle Financial Services Applications 14.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0
|
— | |
|
Oracle Financial Services Applications 8.1.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2
|
— | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
— | |
|
Oracle Financial Services Applications 14.6.0.3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.3.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.1.0
|
— | |
|
Oracle Financial Services Applications 14.6.0.4.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.4.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
— | |
|
Oracle Financial Services Applications 14.5.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.8.0
|
— | |
|
Oracle Financial Services Applications 14.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6
|
— | |
|
Oracle Financial Services Applications 19.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.1.0.0.0
|
— | |
|
Oracle Financial Services Applications 19.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 18.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 18.3.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.3.0.0.0
|
— | |
|
Oracle Financial Services Applications 8.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1
|
— | |
|
Oracle Financial Services Applications 14.7.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.1.0.0
|
— | |
|
Oracle Financial Services Applications 22.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.2.0
|
— | |
|
Oracle Financial Services Applications 21.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1.0.0.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2
|
— | |
|
Oracle Financial Services Applications 22.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1.0.0.0
|
— |
Last affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <= 14.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.3
|
— | |
|
Oracle Financial Services Applications <= 14.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7
|
— |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.2.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4
|
— | |
|
Oracle Financial Services Applications 8.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1
|
— | |
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
— | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
— | |
|
Oracle Financial Services Applications 8.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0
|
— | |
|
Oracle Financial Services Applications 8.0.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7
|
— | |
|
Oracle Financial Services Applications 14.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0
|
— | |
|
Oracle Financial Services Applications 8.1.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2
|
— | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
— | |
|
Oracle Financial Services Applications 14.6.0.3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.3.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.1.0
|
— | |
|
Oracle Financial Services Applications 14.6.0.4.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.4.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
— | |
|
Oracle Financial Services Applications 14.5.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.8.0
|
— | |
|
Oracle Financial Services Applications 14.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6
|
— | |
|
Oracle Financial Services Applications 19.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.1.0.0.0
|
— | |
|
Oracle Financial Services Applications 19.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 18.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 18.3.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.3.0.0.0
|
— | |
|
Oracle Financial Services Applications 8.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1
|
— | |
|
Oracle Financial Services Applications 14.7.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.1.0.0
|
— | |
|
Oracle Financial Services Applications 22.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.2.0
|
— | |
|
Oracle Financial Services Applications 21.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1.0.0.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2
|
— | |
|
Oracle Financial Services Applications 22.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1.0.0.0
|
— |
Last affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <= 14.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.3
|
— | |
|
Oracle Financial Services Applications <= 14.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7
|
— |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.2.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4
|
— | |
|
Oracle Financial Services Applications 8.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1
|
— | |
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
— | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
— | |
|
Oracle Financial Services Applications 8.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0
|
— | |
|
Oracle Financial Services Applications 8.0.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7
|
— | |
|
Oracle Financial Services Applications 14.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0
|
— | |
|
Oracle Financial Services Applications 8.1.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2
|
— | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
— | |
|
Oracle Financial Services Applications 14.6.0.3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.3.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.1.0
|
— | |
|
Oracle Financial Services Applications 14.6.0.4.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.4.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
— | |
|
Oracle Financial Services Applications 14.5.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.8.0
|
— | |
|
Oracle Financial Services Applications 14.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6
|
— | |
|
Oracle Financial Services Applications 19.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.1.0.0.0
|
— | |
|
Oracle Financial Services Applications 19.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 18.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 18.3.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.3.0.0.0
|
— | |
|
Oracle Financial Services Applications 8.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1
|
— | |
|
Oracle Financial Services Applications 14.7.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.1.0.0
|
— | |
|
Oracle Financial Services Applications 22.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.2.0
|
— | |
|
Oracle Financial Services Applications 21.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1.0.0.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2
|
— | |
|
Oracle Financial Services Applications 22.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1.0.0.0
|
— |
Last affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <= 14.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.3
|
— | |
|
Oracle Financial Services Applications <= 14.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7
|
— |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.2.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.4
|
— | |
|
Oracle Financial Services Applications 8.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1
|
— | |
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
— | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
— | |
|
Oracle Financial Services Applications 8.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.0
|
— | |
|
Oracle Financial Services Applications 8.0.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7
|
— | |
|
Oracle Financial Services Applications 14.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0
|
— | |
|
Oracle Financial Services Applications 8.1.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2
|
— | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
— | |
|
Oracle Financial Services Applications 14.6.0.3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.3.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.1.0
|
— | |
|
Oracle Financial Services Applications 14.6.0.4.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.4.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
— | |
|
Oracle Financial Services Applications 14.5.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.8.0
|
— | |
|
Oracle Financial Services Applications 14.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6
|
— | |
|
Oracle Financial Services Applications 19.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.1.0.0.0
|
— | |
|
Oracle Financial Services Applications 19.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:19.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 18.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 18.3.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:18.3.0.0.0
|
— | |
|
Oracle Financial Services Applications 8.1.1.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.1
|
— | |
|
Oracle Financial Services Applications 14.7.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.1.0.0
|
— | |
|
Oracle Financial Services Applications 22.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2.0.0.0
|
— | |
|
Oracle Financial Services Applications 14.7.0.2.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.2.0
|
— | |
|
Oracle Financial Services Applications 21.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1.0.0.0
|
— | |
|
Oracle Financial Services Applications 8.0.8.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.2
|
— | |
|
Oracle Financial Services Applications 22.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1.0.0.0
|
— |
Last affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <= 14.3
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.3
|
— | |
|
Oracle Financial Services Applications <= 14.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7
|
— |
References
3 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Oracle Financial Services ist eine Zusammenstellung von Anwendungen f\u00fcr den Finanzsektor und eine Technologiebasis zur Erf\u00fcllung von IT- und Gesch\u00e4ftsanforderungen.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Financial Services Applications ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- UNIX\n- Linux\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-1808 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1808.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-1808 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1808"
},
{
"category": "external",
"summary": "Oracle Critical Patch Update Advisory - July 2023 - Appendix Oracle Financial Services Applications vom 2023-07-18",
"url": "https://www.oracle.com/security-alerts/cpujul2023.html#AppendixIFLX"
}
],
"source_lang": "en-US",
"title": "Oracle Financial Services Applications: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2023-07-18T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:55:51.752+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2023-1808",
"initial_release_date": "2023-07-18T22:00:00.000+00:00",
"revision_history": [
{
"date": "2023-07-18T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Oracle Financial Services Applications 8.1.0",
"product": {
"name": "Oracle Financial Services Applications 8.1.0",
"product_id": "T018983",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.1.0"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications \u003c= 14.3",
"product": {
"name": "Oracle Financial Services Applications \u003c= 14.3",
"product_id": "T019887",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:14.3"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 8.1.1",
"product": {
"name": "Oracle Financial Services Applications 8.1.1",
"product_id": "T019891",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.1.1"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 8.0.7",
"product": {
"name": "Oracle Financial Services Applications 8.0.7",
"product_id": "T021676",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.0.7"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 8.0.8",
"product": {
"name": "Oracle Financial Services Applications 8.0.8",
"product_id": "T021677",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.0.8"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 8.1.1.1",
"product": {
"name": "Oracle Financial Services Applications 8.1.1.1",
"product_id": "T022835",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.1.1.1"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 8.0.8.1",
"product": {
"name": "Oracle Financial Services Applications 8.0.8.1",
"product_id": "T022844",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.0.8.1"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 8.0.8.2",
"product": {
"name": "Oracle Financial Services Applications 8.0.8.2",
"product_id": "T024990",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.0.8.2"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications \u003c= 14.7",
"product": {
"name": "Oracle Financial Services Applications \u003c= 14.7",
"product_id": "T027348",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:14.7"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 8.1.2.4",
"product": {
"name": "Oracle Financial Services Applications 8.1.2.4",
"product_id": "T027351",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.1.2.4"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 14.6",
"product": {
"name": "Oracle Financial Services Applications 14.6",
"product_id": "T027355",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:14.6"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 18.2.0.0.0",
"product": {
"name": "Oracle Financial Services Applications 18.2.0.0.0",
"product_id": "T028691",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:18.2.0.0.0"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 18.3.0.0.0",
"product": {
"name": "Oracle Financial Services Applications 18.3.0.0.0",
"product_id": "T028692",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:18.3.0.0.0"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 19.1.0.0.0",
"product": {
"name": "Oracle Financial Services Applications 19.1.0.0.0",
"product_id": "T028693",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:19.1.0.0.0"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 19.2.0.0.0",
"product": {
"name": "Oracle Financial Services Applications 19.2.0.0.0",
"product_id": "T028694",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:19.2.0.0.0"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 21.1.0.0.0",
"product": {
"name": "Oracle Financial Services Applications 21.1.0.0.0",
"product_id": "T028695",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:21.1.0.0.0"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 22.1.0.0.0",
"product": {
"name": "Oracle Financial Services Applications 22.1.0.0.0",
"product_id": "T028696",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:22.1.0.0.0"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 22.2.0.0.0",
"product": {
"name": "Oracle Financial Services Applications 22.2.0.0.0",
"product_id": "T028697",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:22.2.0.0.0"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 14.7.0.2.0",
"product": {
"name": "Oracle Financial Services Applications 14.7.0.2.0",
"product_id": "T028698",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:14.7.0.2.0"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 14.7.1.0.0",
"product": {
"name": "Oracle Financial Services Applications 14.7.1.0.0",
"product_id": "T028699",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:14.7.1.0.0"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 14.5.0.8.0",
"product": {
"name": "Oracle Financial Services Applications 14.5.0.8.0",
"product_id": "T028700",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:14.5.0.8.0"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 14.6.0.4.0",
"product": {
"name": "Oracle Financial Services Applications 14.6.0.4.0",
"product_id": "T028701",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:14.6.0.4.0"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 14.7.0.0.0",
"product": {
"name": "Oracle Financial Services Applications 14.7.0.0.0",
"product_id": "T028702",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:14.7.0.0.0"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 14.6.0.3.0",
"product": {
"name": "Oracle Financial Services Applications 14.6.0.3.0",
"product_id": "T028703",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:14.6.0.3.0"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 14.7.0.1.0",
"product": {
"name": "Oracle Financial Services Applications 14.7.0.1.0",
"product_id": "T028704",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:14.7.0.1.0"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 8.1.2",
"product": {
"name": "Oracle Financial Services Applications 8.1.2",
"product_id": "T028705",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.1.2"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 8.1.2.5",
"product": {
"name": "Oracle Financial Services Applications 8.1.2.5",
"product_id": "T028706",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.1.2.5"
}
}
},
{
"category": "product_name",
"name": "Oracle Financial Services Applications 14.7.0",
"product": {
"name": "Oracle Financial Services Applications 14.7.0",
"product_id": "T028707",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:14.7.0"
}
}
}
],
"category": "product_name",
"name": "Financial Services Applications"
}
],
"category": "vendor",
"name": "Oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-28708",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T027351",
"T019891",
"T021677",
"T022844",
"T018983",
"T021676",
"T028707",
"T028705",
"T028706",
"T028703",
"T028704",
"T028701",
"T028702",
"T028700",
"T027355",
"T028693",
"T028694",
"T028691",
"T028692",
"T022835",
"T028699",
"T028697",
"T028698",
"T028695",
"T024990",
"T028696"
],
"last_affected": [
"T019887",
"T027348"
]
},
"release_date": "2023-07-18T22:00:00.000+00:00",
"title": "CVE-2023-28708"
},
{
"cve": "CVE-2023-28439",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T027351",
"T019891",
"T021677",
"T022844",
"T018983",
"T021676",
"T028707",
"T028705",
"T028706",
"T028703",
"T028704",
"T028701",
"T028702",
"T028700",
"T027355",
"T028693",
"T028694",
"T028691",
"T028692",
"T022835",
"T028699",
"T028697",
"T028698",
"T028695",
"T024990",
"T028696"
],
"last_affected": [
"T019887",
"T027348"
]
},
"release_date": "2023-07-18T22:00:00.000+00:00",
"title": "CVE-2023-28439"
},
{
"cve": "CVE-2023-25194",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T027351",
"T019891",
"T021677",
"T022844",
"T018983",
"T021676",
"T028707",
"T028705",
"T028706",
"T028703",
"T028704",
"T028701",
"T028702",
"T028700",
"T027355",
"T028693",
"T028694",
"T028691",
"T028692",
"T022835",
"T028699",
"T028697",
"T028698",
"T028695",
"T024990",
"T028696"
],
"last_affected": [
"T019887",
"T027348"
]
},
"release_date": "2023-07-18T22:00:00.000+00:00",
"title": "CVE-2023-25194"
},
{
"cve": "CVE-2023-24998",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T027351",
"T019891",
"T021677",
"T022844",
"T018983",
"T021676",
"T028707",
"T028705",
"T028706",
"T028703",
"T028704",
"T028701",
"T028702",
"T028700",
"T027355",
"T028693",
"T028694",
"T028691",
"T028692",
"T022835",
"T028699",
"T028697",
"T028698",
"T028695",
"T024990",
"T028696"
],
"last_affected": [
"T019887",
"T027348"
]
},
"release_date": "2023-07-18T22:00:00.000+00:00",
"title": "CVE-2023-24998"
},
{
"cve": "CVE-2023-20863",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T027351",
"T019891",
"T021677",
"T022844",
"T018983",
"T021676",
"T028707",
"T028705",
"T028706",
"T028703",
"T028704",
"T028701",
"T028702",
"T028700",
"T027355",
"T028693",
"T028694",
"T028691",
"T028692",
"T022835",
"T028699",
"T028697",
"T028698",
"T028695",
"T024990",
"T028696"
],
"last_affected": [
"T019887",
"T027348"
]
},
"release_date": "2023-07-18T22:00:00.000+00:00",
"title": "CVE-2023-20863"
},
{
"cve": "CVE-2023-20861",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T027351",
"T019891",
"T021677",
"T022844",
"T018983",
"T021676",
"T028707",
"T028705",
"T028706",
"T028703",
"T028704",
"T028701",
"T028702",
"T028700",
"T027355",
"T028693",
"T028694",
"T028691",
"T028692",
"T022835",
"T028699",
"T028697",
"T028698",
"T028695",
"T024990",
"T028696"
],
"last_affected": [
"T019887",
"T027348"
]
},
"release_date": "2023-07-18T22:00:00.000+00:00",
"title": "CVE-2023-20861"
},
{
"cve": "CVE-2023-1436",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T027351",
"T019891",
"T021677",
"T022844",
"T018983",
"T021676",
"T028707",
"T028705",
"T028706",
"T028703",
"T028704",
"T028701",
"T028702",
"T028700",
"T027355",
"T028693",
"T028694",
"T028691",
"T028692",
"T022835",
"T028699",
"T028697",
"T028698",
"T028695",
"T024990",
"T028696"
],
"last_affected": [
"T019887",
"T027348"
]
},
"release_date": "2023-07-18T22:00:00.000+00:00",
"title": "CVE-2023-1436"
},
{
"cve": "CVE-2023-1370",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T027351",
"T019891",
"T021677",
"T022844",
"T018983",
"T021676",
"T028707",
"T028705",
"T028706",
"T028703",
"T028704",
"T028701",
"T028702",
"T028700",
"T027355",
"T028693",
"T028694",
"T028691",
"T028692",
"T022835",
"T028699",
"T028697",
"T028698",
"T028695",
"T024990",
"T028696"
],
"last_affected": [
"T019887",
"T027348"
]
},
"release_date": "2023-07-18T22:00:00.000+00:00",
"title": "CVE-2023-1370"
},
{
"cve": "CVE-2022-48285",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T027351",
"T019891",
"T021677",
"T022844",
"T018983",
"T021676",
"T028707",
"T028705",
"T028706",
"T028703",
"T028704",
"T028701",
"T028702",
"T028700",
"T027355",
"T028693",
"T028694",
"T028691",
"T028692",
"T022835",
"T028699",
"T028697",
"T028698",
"T028695",
"T024990",
"T028696"
],
"last_affected": [
"T019887",
"T027348"
]
},
"release_date": "2023-07-18T22:00:00.000+00:00",
"title": "CVE-2022-48285"
},
{
"cve": "CVE-2022-46364",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T027351",
"T019891",
"T021677",
"T022844",
"T018983",
"T021676",
"T028707",
"T028705",
"T028706",
"T028703",
"T028704",
"T028701",
"T028702",
"T028700",
"T027355",
"T028693",
"T028694",
"T028691",
"T028692",
"T022835",
"T028699",
"T028697",
"T028698",
"T028695",
"T024990",
"T028696"
],
"last_affected": [
"T019887",
"T027348"
]
},
"release_date": "2023-07-18T22:00:00.000+00:00",
"title": "CVE-2022-46364"
},
{
"cve": "CVE-2022-45693",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T027351",
"T019891",
"T021677",
"T022844",
"T018983",
"T021676",
"T028707",
"T028705",
"T028706",
"T028703",
"T028704",
"T028701",
"T028702",
"T028700",
"T027355",
"T028693",
"T028694",
"T028691",
"T028692",
"T022835",
"T028699",
"T028697",
"T028698",
"T028695",
"T024990",
"T028696"
],
"last_affected": [
"T019887",
"T027348"
]
},
"release_date": "2023-07-18T22:00:00.000+00:00",
"title": "CVE-2022-45693"
},
{
"cve": "CVE-2022-45199",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T027351",
"T019891",
"T021677",
"T022844",
"T018983",
"T021676",
"T028707",
"T028705",
"T028706",
"T028703",
"T028704",
"T028701",
"T028702",
"T028700",
"T027355",
"T028693",
"T028694",
"T028691",
"T028692",
"T022835",
"T028699",
"T028697",
"T028698",
"T028695",
"T024990",
"T028696"
],
"last_affected": [
"T019887",
"T027348"
]
},
"release_date": "2023-07-18T22:00:00.000+00:00",
"title": "CVE-2022-45199"
},
{
"cve": "CVE-2022-45143",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T027351",
"T019891",
"T021677",
"T022844",
"T018983",
"T021676",
"T028707",
"T028705",
"T028706",
"T028703",
"T028704",
"T028701",
"T028702",
"T028700",
"T027355",
"T028693",
"T028694",
"T028691",
"T028692",
"T022835",
"T028699",
"T028697",
"T028698",
"T028695",
"T024990",
"T028696"
],
"last_affected": [
"T019887",
"T027348"
]
},
"release_date": "2023-07-18T22:00:00.000+00:00",
"title": "CVE-2022-45143"
},
{
"cve": "CVE-2022-45047",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T027351",
"T019891",
"T021677",
"T022844",
"T018983",
"T021676",
"T028707",
"T028705",
"T028706",
"T028703",
"T028704",
"T028701",
"T028702",
"T028700",
"T027355",
"T028693",
"T028694",
"T028691",
"T028692",
"T022835",
"T028699",
"T028697",
"T028698",
"T028695",
"T024990",
"T028696"
],
"last_affected": [
"T019887",
"T027348"
]
},
"release_date": "2023-07-18T22:00:00.000+00:00",
"title": "CVE-2022-45047"
},
{
"cve": "CVE-2022-42890",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T027351",
"T019891",
"T021677",
"T022844",
"T018983",
"T021676",
"T028707",
"T028705",
"T028706",
"T028703",
"T028704",
"T028701",
"T028702",
"T028700",
"T027355",
"T028693",
"T028694",
"T028691",
"T028692",
"T022835",
"T028699",
"T028697",
"T028698",
"T028695",
"T024990",
"T028696"
],
"last_affected": [
"T019887",
"T027348"
]
},
"release_date": "2023-07-18T22:00:00.000+00:00",
"title": "CVE-2022-42890"
},
{
"cve": "CVE-2022-42003",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T027351",
"T019891",
"T021677",
"T022844",
"T018983",
"T021676",
"T028707",
"T028705",
"T028706",
"T028703",
"T028704",
"T028701",
"T028702",
"T028700",
"T027355",
"T028693",
"T028694",
"T028691",
"T028692",
"T022835",
"T028699",
"T028697",
"T028698",
"T028695",
"T024990",
"T028696"
],
"last_affected": [
"T019887",
"T027348"
]
},
"release_date": "2023-07-18T22:00:00.000+00:00",
"title": "CVE-2022-42003"
},
{
"cve": "CVE-2022-41966",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T027351",
"T019891",
"T021677",
"T022844",
"T018983",
"T021676",
"T028707",
"T028705",
"T028706",
"T028703",
"T028704",
"T028701",
"T028702",
"T028700",
"T027355",
"T028693",
"T028694",
"T028691",
"T028692",
"T022835",
"T028699",
"T028697",
"T028698",
"T028695",
"T024990",
"T028696"
],
"last_affected": [
"T019887",
"T027348"
]
},
"release_date": "2023-07-18T22:00:00.000+00:00",
"title": "CVE-2022-41966"
},
{
"cve": "CVE-2022-41881",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T027351",
"T019891",
"T021677",
"T022844",
"T018983",
"T021676",
"T028707",
"T028705",
"T028706",
"T028703",
"T028704",
"T028701",
"T028702",
"T028700",
"T027355",
"T028693",
"T028694",
"T028691",
"T028692",
"T022835",
"T028699",
"T028697",
"T028698",
"T028695",
"T024990",
"T028696"
],
"last_affected": [
"T019887",
"T027348"
]
},
"release_date": "2023-07-18T22:00:00.000+00:00",
"title": "CVE-2022-41881"
},
{
"cve": "CVE-2022-36033",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T027351",
"T019891",
"T021677",
"T022844",
"T018983",
"T021676",
"T028707",
"T028705",
"T028706",
"T028703",
"T028704",
"T028701",
"T028702",
"T028700",
"T027355",
"T028693",
"T028694",
"T028691",
"T028692",
"T022835",
"T028699",
"T028697",
"T028698",
"T028695",
"T024990",
"T028696"
],
"last_affected": [
"T019887",
"T027348"
]
},
"release_date": "2023-07-18T22:00:00.000+00:00",
"title": "CVE-2022-36033"
},
{
"cve": "CVE-2022-33879",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T027351",
"T019891",
"T021677",
"T022844",
"T018983",
"T021676",
"T028707",
"T028705",
"T028706",
"T028703",
"T028704",
"T028701",
"T028702",
"T028700",
"T027355",
"T028693",
"T028694",
"T028691",
"T028692",
"T022835",
"T028699",
"T028697",
"T028698",
"T028695",
"T024990",
"T028696"
],
"last_affected": [
"T019887",
"T027348"
]
},
"release_date": "2023-07-18T22:00:00.000+00:00",
"title": "CVE-2022-33879"
},
{
"cve": "CVE-2022-3171",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T027351",
"T019891",
"T021677",
"T022844",
"T018983",
"T021676",
"T028707",
"T028705",
"T028706",
"T028703",
"T028704",
"T028701",
"T028702",
"T028700",
"T027355",
"T028693",
"T028694",
"T028691",
"T028692",
"T022835",
"T028699",
"T028697",
"T028698",
"T028695",
"T024990",
"T028696"
],
"last_affected": [
"T019887",
"T027348"
]
},
"release_date": "2023-07-18T22:00:00.000+00:00",
"title": "CVE-2022-3171"
},
{
"cve": "CVE-2022-31692",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T027351",
"T019891",
"T021677",
"T022844",
"T018983",
"T021676",
"T028707",
"T028705",
"T028706",
"T028703",
"T028704",
"T028701",
"T028702",
"T028700",
"T027355",
"T028693",
"T028694",
"T028691",
"T028692",
"T022835",
"T028699",
"T028697",
"T028698",
"T028695",
"T024990",
"T028696"
],
"last_affected": [
"T019887",
"T027348"
]
},
"release_date": "2023-07-18T22:00:00.000+00:00",
"title": "CVE-2022-31692"
},
{
"cve": "CVE-2022-31129",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T027351",
"T019891",
"T021677",
"T022844",
"T018983",
"T021676",
"T028707",
"T028705",
"T028706",
"T028703",
"T028704",
"T028701",
"T028702",
"T028700",
"T027355",
"T028693",
"T028694",
"T028691",
"T028692",
"T022835",
"T028699",
"T028697",
"T028698",
"T028695",
"T024990",
"T028696"
],
"last_affected": [
"T019887",
"T027348"
]
},
"release_date": "2023-07-18T22:00:00.000+00:00",
"title": "CVE-2022-31129"
},
{
"cve": "CVE-2022-2048",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T027351",
"T019891",
"T021677",
"T022844",
"T018983",
"T021676",
"T028707",
"T028705",
"T028706",
"T028703",
"T028704",
"T028701",
"T028702",
"T028700",
"T027355",
"T028693",
"T028694",
"T028691",
"T028692",
"T022835",
"T028699",
"T028697",
"T028698",
"T028695",
"T024990",
"T028696"
],
"last_affected": [
"T019887",
"T027348"
]
},
"release_date": "2023-07-18T22:00:00.000+00:00",
"title": "CVE-2022-2048"
},
{
"cve": "CVE-2022-1471",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T027351",
"T019891",
"T021677",
"T022844",
"T018983",
"T021676",
"T028707",
"T028705",
"T028706",
"T028703",
"T028704",
"T028701",
"T028702",
"T028700",
"T027355",
"T028693",
"T028694",
"T028691",
"T028692",
"T022835",
"T028699",
"T028697",
"T028698",
"T028695",
"T024990",
"T028696"
],
"last_affected": [
"T019887",
"T027348"
]
},
"release_date": "2023-07-18T22:00:00.000+00:00",
"title": "CVE-2022-1471"
},
{
"cve": "CVE-2021-37533",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T027351",
"T019891",
"T021677",
"T022844",
"T018983",
"T021676",
"T028707",
"T028705",
"T028706",
"T028703",
"T028704",
"T028701",
"T028702",
"T028700",
"T027355",
"T028693",
"T028694",
"T028691",
"T028692",
"T022835",
"T028699",
"T028697",
"T028698",
"T028695",
"T024990",
"T028696"
],
"last_affected": [
"T019887",
"T027348"
]
},
"release_date": "2023-07-18T22:00:00.000+00:00",
"title": "CVE-2021-37533"
},
{
"cve": "CVE-2020-13936",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T027351",
"T019891",
"T021677",
"T022844",
"T018983",
"T021676",
"T028707",
"T028705",
"T028706",
"T028703",
"T028704",
"T028701",
"T028702",
"T028700",
"T027355",
"T028693",
"T028694",
"T028691",
"T028692",
"T022835",
"T028699",
"T028697",
"T028698",
"T028695",
"T024990",
"T028696"
],
"last_affected": [
"T019887",
"T027348"
]
},
"release_date": "2023-07-18T22:00:00.000+00:00",
"title": "CVE-2020-13936"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…