Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2024-29857 (GCVE-0-2024-29857)
Vulnerability from cvelistv5 – Published: 2024-05-09 04:17 – Updated: 2025-02-13 15:47
VLAI
EPSS
Summary
An issue was discovered in ECCurve.java and ECCurve.cs in Bouncy Castle Java (BC Java) before 1.78, BC Java LTS before 2.73.6, BC-FJA before 1.0.2.5, and BC C# .Net before 2.3.1. Importing an EC certificate with crafted F2m parameters can lead to excessive CPU consumption during the evaluation of the curve parameters.
Severity
7.5 (High)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-12-06T13:09:29.357Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.bouncycastle.org/latest_releases.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902024%E2%80%9029857"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/bcgit/bc-csharp/wiki/CVE%E2%80%902024%E2%80%9029857"
},
{
"url": "https://security.netapp.com/advisory/ntap-20241206-0008/"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:bouncycastle:bc-java:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "bc-java",
"vendor": "bouncycastle",
"versions": [
{
"lessThanOrEqual": "1.77",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:bouncycastle:bc-fja:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "bc-fja",
"vendor": "bouncycastle",
"versions": [
{
"lessThanOrEqual": "1.0.2.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:bouncycastle:bc_c_.net:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "bc_c_.net",
"vendor": "bouncycastle",
"versions": [
{
"lessThanOrEqual": "2.3.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-29857",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-13T19:32:50.624122Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-15T18:48:02.823Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in ECCurve.java and ECCurve.cs in Bouncy Castle Java (BC Java) before 1.78, BC Java LTS before 2.73.6, BC-FJA before 1.0.2.5, and BC C# .Net before 2.3.1. Importing an EC certificate with crafted F2m parameters can lead to excessive CPU consumption during the evaluation of the curve parameters."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-13T16:50:06.548Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.bouncycastle.org/latest_releases.html"
},
{
"url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902024%E2%80%9029857"
},
{
"url": "https://github.com/bcgit/bc-csharp/wiki/CVE%E2%80%902024%E2%80%9029857"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-29857",
"datePublished": "2024-05-09T04:17:29.645Z",
"dateReserved": "2024-03-21T00:00:00.000Z",
"dateUpdated": "2025-02-13T15:47:48.325Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2024-29857",
"date": "2026-05-30",
"epss": "0.00259",
"percentile": "0.49433"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-29857\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2024-05-14T15:17:02.970\",\"lastModified\":\"2024-12-06T14:15:20.263\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An issue was discovered in ECCurve.java and ECCurve.cs in Bouncy Castle Java (BC Java) before 1.78, BC Java LTS before 2.73.6, BC-FJA before 1.0.2.5, and BC C# .Net before 2.3.1. Importing an EC certificate with crafted F2m parameters can lead to excessive CPU consumption during the evaluation of the curve parameters.\"},{\"lang\":\"es\",\"value\":\"Se descubri\u00f3 un problema en ECCurve.java y ECCurve.cs en Bouncy Castle Java (BC Java) antes de 1.78, BC Java LTS antes de 2.73.6, BC-FJA antes de 1.0.2.5 y BC C# .Net antes de 2.3.1. La importaci\u00f3n de un certificado CE con par\u00e1metros F2m modificados puede provocar un consumo excesivo de CPU durante la evaluaci\u00f3n de los par\u00e1metros de la curva.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-125\"}]}],\"references\":[{\"url\":\"https://github.com/bcgit/bc-csharp/wiki/CVE%E2%80%902024%E2%80%9029857\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902024%E2%80%9029857\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.bouncycastle.org/latest_releases.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://github.com/bcgit/bc-csharp/wiki/CVE%E2%80%902024%E2%80%9029857\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902024%E2%80%9029857\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20241206-0008/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.bouncycastle.org/latest_releases.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.bouncycastle.org/latest_releases.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902024%E2%80%9029857\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/bcgit/bc-csharp/wiki/CVE%E2%80%902024%E2%80%9029857\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20241206-0008/\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-12-06T13:09:29.357Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-29857\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-05-13T19:32:50.624122Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:bouncycastle:bc-java:*:*:*:*:*:*:*:*\"], \"vendor\": \"bouncycastle\", \"product\": \"bc-java\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"1.77\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:bouncycastle:bc-fja:*:*:*:*:*:*:*:*\"], \"vendor\": \"bouncycastle\", \"product\": \"bc-fja\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"1.0.2.4\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:bouncycastle:bc_c_.net:*:*:*:*:*:*:*:*\"], \"vendor\": \"bouncycastle\", \"product\": \"bc_c_.net\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"2.3.0\"}], \"defaultStatus\": \"unknown\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-125\", \"description\": \"CWE-125 Out-of-bounds Read\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-05-13T19:32:39.546Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"references\": [{\"url\": \"https://www.bouncycastle.org/latest_releases.html\"}, {\"url\": \"https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902024%E2%80%9029857\"}, {\"url\": \"https://github.com/bcgit/bc-csharp/wiki/CVE%E2%80%902024%E2%80%9029857\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"An issue was discovered in ECCurve.java and ECCurve.cs in Bouncy Castle Java (BC Java) before 1.78, BC Java LTS before 2.73.6, BC-FJA before 1.0.2.5, and BC C# .Net before 2.3.1. Importing an EC certificate with crafted F2m parameters can lead to excessive CPU consumption during the evaluation of the curve parameters.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2024-05-13T16:50:06.548Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-29857\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-02-13T15:47:48.325Z\", \"dateReserved\": \"2024-03-21T00:00:00.000Z\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2024-05-09T04:17:29.645Z\", \"assignerShortName\": \"mitre\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
RHSA-2024:5482
Vulnerability from csaf_redhat - Published: 2024-08-15 20:07 - Updated: 2026-05-05 03:16Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.3 Security update
Severity
Important
Notes
Topic: A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.3 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.2, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.3 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* cxf-core: Apache CXF SSRF Vulnerability using the Aegis databinding [eap-8.0.z] (CVE-2024-28752)
* org.bouncycastle-bcprov-jdk18on: BouncyCastle vulnerable to a timing variant of Bleichenbacher (Marvin Attack) [eap-8.0.z] (CVE-2024-30171)
* netty-codec-http: Allocation of Resources Without Limits or Throttling [eap-8.0.z] (CVE-2024-29025)
* org.bouncycastle:bcprov-jdk18on: Infinite loop in ED25519 verification in the ScalarUtil class [eap-8.0.z] (CVE-2024-30172)
* org.bouncycastle:bcprov-jdk18on: org.bouncycastle: Importing an EC certificate with crafted F2m parameters may lead to Denial of Service [eap-8.0.z] (CVE-2024-29857)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A server-side request forgery (SSRF) vulnerability was found in Apache CXF. This issue occurs in attacks on webservices that take at least one parameter of any type, and when Aegisdatabind is used. Users of other data bindings including the default databinding are not impacted.
7.4 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss Enterprise Application Platform 8
Red Hat / Red Hat JBoss Enterprise Application Platform
|
cpe:/a:redhat:jboss_enterprise_application_platform:8.0
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in the io.netty:netty-codec-http package. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling issues due to the accumulation of data in the HttpPostRequestDecoder. The decoder cumulates bytes in the undecodedChunk buffer until it can decode a field, allowing data to accumulate without limits. This flaw allows an attacker to cause a denial of service by sending a chunked post consisting of many small fields that will be accumulated in the bodyListHttpData list.
5.3 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss Enterprise Application Platform 8
Red Hat / Red Hat JBoss Enterprise Application Platform
|
cpe:/a:redhat:jboss_enterprise_application_platform:8.0
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in jose4j. A remote attacker can exploit this by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression. This can lead to a Denial of Service, making the service unavailable to legitimate users.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss Enterprise Application Platform 8
Red Hat / Red Hat JBoss Enterprise Application Platform
|
cpe:/a:redhat:jboss_enterprise_application_platform:8.0
|
— |
Vendor Fix
fix
|
Threats
Impact
Important
A vulnerability was found in Bouncy Castle. An issue was discovered in ECCurve.java and ECCurve.cs in Bouncy Castle Java (BC Java). Importing an EC certificate with crafted F2m parameters can lead to excessive CPU consumption during the evaluation of the curve parameters.
6.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss Enterprise Application Platform 8
Red Hat / Red Hat JBoss Enterprise Application Platform
|
cpe:/a:redhat:jboss_enterprise_application_platform:8.0
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the Bouncy Castle Java cryptography APIs. Affected versions of the org.bouncycastle:bcprov-jdk18on package are vulnerable to Observable Timing Discrepancy via the PKCS#1 1.5 and OAEP decryption process (a.k.a. Marvin Attack). An attacker can recover cipher-texts via a side-channel attack by exploiting the Marvin security flaw. The PKCS#1 1.5 attack vector leaks data via javax.crypto.Cipher exceptions and the OAEP interface vector leaks via the bit size of the decrypted data.
5.9 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss Enterprise Application Platform 8
Red Hat / Red Hat JBoss Enterprise Application Platform
|
cpe:/a:redhat:jboss_enterprise_application_platform:8.0
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the Bouncy Castle Java Cryptography APIs. Affected versions of this package are vulnerable to an Infinite loop issue in ED25519 verification in the ScalarUtil class. This flaw allows an attacker to send a malicious signature and public key to trigger a denial of service.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss Enterprise Application Platform 8
Red Hat / Red Hat JBoss Enterprise Application Platform
|
cpe:/a:redhat:jboss_enterprise_application_platform:8.0
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
68 references
Acknowledgments
Red Hat
Hubert Kario
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.3 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.2, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.3 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* cxf-core: Apache CXF SSRF Vulnerability using the Aegis databinding [eap-8.0.z] (CVE-2024-28752)\n\n* org.bouncycastle-bcprov-jdk18on: BouncyCastle vulnerable to a timing variant of Bleichenbacher (Marvin Attack) [eap-8.0.z] (CVE-2024-30171)\n\n* netty-codec-http: Allocation of Resources Without Limits or Throttling [eap-8.0.z] (CVE-2024-29025)\n\n* org.bouncycastle:bcprov-jdk18on: Infinite loop in ED25519 verification in the ScalarUtil class [eap-8.0.z] (CVE-2024-30172)\n\n* org.bouncycastle:bcprov-jdk18on: org.bouncycastle: Importing an EC certificate with crafted F2m parameters may lead to Denial of Service [eap-8.0.z] (CVE-2024-29857)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:5482",
"url": "https://access.redhat.com/errata/RHSA-2024:5482"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.0",
"url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.0"
},
{
"category": "external",
"summary": "2270732",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270732"
},
{
"category": "external",
"summary": "2272907",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272907"
},
{
"category": "external",
"summary": "2276360",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2276360"
},
{
"category": "external",
"summary": "2293025",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293025"
},
{
"category": "external",
"summary": "2293028",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293028"
},
{
"category": "external",
"summary": "JBEAP-25224",
"url": "https://issues.redhat.com/browse/JBEAP-25224"
},
{
"category": "external",
"summary": "JBEAP-26018",
"url": "https://issues.redhat.com/browse/JBEAP-26018"
},
{
"category": "external",
"summary": "JBEAP-26696",
"url": "https://issues.redhat.com/browse/JBEAP-26696"
},
{
"category": "external",
"summary": "JBEAP-26790",
"url": "https://issues.redhat.com/browse/JBEAP-26790"
},
{
"category": "external",
"summary": "JBEAP-26791",
"url": "https://issues.redhat.com/browse/JBEAP-26791"
},
{
"category": "external",
"summary": "JBEAP-26802",
"url": "https://issues.redhat.com/browse/JBEAP-26802"
},
{
"category": "external",
"summary": "JBEAP-26816",
"url": "https://issues.redhat.com/browse/JBEAP-26816"
},
{
"category": "external",
"summary": "JBEAP-26823",
"url": "https://issues.redhat.com/browse/JBEAP-26823"
},
{
"category": "external",
"summary": "JBEAP-26843",
"url": "https://issues.redhat.com/browse/JBEAP-26843"
},
{
"category": "external",
"summary": "JBEAP-26886",
"url": "https://issues.redhat.com/browse/JBEAP-26886"
},
{
"category": "external",
"summary": "JBEAP-26932",
"url": "https://issues.redhat.com/browse/JBEAP-26932"
},
{
"category": "external",
"summary": "JBEAP-26948",
"url": "https://issues.redhat.com/browse/JBEAP-26948"
},
{
"category": "external",
"summary": "JBEAP-26961",
"url": "https://issues.redhat.com/browse/JBEAP-26961"
},
{
"category": "external",
"summary": "JBEAP-26962",
"url": "https://issues.redhat.com/browse/JBEAP-26962"
},
{
"category": "external",
"summary": "JBEAP-26966",
"url": "https://issues.redhat.com/browse/JBEAP-26966"
},
{
"category": "external",
"summary": "JBEAP-26986",
"url": "https://issues.redhat.com/browse/JBEAP-26986"
},
{
"category": "external",
"summary": "JBEAP-27002",
"url": "https://issues.redhat.com/browse/JBEAP-27002"
},
{
"category": "external",
"summary": "JBEAP-27019",
"url": "https://issues.redhat.com/browse/JBEAP-27019"
},
{
"category": "external",
"summary": "JBEAP-27055",
"url": "https://issues.redhat.com/browse/JBEAP-27055"
},
{
"category": "external",
"summary": "JBEAP-27090",
"url": "https://issues.redhat.com/browse/JBEAP-27090"
},
{
"category": "external",
"summary": "JBEAP-27192",
"url": "https://issues.redhat.com/browse/JBEAP-27192"
},
{
"category": "external",
"summary": "JBEAP-27194",
"url": "https://issues.redhat.com/browse/JBEAP-27194"
},
{
"category": "external",
"summary": "JBEAP-27261",
"url": "https://issues.redhat.com/browse/JBEAP-27261"
},
{
"category": "external",
"summary": "JBEAP-27262",
"url": "https://issues.redhat.com/browse/JBEAP-27262"
},
{
"category": "external",
"summary": "JBEAP-27327",
"url": "https://issues.redhat.com/browse/JBEAP-27327"
},
{
"category": "external",
"summary": "JBEAP-27356",
"url": "https://issues.redhat.com/browse/JBEAP-27356"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_5482.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.3 Security update",
"tracking": {
"current_release_date": "2026-05-05T03:16:26+00:00",
"generator": {
"date": "2026-05-05T03:16:26+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.9"
}
},
"id": "RHSA-2024:5482",
"initial_release_date": "2024-08-15T20:07:00+00:00",
"revision_history": [
{
"date": "2024-08-15T20:07:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-08-15T20:07:00+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-05T03:16:26+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 8",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 8",
"product_id": "Red Hat JBoss Enterprise Application Platform 8",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-28752",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2024-03-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2270732"
}
],
"notes": [
{
"category": "description",
"text": "A server-side request forgery (SSRF) vulnerability was found in Apache CXF. This issue occurs in attacks on webservices that take at least one parameter of any type, and when Aegisdatabind is used. Users of other data bindings including the default databinding are not impacted.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cxf-core: Apache CXF SSRF Vulnerability using the Aegis databinding",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat rates this as an Important impact due to the fact this requires Aegis databind, which is not the default databinding for Apache CXF.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-28752"
},
{
"category": "external",
"summary": "RHBZ#2270732",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270732"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-28752",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28752"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-28752",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28752"
},
{
"category": "external",
"summary": "https://cxf.apache.org/security-advisories.data/CVE-2024-28752.txt",
"url": "https://cxf.apache.org/security-advisories.data/CVE-2024-28752.txt"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-qmgx-j96g-4428",
"url": "https://github.com/advisories/GHSA-qmgx-j96g-4428"
}
],
"release_date": "2024-03-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-08-15T20:07:00+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:5482"
},
{
"category": "workaround",
"details": "No mitigation is currently available for this vulnerability. Please make sure to update as the fixes become available.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "cxf-core: Apache CXF SSRF Vulnerability using the Aegis databinding"
},
{
"cve": "CVE-2024-29025",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-04-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2272907"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the io.netty:netty-codec-http package. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling issues due to the accumulation of data in the HttpPostRequestDecoder. The decoder cumulates bytes in the undecodedChunk buffer until it can decode a field, allowing data to accumulate without limits. This flaw allows an attacker to cause a denial of service by sending a chunked post consisting of many small fields that will be accumulated in the bodyListHttpData list.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec-http: Allocation of Resources Without Limits or Throttling",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability in io.netty:netty-codec-http, allowing for Allocation of Resources Without Limits or Throttling issues, is assessed as moderate severity due to its potential impact on system availability and performance. By exploiting the flaw in HttpPostRequestDecoder, an attacker can craft chunked POST requests with numerous small fields, causing excessive accumulation of data in memory buffers. This unrestricted accumulation can lead to significant memory consumption on the server, potentially exhausting available resources and resulting in denial of service (DoS) conditions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-29025"
},
{
"category": "external",
"summary": "RHBZ#2272907",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272907"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-29025",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29025"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29025",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29025"
},
{
"category": "external",
"summary": "https://gist.github.com/vietj/f558b8ea81ec6505f1e9a6ca283c9ae3",
"url": "https://gist.github.com/vietj/f558b8ea81ec6505f1e9a6ca283c9ae3"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/commit/0d0c6ed782d13d423586ad0c71737b2c7d02058c",
"url": "https://github.com/netty/netty/commit/0d0c6ed782d13d423586ad0c71737b2c7d02058c"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-5jpm-x58v-624v",
"url": "https://github.com/netty/netty/security/advisories/GHSA-5jpm-x58v-624v"
},
{
"category": "external",
"summary": "https://security.snyk.io/vuln/SNYK-JAVA-IONETTY-6483812",
"url": "https://security.snyk.io/vuln/SNYK-JAVA-IONETTY-6483812"
}
],
"release_date": "2024-03-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-08-15T20:07:00+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:5482"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "netty-codec-http: Allocation of Resources Without Limits or Throttling"
},
{
"cve": "CVE-2024-29371",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2025-12-17T16:01:18.173727+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2423194"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jose4j. A remote attacker can exploit this by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression. This can lead to a Denial of Service, making the service unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jose4j: jose4j: Denial of Service via malicious JSON Web Encryption (JWE) token compression",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important as it can lead to a Denial of Service in applications that process untrusted JSON Web Encryption tokens. An attacker can craft a malicious JWE token with an exceptionally high compression ratio, causing excessive memory allocation and processing time during decompression in affected components like jose4j. This affects products such as Red Hat AMQ, Enterprise Application Platform (EAP 8.0.z, 8.1.z), Red Hat JBoss Fuse, JBoss Data Grid, OpenShift Developer Tools \u0026 Services, Red Hat build of Apache Camel, Red Hat Integration, Red Hat OpenShift Dev Spaces, Red Hat Process Automation Manager, Red Hat Single Sign-On (RH-SSO), Insights, cloud.redhat.com, and OpenShift Serverless.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-29371"
},
{
"category": "external",
"summary": "RHBZ#2423194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2423194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-29371",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29371"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29371",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29371"
},
{
"category": "external",
"summary": "https://bitbucket.org/b_c/jose4j/issues/220/vuln-zip-bomb-attack",
"url": "https://bitbucket.org/b_c/jose4j/issues/220/vuln-zip-bomb-attack"
}
],
"release_date": "2025-12-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-08-15T20:07:00+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:5482"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jose4j: jose4j: Denial of Service via malicious JSON Web Encryption (JWE) token compression"
},
{
"cve": "CVE-2024-29857",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2024-06-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2293028"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Bouncy Castle. An issue was discovered in ECCurve.java and ECCurve.cs in Bouncy Castle Java (BC Java). Importing an EC certificate with crafted F2m parameters can lead to excessive CPU consumption during the evaluation of the curve parameters.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.bouncycastle: Importing an EC certificate with crafted F2m parameters may lead to Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-29857"
},
{
"category": "external",
"summary": "RHBZ#2293028",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293028"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-29857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29857"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29857",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29857"
}
],
"release_date": "2024-06-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-08-15T20:07:00+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:5482"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.bouncycastle: Importing an EC certificate with crafted F2m parameters may lead to Denial of Service"
},
{
"acknowledgments": [
{
"names": [
"Hubert Kario"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2024-30171",
"cwe": {
"id": "CWE-208",
"name": "Observable Timing Discrepancy"
},
"discovery_date": "2024-04-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2276360"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Bouncy Castle Java cryptography APIs. Affected versions of the org.bouncycastle:bcprov-jdk18on package are vulnerable to Observable Timing Discrepancy via the PKCS#1 1.5 and OAEP decryption process (a.k.a. Marvin Attack). An attacker can recover cipher-texts via a side-channel attack by exploiting the Marvin security flaw. The PKCS#1 1.5 attack vector leaks data via javax.crypto.Cipher exceptions and the OAEP interface vector leaks via the bit size of the decrypted data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bc-java: BouncyCastle vulnerable to a timing variant of Bleichenbacher (Marvin Attack)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-30171"
},
{
"category": "external",
"summary": "RHBZ#2276360",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2276360"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-30171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30171"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-30171",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-30171"
},
{
"category": "external",
"summary": "https://people.redhat.com/~hkario/marvin/",
"url": "https://people.redhat.com/~hkario/marvin/"
}
],
"release_date": "2024-04-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-08-15T20:07:00+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:5482"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bc-java: BouncyCastle vulnerable to a timing variant of Bleichenbacher (Marvin Attack)"
},
{
"cve": "CVE-2024-30172",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2024-06-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2293025"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Bouncy Castle Java Cryptography APIs. Affected versions of this package are vulnerable to an Infinite loop issue in ED25519 verification in the ScalarUtil class. This flaw allows an attacker to send a malicious signature and public key to trigger a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.bouncycastle:bcprov-jdk18on: Infinite loop in ED25519 verification in the ScalarUtil class",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-30172"
},
{
"category": "external",
"summary": "RHBZ#2293025",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293025"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-30172",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30172"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-30172",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-30172"
},
{
"category": "external",
"summary": "https://www.bouncycastle.org/latest_releases.html",
"url": "https://www.bouncycastle.org/latest_releases.html"
}
],
"release_date": "2024-05-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-08-15T20:07:00+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:5482"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.bouncycastle:bcprov-jdk18on: Infinite loop in ED25519 verification in the ScalarUtil class"
}
]
}
SSA-485750
Vulnerability from csaf_siemens - Published: 2026-03-10 00:00 - Updated: 2026-03-10 00:00Summary
SSA-485750: Multiple Vulnerabilities in SIDIS Prime Before V4.0.800
Notes
Summary: SIDIS Prime before V4.0.800 is affected by multiple vulnerabilities in the components OpenSSL, SQLite, and several Node.js packages as described below.
Siemens has released a new version of SIDIS Prime and recommends to update to the latest version.
General Recommendations: As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources: For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use: The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.
7.5 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIDIS Prime
Siemens / SIDIS Prime
|
vers:intdot/<4.0.800 |
Vendor Fix
|
5.9 (Medium)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIDIS Prime
Siemens / SIDIS Prime
|
vers:intdot/<4.0.800 |
Vendor Fix
|
7.5 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIDIS Prime
Siemens / SIDIS Prime
|
vers:intdot/<4.0.800 |
Vendor Fix
|
7.5 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIDIS Prime
Siemens / SIDIS Prime
|
vers:intdot/<4.0.800 |
Vendor Fix
|
7.7 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIDIS Prime
Siemens / SIDIS Prime
|
vers:intdot/<4.0.800 |
Vendor Fix
|
8.7 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIDIS Prime
Siemens / SIDIS Prime
|
vers:intdot/<4.0.800 |
Vendor Fix
|
5.6 (Medium)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIDIS Prime
Siemens / SIDIS Prime
|
vers:intdot/<4.0.800 |
Vendor Fix
|
5.9 (Medium)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIDIS Prime
Siemens / SIDIS Prime
|
vers:intdot/<4.0.800 |
Vendor Fix
|
5.3 (Medium)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIDIS Prime
Siemens / SIDIS Prime
|
vers:intdot/<4.0.800 |
Vendor Fix
|
8.6 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIDIS Prime
Siemens / SIDIS Prime
|
vers:intdot/<4.0.800 |
Vendor Fix
|
7.5 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIDIS Prime
Siemens / SIDIS Prime
|
vers:intdot/<4.0.800 |
Vendor Fix
|
4.3 (Medium)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIDIS Prime
Siemens / SIDIS Prime
|
vers:intdot/<4.0.800 |
Vendor Fix
|
4.3 (Medium)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIDIS Prime
Siemens / SIDIS Prime
|
vers:intdot/<4.0.800 |
Vendor Fix
|
7.5 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIDIS Prime
Siemens / SIDIS Prime
|
vers:intdot/<4.0.800 |
Vendor Fix
|
6.5 (Medium)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIDIS Prime
Siemens / SIDIS Prime
|
vers:intdot/<4.0.800 |
Vendor Fix
|
5.3 (Medium)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIDIS Prime
Siemens / SIDIS Prime
|
vers:intdot/<4.0.800 |
Vendor Fix
|
7.5 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIDIS Prime
Siemens / SIDIS Prime
|
vers:intdot/<4.0.800 |
Vendor Fix
|
5.3 (Medium)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIDIS Prime
Siemens / SIDIS Prime
|
vers:intdot/<4.0.800 |
Vendor Fix
|
7.5 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIDIS Prime
Siemens / SIDIS Prime
|
vers:intdot/<4.0.800 |
Vendor Fix
|
8.6 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIDIS Prime
Siemens / SIDIS Prime
|
vers:intdot/<4.0.800 |
Vendor Fix
|
8.0 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIDIS Prime
Siemens / SIDIS Prime
|
vers:intdot/<4.0.800 |
Vendor Fix
|
4.5 (Medium)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIDIS Prime
Siemens / SIDIS Prime
|
vers:intdot/<4.0.800 |
Vendor Fix
|
8.0 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIDIS Prime
Siemens / SIDIS Prime
|
vers:intdot/<4.0.800 |
Vendor Fix
|
References
2 references
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited. (TLPv2: TLP:CLEAR)",
"tlp": {
"label": "WHITE"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "SIDIS Prime before V4.0.800 is affected by multiple vulnerabilities in the components OpenSSL, SQLite, and several Node.js packages as described below.\n\nSiemens has released a new version of SIDIS Prime and recommends to update to the latest version.",
"title": "Summary"
},
{
"category": "general",
"text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"title": "General Recommendations"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "productcert@siemens.com",
"name": "Siemens ProductCERT",
"namespace": "https://www.siemens.com"
},
"references": [
{
"category": "self",
"summary": "SSA-485750: Multiple Vulnerabilities in SIDIS Prime Before V4.0.800 - HTML Version",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-485750.html"
},
{
"category": "self",
"summary": "SSA-485750: Multiple Vulnerabilities in SIDIS Prime Before V4.0.800 - CSAF Version",
"url": "https://cert-portal.siemens.com/productcert/csaf/ssa-485750.json"
}
],
"title": "SSA-485750: Multiple Vulnerabilities in SIDIS Prime Before V4.0.800",
"tracking": {
"current_release_date": "2026-03-10T00:00:00.000Z",
"generator": {
"engine": {
"name": "Siemens ProductCERT CSAF Generator",
"version": "1"
}
},
"id": "SSA-485750",
"initial_release_date": "2026-03-10T00:00:00.000Z",
"revision_history": [
{
"date": "2026-03-10T00:00:00.000Z",
"legacy_version": "1.0",
"number": "1",
"summary": "Publication Date"
}
],
"status": "interim",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c4.0.800",
"product": {
"name": "SIDIS Prime",
"product_id": "1"
}
}
],
"category": "product_name",
"name": "SIDIS Prime"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-29857",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in ECCurve.java and ECCurve.cs in Bouncy Castle Java (BC Java) before 1.78, BC Java LTS before 2.73.6, BC-FJA before 1.0.2.5, and BC C# .Net before 2.3.1. Importing an EC certificate with crafted F2m parameters can lead to excessive CPU consumption during the evaluation of the curve parameters.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.0.800 or later version",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-29857"
},
{
"cve": "CVE-2024-30171",
"cwe": {
"id": "CWE-203",
"name": "Observable Discrepancy"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in Bouncy Castle Java TLS API and JSSE Provider before 1.78. Timing-based leakage may occur in RSA based handshakes because of exception processing.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.0.800 or later version",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-30171"
},
{
"cve": "CVE-2024-30172",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in Bouncy Castle Java Cryptography APIs before 1.78. An Ed25519 verification code infinite loop can occur via a crafted signature and public key.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.0.800 or later version",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-30172"
},
{
"cve": "CVE-2024-41996",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"notes": [
{
"category": "summary",
"text": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.0.800 or later version",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-41996"
},
{
"cve": "CVE-2025-6965",
"cwe": {
"id": "CWE-197",
"name": "Numeric Truncation Error"
},
"notes": [
{
"category": "summary",
"text": "There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.0.800 or later version",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-6965"
},
{
"cve": "CVE-2025-7783",
"cwe": {
"id": "CWE-330",
"name": "Use of Insufficiently Random Values"
},
"notes": [
{
"category": "summary",
"text": "Use of Insufficiently Random Values vulnerability in form-data allows HTTP Parameter Pollution (HPP). This vulnerability is associated with program files lib/form_data.Js.\r\n\r\nThis issue affects form-data: \u003c 2.5.4, 3.0.0 - 3.0.3, 4.0.0 - 4.0.3.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.0.800 or later version",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-7783"
},
{
"cve": "CVE-2025-9230",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service for an application. The out-of-bounds write can cause a memory corruption which can have various consequences including a Denial of Service or Execution of attacker-supplied code. Although the consequences of a successful exploit of this vulnerability could be severe, the probability that the attacker would be able to perform it is low. Besides, password based (PWRI) encryption support in CMS messages is very rarely used. For that reason the issue was assessed as Moderate severity according to our Security Policy. The FIPS modules in 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected by this issue, as the CMS implementation is outside the OpenSSL FIPS module boundary.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.0.800 or later version",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-9230"
},
{
"cve": "CVE-2025-9232",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "Issue summary: An application using the OpenSSL HTTP client API functions may\ntrigger an out-of-bounds read if the \u0027no_proxy\u0027 environment variable is set and\nthe host portion of the authority component of the HTTP URL is an IPv6 address.\n\nImpact summary: An out-of-bounds read can trigger a crash which leads to\nDenial of Service for an application.\n\nThe OpenSSL HTTP client API functions can be used directly by applications\nbut they are also used by the OCSP client functions and CMP (Certificate\nManagement Protocol) client implementation in OpenSSL. However the URLs used\nby these implementations are unlikely to be controlled by an attacker.\n\nIn this vulnerable code the out of bounds read can only trigger a crash.\nFurthermore the vulnerability requires an attacker-controlled URL to be\npassed from an application to the OpenSSL function and the user has to have\na \u0027no_proxy\u0027 environment variable set. For the aforementioned reasons the\nissue was assessed as Low severity.\n\nThe vulnerable code was introduced in the following patch releases:\n3.0.16, 3.1.8, 3.2.4, 3.3.3, 3.4.0 and 3.5.0.\n\nThe FIPS modules in 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected by this\nissue, as the HTTP client implementation is outside the OpenSSL FIPS module\nboundary.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.0.800 or later version",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-9232"
},
{
"cve": "CVE-2025-9670",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"notes": [
{
"category": "summary",
"text": "A security flaw has been discovered in mixmark-io turndown up to 7.2.1. This affects an unknown function of the file src/commonmark-rules.js. Performing manipulation results in inefficient regular expression complexity. It is possible to initiate the attack remotely. The exploit has been released to the public and may be exploited.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.0.800 or later version",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-9670"
},
{
"cve": "CVE-2025-12816",
"cwe": {
"id": "CWE-436",
"name": "Interpretation Conflict"
},
"notes": [
{
"category": "summary",
"text": "An interpretation-conflict (CWE-436) vulnerability in node-forge versions 1.3.1 and earlier enables unauthenticated attackers to craft ASN.1 structures to desynchronize schema validations, yielding a semantic divergence that may bypass downstream cryptographic verifications and security decisions.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.0.800 or later version",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-12816"
},
{
"cve": "CVE-2025-15284",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "Improper Input Validation vulnerability in qs (parse modules) allows HTTP DoS.This issue affects qs: \u003c 6.14.1.\n\n\nSummaryThe arrayLimit\u00a0option in qs does not enforce limits for bracket notation (a[]=1\u0026a[]=2), allowing attackers to cause denial-of-service via memory exhaustion. Applications using arrayLimit\u00a0for DoS protection are vulnerable.\n\nDetailsThe arrayLimit\u00a0option only checks limits for indexed notation (a[0]=1\u0026a[1]=2) but completely bypasses it for bracket notation (a[]=1\u0026a[]=2).\n\nVulnerable code\u00a0(lib/parse.js:159-162):\n\nif (root === \u0027[]\u0027 \u0026\u0026 options.parseArrays) {\n obj = utils.combine([], leaf); // No arrayLimit check\n}\n\n\n\n\n\nWorking code\u00a0(lib/parse.js:175):\n\nelse if (index \u003c= options.arrayLimit) { // Limit checked here\n obj = [];\n obj[index] = leaf;\n}\n\n\n\n\n\nThe bracket notation handler at line 159 uses utils.combine([], leaf)\u00a0without validating against options.arrayLimit, while indexed notation at line 175 checks index \u003c= options.arrayLimit\u00a0before creating arrays.\n\nPoCTest 1 - Basic bypass:\n\nnpm install qs\n\n\n\n\n\nconst qs = require(\u0027qs\u0027);\nconst result = qs.parse(\u0027a[]=1\u0026a[]=2\u0026a[]=3\u0026a[]=4\u0026a[]=5\u0026a[]=6\u0027, { arrayLimit: 5 });\nconsole.log(result.a.length); // Output: 6 (should be max 5)\n\n\n\n\n\nTest 2 - DoS demonstration:\n\nconst qs = require(\u0027qs\u0027);\nconst attack = \u0027a[]=\u0027 + Array(10000).fill(\u0027x\u0027).join(\u0027\u0026a[]=\u0027);\nconst result = qs.parse(attack, { arrayLimit: 100 });\nconsole.log(result.a.length); // Output: 10000 (should be max 100)\n\n\n\n\n\nConfiguration:\n\n * arrayLimit: 5\u00a0(test 1) or arrayLimit: 100\u00a0(test 2)\n * Use bracket notation: a[]=value\u00a0(not indexed a[0]=value)\n\n\nImpactDenial of Service via memory exhaustion. Affects applications using qs.parse()\u00a0with user-controlled input and arrayLimit\u00a0for protection.\n\nAttack scenario:\n\n * Attacker sends HTTP request: GET /api/search?filters[]=x\u0026filters[]=x\u0026...\u0026filters[]=x\u00a0(100,000+ times)\n * Application parses with qs.parse(query, { arrayLimit: 100 })\n * qs ignores limit, parses all 100,000 elements into array\n * Server memory exhausted \u2192 application crashes or becomes unresponsive\n * Service unavailable for all users\nReal-world impact:\n\n * Single malicious request can crash server\n * No authentication required\n * Easy to automate and scale\n * Affects any endpoint parsing query strings with bracket notation",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.0.800 or later version",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-15284"
},
{
"cve": "CVE-2025-58751",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"category": "summary",
"text": "Vite is a frontend tooling framework for JavaScript. Prior to versions 7.1.5, 7.0.7, 6.3.6, and 5.4.20, files starting with the same name with the public directory were served bypassing the `server.fs` settings. Only apps that explicitly expose the Vite dev server to the network (using --host or `server.host` config option), use the public directory feature (enabled by default), and have a symlink in the public directory are affected. Versions 7.1.5, 7.0.7, 6.3.6, and 5.4.20 fix the issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.0.800 or later version",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-58751"
},
{
"cve": "CVE-2025-58752",
"cwe": {
"id": "CWE-23",
"name": "Relative Path Traversal"
},
"notes": [
{
"category": "summary",
"text": "Vite is a frontend tooling framework for JavaScript. Prior to versions 7.1.5, 7.0.7, 6.3.6, and 5.4.20, any HTML files on the machine were served regardless of the `server.fs` settings. Only apps that explicitly expose the Vite dev server to the network (using --host or server.host config option) and use `appType: \u0027spa\u0027` (default) or `appType: \u0027mpa\u0027` are affected. This vulnerability also affects the preview server. The preview server allowed HTML files not under the output directory to be served. Versions 7.1.5, 7.0.7, 6.3.6, and 5.4.20 fix the issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.0.800 or later version",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-58752"
},
{
"cve": "CVE-2025-58754",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "summary",
"text": "Axios is a promise based HTTP client for the browser and Node.js. When Axios starting in version 0.28.0 and prior to versions 0.30.2 and 1.12.0 runs on Node.js and is given a URL with the `data:` scheme, it does not perform HTTP. Instead, its Node http adapter decodes the entire payload into memory (`Buffer`/`Blob`) and returns a synthetic 200 response. This path ignores `maxContentLength` / `maxBodyLength` (which only protect HTTP responses), so an attacker can supply a very large `data:` URI and cause the process to allocate unbounded memory and crash (DoS), even if the caller requested `responseType: \u0027stream\u0027`. Versions 0.30.2 and 1.12.0 contain a patch for the issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.0.800 or later version",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-58754"
},
{
"cve": "CVE-2025-62522",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"category": "summary",
"text": "Vite is a frontend tooling framework for JavaScript. In versions from 2.9.18 to before 3.0.0, 3.2.9 to before 4.0.0, 4.5.3 to before 5.0.0, 5.2.6 to before 5.4.21, 6.0.0 to before 6.4.1, 7.0.0 to before 7.0.8, and 7.1.0 to before 7.1.11, files denied by server.fs.deny were sent if the URL ended with \\ when the dev server is running on Windows. Only apps explicitly exposing the Vite dev server to the network and running the dev server on Windows were affected. This issue has been patched in versions 5.4.21, 6.4.1, 7.0.8, and 7.1.11.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.0.800 or later version",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-62522"
},
{
"cve": "CVE-2025-64718",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"notes": [
{
"category": "summary",
"text": "js-yaml is a JavaScript YAML parser and dumper. In js-yaml before 4.1.1 and 3.14.2, it\u0027s possible for an attacker to modify the prototype of the result of a parsed yaml document via prototype pollution (`__proto__`). All users who parse untrusted yaml documents may be impacted. The problem is patched in js-yaml 4.1.1 and 3.14.2. Users can protect against this kind of attack on the server by using `node --disable-proto=delete` or `deno` (in Deno, pollution protection is on by default).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.0.800 or later version",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-64718"
},
{
"cve": "CVE-2025-64756",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"notes": [
{
"category": "summary",
"text": "Glob matches files using patterns the shell uses. Starting in version 10.2.0 and prior to versions 10.5.0 and 11.1.0, the glob CLI contains a command injection vulnerability in its -c/--cmd option that allows arbitrary command execution when processing files with malicious names. When glob -c \u003ccommand\u003e \u003cpatterns\u003e are used, matched filenames are passed to a shell with shell: true, enabling shell metacharacters in filenames to trigger command injection and achieve arbitrary code execution under the user or CI account privileges. This issue has been patched in versions 10.5.0 and 11.1.0.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.0.800 or later version",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-64756"
},
{
"cve": "CVE-2025-66030",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "summary",
"text": "Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Integer Overflow vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft ASN.1 structures containing OIDs with oversized arcs. These arcs may be decoded as smaller, trusted OIDs due to 32-bit bitwise truncation, enabling the bypass of downstream OID-based security decisions. This issue has been patched in version 1.3.2.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.0.800 or later version",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-66030"
},
{
"cve": "CVE-2025-66031",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"notes": [
{
"category": "summary",
"text": "Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Uncontrolled Recursion vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft deep ASN.1 structures that trigger unbounded recursive parsing. This leads to a Denial-of-Service (DoS) via stack exhaustion when parsing untrusted DER inputs. This issue has been patched in version 1.3.2.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.0.800 or later version",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-66031"
},
{
"cve": "CVE-2025-66035",
"cwe": {
"id": "CWE-201",
"name": "Insertion of Sensitive Information Into Sent Data"
},
"notes": [
{
"category": "summary",
"text": "Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.16, 20.3.14, and 21.0.1, there is a XSRF token leakage via protocol-relative URLs in angular HTTP clients. The vulnerability is a Credential Leak by App Logic that leads to the unauthorized disclosure of the Cross-Site Request Forgery (XSRF) token to an attacker-controlled domain. Angular\u0027s HttpClient has a built-in XSRF protection mechanism that works by checking if a request URL starts with a protocol (http:// or https://) to determine if it is cross-origin. If the URL starts with protocol-relative URL (//), it is incorrectly treated as a same-origin request, and the XSRF token is automatically added to the X-XSRF-TOKEN header. This issue has been patched in versions 19.2.16, 20.3.14, and 21.0.1. A workaround for this issue involves avoiding using protocol-relative URLs (URLs starting with //) in HttpClient requests. All backend communication URLs should be hardcoded as relative paths (starting with a single /) or fully qualified, trusted absolute URLs.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.0.800 or later version",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-66035"
},
{
"cve": "CVE-2025-66412",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "summary",
"text": "Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 21.0.2, 20.3.15, and 19.2.17, A Stored Cross-Site Scripting (XSS) vulnerability has been identified in the Angular Template Compiler. It occurs because the compiler\u0027s internal security schema is incomplete, allowing attackers to bypass Angular\u0027s built-in security sanitization. Specifically, the schema fails to classify certain URL-holding attributes (e.g., those that could contain javascript: URLs) as requiring strict URL security, enabling the injection of malicious scripts. This vulnerability is fixed in 21.0.2, 20.3.15, and 19.2.17.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.0.800 or later version",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-66412"
},
{
"cve": "CVE-2025-69277",
"cwe": {
"id": "CWE-184",
"name": "Incomplete List of Disallowed Inputs"
},
"notes": [
{
"category": "summary",
"text": "libsodium before ad3004e, in atypical use cases involving certain custom cryptography or untrusted data to crypto_core_ed25519_is_valid_point, mishandles checks for whether an elliptic curve point is valid because it sometimes allows points that aren\u0027t in the main cryptographic group.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.0.800 or later version",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-69277"
},
{
"cve": "CVE-2026-22610",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "summary",
"text": "Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.18, 20.3.16, 21.0.7, and 21.1.0-rc.0, a cross-site scripting (XSS) vulnerability has been identified in the Angular Template Compiler. The vulnerability exists because Angular\u2019s internal sanitization schema fails to recognize the href and xlink:href attributes of SVG \u003cscript\u003e elements as a Resource URL context. This issue has been patched in versions 19.2.18, 20.3.16, 21.0.7, and 21.1.0-rc.0.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.0.800 or later version",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2026-22610"
}
]
}
WID-SEC-W-2024-1031
Vulnerability from csaf_certbund - Published: 2024-05-05 22:00 - Updated: 2025-10-05 22:00Summary
Bouncy Castle: Mehrere Schwachstellen
Severity
Mittel
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Bouncy Castle ist eine Kryptographie-API für Java.
Angriff: Ein anonymer Angreifer kann mehrere Schwachstellen in Bouncy Castle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen oder einen DNS-Poisoning-Angriff durchzuführen.
Betroffene Betriebssysteme: - Linux
Affected products
Known affected
29 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Storage Scale 5.1.0.0-5.1.9.4
IBM / Storage Scale
|
cpe:/a:ibm:spectrum_scale:5.1.0.0_-_5.1.9.4
|
5.1.0.0-5.1.9.4 | |
|
NetApp ActiveIQ Unified Manager for VMware vSphere
NetApp / ActiveIQ Unified Manager
|
cpe:/a:netapp:active_iq_unified_manager:for_vmware_vsphere
|
for VMware vSphere | |
|
SAS Institute Base SAS <9.4M9 (TS1M9)
SAS Institute / Base SAS
|
<9.4M9 (TS1M9) | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp / ActiveIQ Unified Manager
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP9
IBM / QRadar SIEM
|
<7.5.0 UP9 | ||
|
Atlassian Bitbucket
Atlassian / Bitbucket
|
cpe:/a:atlassian:bitbucket:-
|
— | |
|
NetApp ActiveIQ Unified Manager for Microsoft Windows
NetApp / ActiveIQ Unified Manager
|
cpe:/a:netapp:active_iq_unified_manager:for_microsoft_windows
|
for Microsoft Windows | |
|
IBM License Metric Tool 9.2
IBM / License Metric Tool
|
cpe:/a:ibm:license_metric_tool:9.2
|
9.2 | |
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
RealObjects PDFreactor <11.6.12
RealObjects / PDFreactor
|
<11.6.12 | ||
|
Open Source Bouncy Castle <1.78.1
Open Source / Bouncy Castle
|
<1.78.1 | ||
|
Atlassian Confluence <7.19.26
Atlassian / Confluence
|
<7.19.26 | ||
|
IBM SPSS Collaboration and Deployment Services 8.5
IBM / SPSS
|
cpe:/a:ibm:spss:collaboration_and_deployment_services_8.5
|
Collaboration and Deployment Services 8.5 | |
|
Hitachi Ops Center
Hitachi
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
Atlassian Confluence <9.0.1
Atlassian / Confluence
|
<9.0.1 | ||
|
NetApp ActiveIQ Unified Manager for Linux
NetApp / ActiveIQ Unified Manager
|
cpe:/a:netapp:active_iq_unified_manager:for_linux
|
for Linux | |
|
IBM Security Guardium
IBM
|
cpe:/a:ibm:security_guardium:-
|
— | |
|
Atlassian Confluence <8.9.4
Atlassian / Confluence
|
<8.9.4 | ||
|
Atlassian Confluence <8.5.12
Atlassian / Confluence
|
<8.5.12 | ||
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
IBM Storage Scale <5.2.1.0
IBM / Storage Scale
|
<5.2.1.0 | ||
|
IBM Storage Scale <5.1.9.5
IBM / Storage Scale
|
<5.1.9.5 | ||
|
IBM DB2
IBM
|
cpe:/a:ibm:db2:-
|
— | |
|
IBM Tivoli Key Lifecycle Manager
IBM
|
cpe:/a:ibm:tivoli_key_lifecycle_manager:-
|
— | |
|
Atlassian Bitbucket <8.9.26
Atlassian / Bitbucket
|
<8.9.26 | ||
|
Atlassian Bitbucket <8.19.16
Atlassian / Bitbucket
|
<8.19.16 | ||
|
Atlassian Bitbucket <9.4.4
Atlassian / Bitbucket
|
<9.4.4 | ||
|
Atlassian Bitbucket <9.5.2
Atlassian / Bitbucket
|
<9.5.2 |
Affected products
Known affected
29 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Storage Scale 5.1.0.0-5.1.9.4
IBM / Storage Scale
|
cpe:/a:ibm:spectrum_scale:5.1.0.0_-_5.1.9.4
|
5.1.0.0-5.1.9.4 | |
|
NetApp ActiveIQ Unified Manager for VMware vSphere
NetApp / ActiveIQ Unified Manager
|
cpe:/a:netapp:active_iq_unified_manager:for_vmware_vsphere
|
for VMware vSphere | |
|
SAS Institute Base SAS <9.4M9 (TS1M9)
SAS Institute / Base SAS
|
<9.4M9 (TS1M9) | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp / ActiveIQ Unified Manager
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP9
IBM / QRadar SIEM
|
<7.5.0 UP9 | ||
|
Atlassian Bitbucket
Atlassian / Bitbucket
|
cpe:/a:atlassian:bitbucket:-
|
— | |
|
NetApp ActiveIQ Unified Manager for Microsoft Windows
NetApp / ActiveIQ Unified Manager
|
cpe:/a:netapp:active_iq_unified_manager:for_microsoft_windows
|
for Microsoft Windows | |
|
IBM License Metric Tool 9.2
IBM / License Metric Tool
|
cpe:/a:ibm:license_metric_tool:9.2
|
9.2 | |
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
RealObjects PDFreactor <11.6.12
RealObjects / PDFreactor
|
<11.6.12 | ||
|
Open Source Bouncy Castle <1.78.1
Open Source / Bouncy Castle
|
<1.78.1 | ||
|
Atlassian Confluence <7.19.26
Atlassian / Confluence
|
<7.19.26 | ||
|
IBM SPSS Collaboration and Deployment Services 8.5
IBM / SPSS
|
cpe:/a:ibm:spss:collaboration_and_deployment_services_8.5
|
Collaboration and Deployment Services 8.5 | |
|
Hitachi Ops Center
Hitachi
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
Atlassian Confluence <9.0.1
Atlassian / Confluence
|
<9.0.1 | ||
|
NetApp ActiveIQ Unified Manager for Linux
NetApp / ActiveIQ Unified Manager
|
cpe:/a:netapp:active_iq_unified_manager:for_linux
|
for Linux | |
|
IBM Security Guardium
IBM
|
cpe:/a:ibm:security_guardium:-
|
— | |
|
Atlassian Confluence <8.9.4
Atlassian / Confluence
|
<8.9.4 | ||
|
Atlassian Confluence <8.5.12
Atlassian / Confluence
|
<8.5.12 | ||
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
IBM Storage Scale <5.2.1.0
IBM / Storage Scale
|
<5.2.1.0 | ||
|
IBM Storage Scale <5.1.9.5
IBM / Storage Scale
|
<5.1.9.5 | ||
|
IBM DB2
IBM
|
cpe:/a:ibm:db2:-
|
— | |
|
IBM Tivoli Key Lifecycle Manager
IBM
|
cpe:/a:ibm:tivoli_key_lifecycle_manager:-
|
— | |
|
Atlassian Bitbucket <8.9.26
Atlassian / Bitbucket
|
<8.9.26 | ||
|
Atlassian Bitbucket <8.19.16
Atlassian / Bitbucket
|
<8.19.16 | ||
|
Atlassian Bitbucket <9.4.4
Atlassian / Bitbucket
|
<9.4.4 | ||
|
Atlassian Bitbucket <9.5.2
Atlassian / Bitbucket
|
<9.5.2 |
Affected products
Known affected
29 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Storage Scale 5.1.0.0-5.1.9.4
IBM / Storage Scale
|
cpe:/a:ibm:spectrum_scale:5.1.0.0_-_5.1.9.4
|
5.1.0.0-5.1.9.4 | |
|
NetApp ActiveIQ Unified Manager for VMware vSphere
NetApp / ActiveIQ Unified Manager
|
cpe:/a:netapp:active_iq_unified_manager:for_vmware_vsphere
|
for VMware vSphere | |
|
SAS Institute Base SAS <9.4M9 (TS1M9)
SAS Institute / Base SAS
|
<9.4M9 (TS1M9) | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp / ActiveIQ Unified Manager
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP9
IBM / QRadar SIEM
|
<7.5.0 UP9 | ||
|
Atlassian Bitbucket
Atlassian / Bitbucket
|
cpe:/a:atlassian:bitbucket:-
|
— | |
|
NetApp ActiveIQ Unified Manager for Microsoft Windows
NetApp / ActiveIQ Unified Manager
|
cpe:/a:netapp:active_iq_unified_manager:for_microsoft_windows
|
for Microsoft Windows | |
|
IBM License Metric Tool 9.2
IBM / License Metric Tool
|
cpe:/a:ibm:license_metric_tool:9.2
|
9.2 | |
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
RealObjects PDFreactor <11.6.12
RealObjects / PDFreactor
|
<11.6.12 | ||
|
Open Source Bouncy Castle <1.78.1
Open Source / Bouncy Castle
|
<1.78.1 | ||
|
Atlassian Confluence <7.19.26
Atlassian / Confluence
|
<7.19.26 | ||
|
IBM SPSS Collaboration and Deployment Services 8.5
IBM / SPSS
|
cpe:/a:ibm:spss:collaboration_and_deployment_services_8.5
|
Collaboration and Deployment Services 8.5 | |
|
Hitachi Ops Center
Hitachi
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
Atlassian Confluence <9.0.1
Atlassian / Confluence
|
<9.0.1 | ||
|
NetApp ActiveIQ Unified Manager for Linux
NetApp / ActiveIQ Unified Manager
|
cpe:/a:netapp:active_iq_unified_manager:for_linux
|
for Linux | |
|
IBM Security Guardium
IBM
|
cpe:/a:ibm:security_guardium:-
|
— | |
|
Atlassian Confluence <8.9.4
Atlassian / Confluence
|
<8.9.4 | ||
|
Atlassian Confluence <8.5.12
Atlassian / Confluence
|
<8.5.12 | ||
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
IBM Storage Scale <5.2.1.0
IBM / Storage Scale
|
<5.2.1.0 | ||
|
IBM Storage Scale <5.1.9.5
IBM / Storage Scale
|
<5.1.9.5 | ||
|
IBM DB2
IBM
|
cpe:/a:ibm:db2:-
|
— | |
|
IBM Tivoli Key Lifecycle Manager
IBM
|
cpe:/a:ibm:tivoli_key_lifecycle_manager:-
|
— | |
|
Atlassian Bitbucket <8.9.26
Atlassian / Bitbucket
|
<8.9.26 | ||
|
Atlassian Bitbucket <8.19.16
Atlassian / Bitbucket
|
<8.19.16 | ||
|
Atlassian Bitbucket <9.4.4
Atlassian / Bitbucket
|
<9.4.4 | ||
|
Atlassian Bitbucket <9.5.2
Atlassian / Bitbucket
|
<9.5.2 |
Affected products
Known affected
29 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Storage Scale 5.1.0.0-5.1.9.4
IBM / Storage Scale
|
cpe:/a:ibm:spectrum_scale:5.1.0.0_-_5.1.9.4
|
5.1.0.0-5.1.9.4 | |
|
NetApp ActiveIQ Unified Manager for VMware vSphere
NetApp / ActiveIQ Unified Manager
|
cpe:/a:netapp:active_iq_unified_manager:for_vmware_vsphere
|
for VMware vSphere | |
|
SAS Institute Base SAS <9.4M9 (TS1M9)
SAS Institute / Base SAS
|
<9.4M9 (TS1M9) | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp / ActiveIQ Unified Manager
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP9
IBM / QRadar SIEM
|
<7.5.0 UP9 | ||
|
Atlassian Bitbucket
Atlassian / Bitbucket
|
cpe:/a:atlassian:bitbucket:-
|
— | |
|
NetApp ActiveIQ Unified Manager for Microsoft Windows
NetApp / ActiveIQ Unified Manager
|
cpe:/a:netapp:active_iq_unified_manager:for_microsoft_windows
|
for Microsoft Windows | |
|
IBM License Metric Tool 9.2
IBM / License Metric Tool
|
cpe:/a:ibm:license_metric_tool:9.2
|
9.2 | |
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
RealObjects PDFreactor <11.6.12
RealObjects / PDFreactor
|
<11.6.12 | ||
|
Open Source Bouncy Castle <1.78.1
Open Source / Bouncy Castle
|
<1.78.1 | ||
|
Atlassian Confluence <7.19.26
Atlassian / Confluence
|
<7.19.26 | ||
|
IBM SPSS Collaboration and Deployment Services 8.5
IBM / SPSS
|
cpe:/a:ibm:spss:collaboration_and_deployment_services_8.5
|
Collaboration and Deployment Services 8.5 | |
|
Hitachi Ops Center
Hitachi
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
Atlassian Confluence <9.0.1
Atlassian / Confluence
|
<9.0.1 | ||
|
NetApp ActiveIQ Unified Manager for Linux
NetApp / ActiveIQ Unified Manager
|
cpe:/a:netapp:active_iq_unified_manager:for_linux
|
for Linux | |
|
IBM Security Guardium
IBM
|
cpe:/a:ibm:security_guardium:-
|
— | |
|
Atlassian Confluence <8.9.4
Atlassian / Confluence
|
<8.9.4 | ||
|
Atlassian Confluence <8.5.12
Atlassian / Confluence
|
<8.5.12 | ||
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
IBM Storage Scale <5.2.1.0
IBM / Storage Scale
|
<5.2.1.0 | ||
|
IBM Storage Scale <5.1.9.5
IBM / Storage Scale
|
<5.1.9.5 | ||
|
IBM DB2
IBM
|
cpe:/a:ibm:db2:-
|
— | |
|
IBM Tivoli Key Lifecycle Manager
IBM
|
cpe:/a:ibm:tivoli_key_lifecycle_manager:-
|
— | |
|
Atlassian Bitbucket <8.9.26
Atlassian / Bitbucket
|
<8.9.26 | ||
|
Atlassian Bitbucket <8.19.16
Atlassian / Bitbucket
|
<8.19.16 | ||
|
Atlassian Bitbucket <9.4.4
Atlassian / Bitbucket
|
<9.4.4 | ||
|
Atlassian Bitbucket <9.5.2
Atlassian / Bitbucket
|
<9.5.2 |
References
37 references
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Bouncy Castle ist eine Kryptographie-API f\u00fcr Java.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein anonymer Angreifer kann mehrere Schwachstellen in Bouncy Castle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen oder einen DNS-Poisoning-Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-1031 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1031.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-1031 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1031"
},
{
"category": "external",
"summary": "Bouncy Castle Release Notes vom 2024-05-05",
"url": "https://www.bouncycastle.org/latest_releases.html#LATEST"
},
{
"category": "external",
"summary": "Red Hat Bugzilla vom 2024-05-05",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2279227"
},
{
"category": "external",
"summary": "GitHub Advisory Database vom 2024-05-05",
"url": "https://github.com/advisories/GHSA-4h8f-2wvx-gg5w"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1539-1 vom 2024-05-11",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/QZZU3EK7MCVS5TGBQL47TPFRCL6XR25J/"
},
{
"category": "external",
"summary": "PDFreactor 11 Hotfix Release vom 2024-06-13",
"url": "https://www.pdfreactor.com/pdfreactor-11-hotfix-release-11-6-12-now-available/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1539-2 vom 2024-06-18",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/NCEDYUZRBIYFFW6ATWOW33BSWPBY2U52/"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7158960 vom 2024-06-27",
"url": "https://www.ibm.com/support/pages/node/7158960"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4271 vom 2024-07-03",
"url": "https://access.redhat.com/errata/RHSA-2024:4271"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4173 vom 2024-07-08",
"url": "https://access.redhat.com/errata/RHSA-2024:4173"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7159714 vom 2024-07-05",
"url": "https://www.ibm.com/support/pages/node/7159714"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4505 vom 2024-07-11",
"url": "https://access.redhat.com/errata/RHSA-2024:4505"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7160134 vom 2024-07-12",
"url": "https://www.ibm.com/support/pages/node/7160134"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4326 vom 2024-07-14",
"url": "https://access.redhat.com/errata/RHSA-2024:4326"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4884 vom 2024-07-26",
"url": "https://access.redhat.com/errata/RHSA-2024:4884"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:5143 vom 2024-08-09",
"url": "https://access.redhat.com/errata/RHSA-2024:5143"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:5144 vom 2024-08-09",
"url": "https://access.redhat.com/errata/RHSA-2024:5144"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:5147 vom 2024-08-09",
"url": "https://access.redhat.com/errata/RHSA-2024:5147"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:5145 vom 2024-08-09",
"url": "https://access.redhat.com/errata/RHSA-2024:5145"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7165340 vom 2024-08-13",
"url": "https://www.ibm.com/support/pages/node/7165340"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:5482 vom 2024-08-16",
"url": "https://access.redhat.com/errata/RHSA-2024:5482"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:5481 vom 2024-08-16",
"url": "https://access.redhat.com/errata/RHSA-2024:5481"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:5479 vom 2024-08-16",
"url": "https://access.redhat.com/errata/RHSA-2024:5479"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7166617 vom 2024-08-26",
"url": "https://www.ibm.com/support/pages/node/7166617"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7167111 vom 2024-09-03",
"url": "https://www.ibm.com/support/pages/node/7167111"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7168235 vom 2024-09-12",
"url": "https://www.ibm.com/support/pages/node/7168235"
},
{
"category": "external",
"summary": "Confluence Data Center Advisory",
"url": "https://jira.atlassian.com/browse/CONFSERVER-97723"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7168754 vom 2024-09-17",
"url": "https://www.ibm.com/support/pages/node/7168754"
},
{
"category": "external",
"summary": "Atlassian November 2024 Security Bulletin vom 2024-11-19",
"url": "https://confluence.atlassian.com/pages/viewpage.action?pageId=1456179091"
},
{
"category": "external",
"summary": "NetApp Security Advisory NTAP-20241206-0008 vom 2024-12-06",
"url": "https://security.netapp.com/advisory/ntap-20241206-0008/"
},
{
"category": "external",
"summary": "Hitachi Vulnerability Information HITACHI-SEC-2024-152 vom 2024-12-17",
"url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2024-152/index.html"
},
{
"category": "external",
"summary": "Atlassian Security Bulletin",
"url": "https://confluence.atlassian.com/security/security-bulletin-march-18-2025-1527943363.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7229444 vom 2025-03-28",
"url": "https://www.ibm.com/support/pages/node/7229444"
},
{
"category": "external",
"summary": "NetApp Security Advisory NTAP-20240614-0007 vom 2025-07-02",
"url": "https://security.netapp.com/advisory/NTAP-20240614-0007"
},
{
"category": "external",
"summary": "NetApp Security Advisory NTAP-20240614-0008 vom 2025-08-20",
"url": "https://security.netapp.com/advisory/NTAP-20240614-0008"
},
{
"category": "external",
"summary": "SAS Security Update vom 2025-10-02",
"url": "https://support.sas.com/en/security-bulletins/sas-security-update-for-sas-94m9-ts1m9.html"
}
],
"source_lang": "en-US",
"title": "Bouncy Castle: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-10-05T22:00:00.000+00:00",
"generator": {
"date": "2025-10-06T09:13:30.826+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2024-1031",
"initial_release_date": "2024-05-05T22:00:00.000+00:00",
"revision_history": [
{
"date": "2024-05-05T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2024-05-12T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-06-12T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2024-06-18T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-06-26T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-07-02T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-07-07T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Red Hat und IBM aufgenommen"
},
{
"date": "2024-07-11T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-07-14T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-07-25T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-08-08T22:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-08-13T22:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-08-15T22:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-08-25T22:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-09-03T22:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-09-11T22:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-09-17T22:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-11-19T23:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2024-12-05T23:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von NetApp aufgenommen"
},
{
"date": "2024-12-17T23:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von HITACHI aufgenommen"
},
{
"date": "2025-03-18T23:00:00.000+00:00",
"number": "21",
"summary": "Neue Updates von Atlassian aufgenommen"
},
{
"date": "2025-03-30T22:00:00.000+00:00",
"number": "22",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-07-01T22:00:00.000+00:00",
"number": "23",
"summary": "Neue Updates von NetApp aufgenommen"
},
{
"date": "2025-08-19T22:00:00.000+00:00",
"number": "24",
"summary": "Neue Updates von NetApp aufgenommen"
},
{
"date": "2025-10-05T22:00:00.000+00:00",
"number": "25",
"summary": "Neue Updates aufgenommen"
}
],
"status": "final",
"version": "25"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Atlassian Bitbucket",
"product": {
"name": "Atlassian Bitbucket",
"product_id": "T021356",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bitbucket:-"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.5.2",
"product": {
"name": "Atlassian Bitbucket \u003c9.5.2",
"product_id": "T041970"
}
},
{
"category": "product_version",
"name": "9.5.2",
"product": {
"name": "Atlassian Bitbucket 9.5.2",
"product_id": "T041970-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bitbucket:9.5.2"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.4.4",
"product": {
"name": "Atlassian Bitbucket \u003c9.4.4",
"product_id": "T041971"
}
},
{
"category": "product_version",
"name": "9.4.4",
"product": {
"name": "Atlassian Bitbucket 9.4.4",
"product_id": "T041971-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bitbucket:9.4.4"
}
}
},
{
"category": "product_version_range",
"name": "\u003c8.19.16",
"product": {
"name": "Atlassian Bitbucket \u003c8.19.16",
"product_id": "T041972"
}
},
{
"category": "product_version",
"name": "8.19.16",
"product": {
"name": "Atlassian Bitbucket 8.19.16",
"product_id": "T041972-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bitbucket:8.19.16"
}
}
},
{
"category": "product_version_range",
"name": "\u003c8.9.26",
"product": {
"name": "Atlassian Bitbucket \u003c8.9.26",
"product_id": "T041973"
}
},
{
"category": "product_version",
"name": "8.9.26",
"product": {
"name": "Atlassian Bitbucket 8.9.26",
"product_id": "T041973-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bitbucket:8.9.26"
}
}
}
],
"category": "product_name",
"name": "Bitbucket"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c8.9.4",
"product": {
"name": "Atlassian Confluence \u003c8.9.4",
"product_id": "T036294"
}
},
{
"category": "product_version",
"name": "8.9.4",
"product": {
"name": "Atlassian Confluence 8.9.4",
"product_id": "T036294-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:confluence:data_center__8.9.4"
}
}
},
{
"category": "product_version_range",
"name": "\u003c8.5.12",
"product": {
"name": "Atlassian Confluence \u003c8.5.12",
"product_id": "T036295"
}
},
{
"category": "product_version",
"name": "8.5.12",
"product": {
"name": "Atlassian Confluence 8.5.12",
"product_id": "T036295-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:confluence:data_center_and_server__8.5.12"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.0.1",
"product": {
"name": "Atlassian Confluence \u003c9.0.1",
"product_id": "T036970"
}
},
{
"category": "product_version",
"name": "9.0.1",
"product": {
"name": "Atlassian Confluence 9.0.1",
"product_id": "T036970-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:confluence:9.0.1"
}
}
},
{
"category": "product_version_range",
"name": "\u003c7.19.26",
"product": {
"name": "Atlassian Confluence \u003c7.19.26",
"product_id": "T036972"
}
},
{
"category": "product_version",
"name": "7.19.26",
"product": {
"name": "Atlassian Confluence 7.19.26",
"product_id": "T036972-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:confluence:7.19.26"
}
}
}
],
"category": "product_name",
"name": "Confluence"
}
],
"category": "vendor",
"name": "Atlassian"
},
{
"branches": [
{
"category": "product_name",
"name": "Hitachi Ops Center",
"product": {
"name": "Hitachi Ops Center",
"product_id": "T017562",
"product_identification_helper": {
"cpe": "cpe:/a:hitachi:ops_center:-"
}
}
}
],
"category": "vendor",
"name": "Hitachi"
},
{
"branches": [
{
"category": "product_name",
"name": "IBM DB2",
"product": {
"name": "IBM DB2",
"product_id": "5104",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:db2:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "9.2",
"product": {
"name": "IBM License Metric Tool 9.2",
"product_id": "T031605",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:license_metric_tool:9.2"
}
}
}
],
"category": "product_name",
"name": "License Metric Tool"
},
{
"category": "product_name",
"name": "IBM MQ",
"product": {
"name": "IBM MQ",
"product_id": "T021398",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:mq:-"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c7.5.0 UP9",
"product": {
"name": "IBM QRadar SIEM \u003c7.5.0 UP9",
"product_id": "T036127"
}
},
{
"category": "product_version",
"name": "7.5.0 UP9",
"product": {
"name": "IBM QRadar SIEM 7.5.0 UP9",
"product_id": "T036127-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:qradar_siem:7.5.0_up9"
}
}
}
],
"category": "product_name",
"name": "QRadar SIEM"
},
{
"branches": [
{
"category": "product_version",
"name": "Collaboration and Deployment Services 8.5",
"product": {
"name": "IBM SPSS Collaboration and Deployment Services 8.5",
"product_id": "T038750",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:spss:collaboration_and_deployment_services_8.5"
}
}
}
],
"category": "product_name",
"name": "SPSS"
},
{
"category": "product_name",
"name": "IBM Security Guardium",
"product": {
"name": "IBM Security Guardium",
"product_id": "T021345",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:security_guardium:-"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c5.2.1.0",
"product": {
"name": "IBM Storage Scale \u003c5.2.1.0",
"product_id": "T037080"
}
},
{
"category": "product_version",
"name": "5.2.1.0",
"product": {
"name": "IBM Storage Scale 5.2.1.0",
"product_id": "T037080-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:spectrum_scale:5.2.1.0"
}
}
},
{
"category": "product_version_range",
"name": "\u003c5.1.9.5",
"product": {
"name": "IBM Storage Scale \u003c5.1.9.5",
"product_id": "T037081"
}
},
{
"category": "product_version",
"name": "5.1.9.5",
"product": {
"name": "IBM Storage Scale 5.1.9.5",
"product_id": "T037081-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:spectrum_scale:5.1.9.5"
}
}
},
{
"category": "product_version",
"name": "5.1.0.0-5.1.9.4",
"product": {
"name": "IBM Storage Scale 5.1.0.0-5.1.9.4",
"product_id": "T037717",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:spectrum_scale:5.1.0.0_-_5.1.9.4"
}
}
}
],
"category": "product_name",
"name": "Storage Scale"
},
{
"category": "product_name",
"name": "IBM Tivoli Key Lifecycle Manager",
"product": {
"name": "IBM Tivoli Key Lifecycle Manager",
"product_id": "T026238",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_key_lifecycle_manager:-"
}
}
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "for Linux",
"product": {
"name": "NetApp ActiveIQ Unified Manager for Linux",
"product_id": "T023548",
"product_identification_helper": {
"cpe": "cpe:/a:netapp:active_iq_unified_manager:for_linux"
}
}
},
{
"category": "product_version",
"name": "for VMware vSphere",
"product": {
"name": "NetApp ActiveIQ Unified Manager for VMware vSphere",
"product_id": "T025152",
"product_identification_helper": {
"cpe": "cpe:/a:netapp:active_iq_unified_manager:for_vmware_vsphere"
}
}
},
{
"category": "product_version",
"name": "for Microsoft Windows",
"product": {
"name": "NetApp ActiveIQ Unified Manager for Microsoft Windows",
"product_id": "T025631",
"product_identification_helper": {
"cpe": "cpe:/a:netapp:active_iq_unified_manager:for_microsoft_windows"
}
}
},
{
"category": "product_name",
"name": "NetApp ActiveIQ Unified Manager",
"product": {
"name": "NetApp ActiveIQ Unified Manager",
"product_id": "T032260",
"product_identification_helper": {
"cpe": "cpe:/a:netapp:active_iq_unified_manager:-"
}
}
}
],
"category": "product_name",
"name": "ActiveIQ Unified Manager"
}
],
"category": "vendor",
"name": "NetApp"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c1.78.1",
"product": {
"name": "Open Source Bouncy Castle \u003c1.78.1",
"product_id": "T034537"
}
},
{
"category": "product_version",
"name": "1.78.1",
"product": {
"name": "Open Source Bouncy Castle 1.78.1",
"product_id": "T034537-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.78.1"
}
}
}
],
"category": "product_name",
"name": "Bouncy Castle"
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c11.6.12",
"product": {
"name": "RealObjects PDFreactor \u003c11.6.12",
"product_id": "T035425"
}
},
{
"category": "product_version",
"name": "11.6.12",
"product": {
"name": "RealObjects PDFreactor 11.6.12",
"product_id": "T035425-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:realobjects:pdfreactor:11.6.12"
}
}
}
],
"category": "product_name",
"name": "PDFreactor"
}
],
"category": "vendor",
"name": "RealObjects"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c9.4M9 (TS1M9)",
"product": {
"name": "SAS Institute Base SAS \u003c9.4M9 (TS1M9)",
"product_id": "T047382"
}
},
{
"category": "product_version",
"name": "9.4M9 (TS1M9)",
"product": {
"name": "SAS Institute Base SAS 9.4M9 (TS1M9)",
"product_id": "T047382-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:sas:base_sas:9.4m9_%28ts1m9%29"
}
}
}
],
"category": "product_name",
"name": "Base SAS"
}
],
"category": "vendor",
"name": "SAS Institute"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-29857",
"product_status": {
"known_affected": [
"T037717",
"T025152",
"T047382",
"67646",
"T032260",
"T036127",
"T021356",
"T025631",
"T031605",
"T021398",
"T035425",
"T034537",
"T036972",
"T038750",
"T017562",
"T036970",
"T023548",
"T021345",
"T036294",
"T036295",
"T002207",
"T037080",
"T037081",
"5104",
"T026238",
"T041973",
"T041972",
"T041971",
"T041970"
]
},
"release_date": "2024-05-05T22:00:00.000+00:00",
"title": "CVE-2024-29857"
},
{
"cve": "CVE-2024-30171",
"product_status": {
"known_affected": [
"T037717",
"T025152",
"T047382",
"67646",
"T032260",
"T036127",
"T021356",
"T025631",
"T031605",
"T021398",
"T035425",
"T034537",
"T036972",
"T038750",
"T017562",
"T036970",
"T023548",
"T021345",
"T036294",
"T036295",
"T002207",
"T037080",
"T037081",
"5104",
"T026238",
"T041973",
"T041972",
"T041971",
"T041970"
]
},
"release_date": "2024-05-05T22:00:00.000+00:00",
"title": "CVE-2024-30171"
},
{
"cve": "CVE-2024-30172",
"product_status": {
"known_affected": [
"T037717",
"T025152",
"T047382",
"67646",
"T032260",
"T036127",
"T021356",
"T025631",
"T031605",
"T021398",
"T035425",
"T034537",
"T036972",
"T038750",
"T017562",
"T036970",
"T023548",
"T021345",
"T036294",
"T036295",
"T002207",
"T037080",
"T037081",
"5104",
"T026238",
"T041973",
"T041972",
"T041971",
"T041970"
]
},
"release_date": "2024-05-05T22:00:00.000+00:00",
"title": "CVE-2024-30172"
},
{
"cve": "CVE-2024-34447",
"product_status": {
"known_affected": [
"T037717",
"T025152",
"T047382",
"67646",
"T032260",
"T036127",
"T021356",
"T025631",
"T031605",
"T021398",
"T035425",
"T034537",
"T036972",
"T038750",
"T017562",
"T036970",
"T023548",
"T021345",
"T036294",
"T036295",
"T002207",
"T037080",
"T037081",
"5104",
"T026238",
"T041973",
"T041972",
"T041971",
"T041970"
]
},
"release_date": "2024-05-05T22:00:00.000+00:00",
"title": "CVE-2024-34447"
}
]
}
WID-SEC-W-2024-1637
Vulnerability from csaf_certbund - Published: 2024-07-16 22:00 - Updated: 2025-03-05 23:00Summary
Oracle Fusion Middleware: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Oracle Fusion Middleware bündelt mehrere Produkte zur Erstellung, Betrieb und Management von intelligenten Business Anwendungen.
Angriff: Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Fusion Middleware ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme: - Sonstiges
- UNIX
- Windows
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM FileNet Content Manager 5.5.8
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.5.8
|
5.5.8 | |
|
IBM FileNet Content Manager 5.6.0
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.6.0
|
5.6.0 | |
|
IBM FileNet Content Manager 5.5.12
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.5.12
|
5.5.12 | |
|
Oracle Fusion Middleware 12.2.1.19.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.19.0
|
12.2.1.19.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM FileNet Content Manager 5.5.8
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.5.8
|
5.5.8 | |
|
IBM FileNet Content Manager 5.6.0
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.6.0
|
5.6.0 | |
|
IBM FileNet Content Manager 5.5.12
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.5.12
|
5.5.12 | |
|
Oracle Fusion Middleware 12.2.1.19.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.19.0
|
12.2.1.19.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM FileNet Content Manager 5.5.8
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.5.8
|
5.5.8 | |
|
IBM FileNet Content Manager 5.6.0
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.6.0
|
5.6.0 | |
|
IBM FileNet Content Manager 5.5.12
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.5.12
|
5.5.12 | |
|
Oracle Fusion Middleware 12.2.1.19.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.19.0
|
12.2.1.19.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM FileNet Content Manager 5.5.8
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.5.8
|
5.5.8 | |
|
IBM FileNet Content Manager 5.6.0
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.6.0
|
5.6.0 | |
|
IBM FileNet Content Manager 5.5.12
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.5.12
|
5.5.12 | |
|
Oracle Fusion Middleware 12.2.1.19.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.19.0
|
12.2.1.19.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM FileNet Content Manager 5.5.8
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.5.8
|
5.5.8 | |
|
IBM FileNet Content Manager 5.6.0
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.6.0
|
5.6.0 | |
|
IBM FileNet Content Manager 5.5.12
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.5.12
|
5.5.12 | |
|
Oracle Fusion Middleware 12.2.1.19.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.19.0
|
12.2.1.19.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM FileNet Content Manager 5.5.8
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.5.8
|
5.5.8 | |
|
IBM FileNet Content Manager 5.6.0
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.6.0
|
5.6.0 | |
|
IBM FileNet Content Manager 5.5.12
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.5.12
|
5.5.12 | |
|
Oracle Fusion Middleware 12.2.1.19.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.19.0
|
12.2.1.19.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM FileNet Content Manager 5.5.8
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.5.8
|
5.5.8 | |
|
IBM FileNet Content Manager 5.6.0
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.6.0
|
5.6.0 | |
|
IBM FileNet Content Manager 5.5.12
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.5.12
|
5.5.12 | |
|
Oracle Fusion Middleware 12.2.1.19.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.19.0
|
12.2.1.19.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM FileNet Content Manager 5.5.8
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.5.8
|
5.5.8 | |
|
IBM FileNet Content Manager 5.6.0
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.6.0
|
5.6.0 | |
|
IBM FileNet Content Manager 5.5.12
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.5.12
|
5.5.12 | |
|
Oracle Fusion Middleware 12.2.1.19.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.19.0
|
12.2.1.19.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM FileNet Content Manager 5.5.8
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.5.8
|
5.5.8 | |
|
IBM FileNet Content Manager 5.6.0
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.6.0
|
5.6.0 | |
|
IBM FileNet Content Manager 5.5.12
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.5.12
|
5.5.12 | |
|
Oracle Fusion Middleware 12.2.1.19.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.19.0
|
12.2.1.19.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM FileNet Content Manager 5.5.8
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.5.8
|
5.5.8 | |
|
IBM FileNet Content Manager 5.6.0
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.6.0
|
5.6.0 | |
|
IBM FileNet Content Manager 5.5.12
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.5.12
|
5.5.12 | |
|
Oracle Fusion Middleware 12.2.1.19.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.19.0
|
12.2.1.19.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM FileNet Content Manager 5.5.8
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.5.8
|
5.5.8 | |
|
IBM FileNet Content Manager 5.6.0
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.6.0
|
5.6.0 | |
|
IBM FileNet Content Manager 5.5.12
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.5.12
|
5.5.12 | |
|
Oracle Fusion Middleware 12.2.1.19.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.19.0
|
12.2.1.19.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM FileNet Content Manager 5.5.8
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.5.8
|
5.5.8 | |
|
IBM FileNet Content Manager 5.6.0
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.6.0
|
5.6.0 | |
|
IBM FileNet Content Manager 5.5.12
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.5.12
|
5.5.12 | |
|
Oracle Fusion Middleware 12.2.1.19.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.19.0
|
12.2.1.19.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM FileNet Content Manager 5.5.8
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.5.8
|
5.5.8 | |
|
IBM FileNet Content Manager 5.6.0
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.6.0
|
5.6.0 | |
|
IBM FileNet Content Manager 5.5.12
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.5.12
|
5.5.12 | |
|
Oracle Fusion Middleware 12.2.1.19.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.19.0
|
12.2.1.19.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM FileNet Content Manager 5.5.8
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.5.8
|
5.5.8 | |
|
IBM FileNet Content Manager 5.6.0
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.6.0
|
5.6.0 | |
|
IBM FileNet Content Manager 5.5.12
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.5.12
|
5.5.12 | |
|
Oracle Fusion Middleware 12.2.1.19.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.19.0
|
12.2.1.19.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM FileNet Content Manager 5.5.8
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.5.8
|
5.5.8 | |
|
IBM FileNet Content Manager 5.6.0
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.6.0
|
5.6.0 | |
|
IBM FileNet Content Manager 5.5.12
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.5.12
|
5.5.12 | |
|
Oracle Fusion Middleware 12.2.1.19.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.19.0
|
12.2.1.19.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM FileNet Content Manager 5.5.8
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.5.8
|
5.5.8 | |
|
IBM FileNet Content Manager 5.6.0
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.6.0
|
5.6.0 | |
|
IBM FileNet Content Manager 5.5.12
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.5.12
|
5.5.12 | |
|
Oracle Fusion Middleware 12.2.1.19.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.19.0
|
12.2.1.19.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM FileNet Content Manager 5.5.8
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.5.8
|
5.5.8 | |
|
IBM FileNet Content Manager 5.6.0
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.6.0
|
5.6.0 | |
|
IBM FileNet Content Manager 5.5.12
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.5.12
|
5.5.12 | |
|
Oracle Fusion Middleware 12.2.1.19.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.19.0
|
12.2.1.19.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM FileNet Content Manager 5.5.8
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.5.8
|
5.5.8 | |
|
IBM FileNet Content Manager 5.6.0
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.6.0
|
5.6.0 | |
|
IBM FileNet Content Manager 5.5.12
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.5.12
|
5.5.12 | |
|
Oracle Fusion Middleware 12.2.1.19.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.19.0
|
12.2.1.19.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM FileNet Content Manager 5.5.8
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.5.8
|
5.5.8 | |
|
IBM FileNet Content Manager 5.6.0
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.6.0
|
5.6.0 | |
|
IBM FileNet Content Manager 5.5.12
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.5.12
|
5.5.12 | |
|
Oracle Fusion Middleware 12.2.1.19.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.19.0
|
12.2.1.19.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM FileNet Content Manager 5.5.8
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.5.8
|
5.5.8 | |
|
IBM FileNet Content Manager 5.6.0
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.6.0
|
5.6.0 | |
|
IBM FileNet Content Manager 5.5.12
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.5.12
|
5.5.12 | |
|
Oracle Fusion Middleware 12.2.1.19.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.19.0
|
12.2.1.19.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM FileNet Content Manager 5.5.8
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.5.8
|
5.5.8 | |
|
IBM FileNet Content Manager 5.6.0
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.6.0
|
5.6.0 | |
|
IBM FileNet Content Manager 5.5.12
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.5.12
|
5.5.12 | |
|
Oracle Fusion Middleware 12.2.1.19.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.19.0
|
12.2.1.19.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM FileNet Content Manager 5.5.8
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.5.8
|
5.5.8 | |
|
IBM FileNet Content Manager 5.6.0
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.6.0
|
5.6.0 | |
|
IBM FileNet Content Manager 5.5.12
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.5.12
|
5.5.12 | |
|
Oracle Fusion Middleware 12.2.1.19.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.19.0
|
12.2.1.19.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM FileNet Content Manager 5.5.8
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.5.8
|
5.5.8 | |
|
IBM FileNet Content Manager 5.6.0
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.6.0
|
5.6.0 | |
|
IBM FileNet Content Manager 5.5.12
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.5.12
|
5.5.12 | |
|
Oracle Fusion Middleware 12.2.1.19.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.19.0
|
12.2.1.19.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM FileNet Content Manager 5.5.8
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.5.8
|
5.5.8 | |
|
IBM FileNet Content Manager 5.6.0
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.6.0
|
5.6.0 | |
|
IBM FileNet Content Manager 5.5.12
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.5.12
|
5.5.12 | |
|
Oracle Fusion Middleware 12.2.1.19.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.19.0
|
12.2.1.19.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM FileNet Content Manager 5.5.8
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.5.8
|
5.5.8 | |
|
IBM FileNet Content Manager 5.6.0
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.6.0
|
5.6.0 | |
|
IBM FileNet Content Manager 5.5.12
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.5.12
|
5.5.12 | |
|
Oracle Fusion Middleware 12.2.1.19.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.19.0
|
12.2.1.19.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM FileNet Content Manager 5.5.8
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.5.8
|
5.5.8 | |
|
IBM FileNet Content Manager 5.6.0
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.6.0
|
5.6.0 | |
|
IBM FileNet Content Manager 5.5.12
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.5.12
|
5.5.12 | |
|
Oracle Fusion Middleware 12.2.1.19.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.19.0
|
12.2.1.19.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM FileNet Content Manager 5.5.8
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.5.8
|
5.5.8 | |
|
IBM FileNet Content Manager 5.6.0
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.6.0
|
5.6.0 | |
|
IBM FileNet Content Manager 5.5.12
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.5.12
|
5.5.12 | |
|
Oracle Fusion Middleware 12.2.1.19.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.19.0
|
12.2.1.19.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM FileNet Content Manager 5.5.8
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.5.8
|
5.5.8 | |
|
IBM FileNet Content Manager 5.6.0
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.6.0
|
5.6.0 | |
|
IBM FileNet Content Manager 5.5.12
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.5.12
|
5.5.12 | |
|
Oracle Fusion Middleware 12.2.1.19.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.19.0
|
12.2.1.19.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM FileNet Content Manager 5.5.8
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.5.8
|
5.5.8 | |
|
IBM FileNet Content Manager 5.6.0
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.6.0
|
5.6.0 | |
|
IBM FileNet Content Manager 5.5.12
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.5.12
|
5.5.12 | |
|
Oracle Fusion Middleware 12.2.1.19.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.19.0
|
12.2.1.19.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM FileNet Content Manager 5.5.8
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.5.8
|
5.5.8 | |
|
IBM FileNet Content Manager 5.6.0
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.6.0
|
5.6.0 | |
|
IBM FileNet Content Manager 5.5.12
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.5.12
|
5.5.12 | |
|
Oracle Fusion Middleware 12.2.1.19.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.19.0
|
12.2.1.19.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM FileNet Content Manager 5.5.8
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.5.8
|
5.5.8 | |
|
IBM FileNet Content Manager 5.6.0
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.6.0
|
5.6.0 | |
|
IBM FileNet Content Manager 5.5.12
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.5.12
|
5.5.12 | |
|
Oracle Fusion Middleware 12.2.1.19.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.19.0
|
12.2.1.19.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM FileNet Content Manager 5.5.8
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.5.8
|
5.5.8 | |
|
IBM FileNet Content Manager 5.6.0
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.6.0
|
5.6.0 | |
|
IBM FileNet Content Manager 5.5.12
IBM / FileNet Content Manager
|
cpe:/a:ibm:filenet_content_manager:5.5.12
|
5.5.12 | |
|
Oracle Fusion Middleware 12.2.1.19.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.19.0
|
12.2.1.19.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
References
5 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Oracle Fusion Middleware b\u00fcndelt mehrere Produkte zur Erstellung, Betrieb und Management von intelligenten Business Anwendungen.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Fusion Middleware ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-1637 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1637.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-1637 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1637"
},
{
"category": "external",
"summary": "Oracle Critical Patch Update Advisory - July 2024 - Appendix Oracle Fusion Middleware vom 2024-07-16",
"url": "https://www.oracle.com/security-alerts/cpujul2024.html#AppendixFMW"
},
{
"category": "external",
"summary": "PoC CVE-2024-21182 vom 2024-12-30",
"url": "https://github.com/k4it0k1d/CVE-2024-21182"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7184867 vom 2025-03-05",
"url": "https://www.ibm.com/support/pages/node/7184867"
}
],
"source_lang": "en-US",
"title": "Oracle Fusion Middleware: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-03-05T23:00:00.000+00:00",
"generator": {
"date": "2025-03-06T09:18:07.394+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.12"
}
},
"id": "WID-SEC-W-2024-1637",
"initial_release_date": "2024-07-16T22:00:00.000+00:00",
"revision_history": [
{
"date": "2024-07-16T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2024-12-30T23:00:00.000+00:00",
"number": "2",
"summary": "PoC f\u00fcr CVE-2024-21182 erg\u00e4nzt"
},
{
"date": "2025-03-05T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von IBM und IBM-APAR aufgenommen"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "5.5.8",
"product": {
"name": "IBM FileNet Content Manager 5.5.8",
"product_id": "1487483",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:filenet_content_manager:5.5.8"
}
}
},
{
"category": "product_version",
"name": "5.5.12",
"product": {
"name": "IBM FileNet Content Manager 5.5.12",
"product_id": "T039291",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:filenet_content_manager:5.5.12"
}
}
},
{
"category": "product_version",
"name": "5.6.0",
"product": {
"name": "IBM FileNet Content Manager 5.6.0",
"product_id": "T039292",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:filenet_content_manager:5.6.0"
}
}
}
],
"category": "product_name",
"name": "FileNet Content Manager"
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "12.2.1.4.0",
"product": {
"name": "Oracle Fusion Middleware 12.2.1.4.0",
"product_id": "751674",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:fusion_middleware:12.2.1.4.0"
}
}
},
{
"category": "product_version",
"name": "14.1.1.0.0",
"product": {
"name": "Oracle Fusion Middleware 14.1.1.0.0",
"product_id": "829576",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:fusion_middleware:14.1.1.0.0"
}
}
},
{
"category": "product_version",
"name": "8.5.7",
"product": {
"name": "Oracle Fusion Middleware 8.5.7",
"product_id": "T034057",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:fusion_middleware:8.5.7"
}
}
},
{
"category": "product_version",
"name": "12.2.1.19.0",
"product": {
"name": "Oracle Fusion Middleware 12.2.1.19.0",
"product_id": "T036225",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:fusion_middleware:12.2.1.19.0"
}
}
}
],
"category": "product_name",
"name": "Fusion Middleware"
}
],
"category": "vendor",
"name": "Oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-13956",
"product_status": {
"known_affected": [
"1487483",
"T039292",
"T039291",
"T036225",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-07-16T22:00:00.000+00:00",
"title": "CVE-2020-13956"
},
{
"cve": "CVE-2020-1945",
"product_status": {
"known_affected": [
"1487483",
"T039292",
"T039291",
"T036225",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-07-16T22:00:00.000+00:00",
"title": "CVE-2020-1945"
},
{
"cve": "CVE-2021-29425",
"product_status": {
"known_affected": [
"1487483",
"T039292",
"T039291",
"T036225",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-07-16T22:00:00.000+00:00",
"title": "CVE-2021-29425"
},
{
"cve": "CVE-2021-37533",
"product_status": {
"known_affected": [
"1487483",
"T039292",
"T039291",
"T036225",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-07-16T22:00:00.000+00:00",
"title": "CVE-2021-37533"
},
{
"cve": "CVE-2022-40152",
"product_status": {
"known_affected": [
"1487483",
"T039292",
"T039291",
"T036225",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-07-16T22:00:00.000+00:00",
"title": "CVE-2022-40152"
},
{
"cve": "CVE-2022-45378",
"product_status": {
"known_affected": [
"1487483",
"T039292",
"T039291",
"T036225",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-07-16T22:00:00.000+00:00",
"title": "CVE-2022-45378"
},
{
"cve": "CVE-2023-24998",
"product_status": {
"known_affected": [
"1487483",
"T039292",
"T039291",
"T036225",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-07-16T22:00:00.000+00:00",
"title": "CVE-2023-24998"
},
{
"cve": "CVE-2023-29081",
"product_status": {
"known_affected": [
"1487483",
"T039292",
"T039291",
"T036225",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-07-16T22:00:00.000+00:00",
"title": "CVE-2023-29081"
},
{
"cve": "CVE-2023-2976",
"product_status": {
"known_affected": [
"1487483",
"T039292",
"T039291",
"T036225",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-07-16T22:00:00.000+00:00",
"title": "CVE-2023-2976"
},
{
"cve": "CVE-2023-34034",
"product_status": {
"known_affected": [
"1487483",
"T039292",
"T039291",
"T036225",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-07-16T22:00:00.000+00:00",
"title": "CVE-2023-34034"
},
{
"cve": "CVE-2023-36478",
"product_status": {
"known_affected": [
"1487483",
"T039292",
"T039291",
"T036225",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-07-16T22:00:00.000+00:00",
"title": "CVE-2023-36478"
},
{
"cve": "CVE-2023-45853",
"product_status": {
"known_affected": [
"1487483",
"T039292",
"T039291",
"T036225",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-07-16T22:00:00.000+00:00",
"title": "CVE-2023-45853"
},
{
"cve": "CVE-2023-46750",
"product_status": {
"known_affected": [
"1487483",
"T039292",
"T039291",
"T036225",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-07-16T22:00:00.000+00:00",
"title": "CVE-2023-46750"
},
{
"cve": "CVE-2023-4759",
"product_status": {
"known_affected": [
"1487483",
"T039292",
"T039291",
"T036225",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-07-16T22:00:00.000+00:00",
"title": "CVE-2023-4759"
},
{
"cve": "CVE-2023-48795",
"product_status": {
"known_affected": [
"1487483",
"T039292",
"T039291",
"T036225",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-07-16T22:00:00.000+00:00",
"title": "CVE-2023-48795"
},
{
"cve": "CVE-2023-5072",
"product_status": {
"known_affected": [
"1487483",
"T039292",
"T039291",
"T036225",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-07-16T22:00:00.000+00:00",
"title": "CVE-2023-5072"
},
{
"cve": "CVE-2023-52425",
"product_status": {
"known_affected": [
"1487483",
"T039292",
"T039291",
"T036225",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-07-16T22:00:00.000+00:00",
"title": "CVE-2023-52425"
},
{
"cve": "CVE-2023-6129",
"product_status": {
"known_affected": [
"1487483",
"T039292",
"T039291",
"T036225",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-07-16T22:00:00.000+00:00",
"title": "CVE-2023-6129"
},
{
"cve": "CVE-2024-0853",
"product_status": {
"known_affected": [
"1487483",
"T039292",
"T039291",
"T036225",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-07-16T22:00:00.000+00:00",
"title": "CVE-2024-0853"
},
{
"cve": "CVE-2024-21133",
"product_status": {
"known_affected": [
"1487483",
"T039292",
"T039291",
"T036225",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-07-16T22:00:00.000+00:00",
"title": "CVE-2024-21133"
},
{
"cve": "CVE-2024-21175",
"product_status": {
"known_affected": [
"1487483",
"T039292",
"T039291",
"T036225",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-07-16T22:00:00.000+00:00",
"title": "CVE-2024-21175"
},
{
"cve": "CVE-2024-21181",
"product_status": {
"known_affected": [
"1487483",
"T039292",
"T039291",
"T036225",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-07-16T22:00:00.000+00:00",
"title": "CVE-2024-21181"
},
{
"cve": "CVE-2024-21182",
"product_status": {
"known_affected": [
"1487483",
"T039292",
"T039291",
"T036225",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-07-16T22:00:00.000+00:00",
"title": "CVE-2024-21182"
},
{
"cve": "CVE-2024-21183",
"product_status": {
"known_affected": [
"1487483",
"T039292",
"T039291",
"T036225",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-07-16T22:00:00.000+00:00",
"title": "CVE-2024-21183"
},
{
"cve": "CVE-2024-22201",
"product_status": {
"known_affected": [
"1487483",
"T039292",
"T039291",
"T036225",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-07-16T22:00:00.000+00:00",
"title": "CVE-2024-22201"
},
{
"cve": "CVE-2024-22243",
"product_status": {
"known_affected": [
"1487483",
"T039292",
"T039291",
"T036225",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-07-16T22:00:00.000+00:00",
"title": "CVE-2024-22243"
},
{
"cve": "CVE-2024-22259",
"product_status": {
"known_affected": [
"1487483",
"T039292",
"T039291",
"T036225",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-07-16T22:00:00.000+00:00",
"title": "CVE-2024-22259"
},
{
"cve": "CVE-2024-22262",
"product_status": {
"known_affected": [
"1487483",
"T039292",
"T039291",
"T036225",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-07-16T22:00:00.000+00:00",
"title": "CVE-2024-22262"
},
{
"cve": "CVE-2024-25062",
"product_status": {
"known_affected": [
"1487483",
"T039292",
"T039291",
"T036225",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-07-16T22:00:00.000+00:00",
"title": "CVE-2024-25062"
},
{
"cve": "CVE-2024-26308",
"product_status": {
"known_affected": [
"1487483",
"T039292",
"T039291",
"T036225",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-07-16T22:00:00.000+00:00",
"title": "CVE-2024-26308"
},
{
"cve": "CVE-2024-29025",
"product_status": {
"known_affected": [
"1487483",
"T039292",
"T039291",
"T036225",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-07-16T22:00:00.000+00:00",
"title": "CVE-2024-29025"
},
{
"cve": "CVE-2024-29857",
"product_status": {
"known_affected": [
"1487483",
"T039292",
"T039291",
"T036225",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-07-16T22:00:00.000+00:00",
"title": "CVE-2024-29857"
}
]
}
WID-SEC-W-2024-1650
Vulnerability from csaf_certbund - Published: 2024-07-16 22:00 - Updated: 2024-07-16 22:00Summary
Oracle Utilities Applications: Mehrere Schwachstellen
Severity
Mittel
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Oracle Utilities Applications ist eine Produktfamilie mit branchenspezifischen Lösungen für Ver- und Entsorger.
Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Oracle Utilities Applications ausnutzen, um die Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme: - Linux
- Windows
In Oracle Utilities Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Verfügbarkeit gefährden. Für die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Utilities Applications 4.4.0.0.0
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:4.4.0.0.0
|
4.4.0.0.0 | |
|
Oracle Utilities Applications 24.1.0.0.0
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Utilities Applications 24.2.0.0.0
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:24.2.0.0.0
|
24.2.0.0.0 | |
|
Oracle Utilities Applications 4.3.0.6.0
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:4.3.0.6.0
|
4.3.0.6.0 | |
|
Oracle Utilities Applications 4.4.0.2.0
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:4.4.0.2.0
|
4.4.0.2.0 | |
|
Oracle Utilities Applications 4.4.0.3.0
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:4.4.0.3.0
|
4.4.0.3.0 | |
|
Oracle Utilities Applications 4.5.0.0.0
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:4.5.0.0.0
|
4.5.0.0.0 |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Utilities Applications <=4.5.0.1.3
Oracle / Utilities Applications
|
<=4.5.0.1.3 |
In Oracle Utilities Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Verfügbarkeit gefährden. Für die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Utilities Applications 4.4.0.0.0
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:4.4.0.0.0
|
4.4.0.0.0 | |
|
Oracle Utilities Applications 24.1.0.0.0
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Utilities Applications 24.2.0.0.0
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:24.2.0.0.0
|
24.2.0.0.0 | |
|
Oracle Utilities Applications 4.3.0.6.0
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:4.3.0.6.0
|
4.3.0.6.0 | |
|
Oracle Utilities Applications 4.4.0.2.0
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:4.4.0.2.0
|
4.4.0.2.0 | |
|
Oracle Utilities Applications 4.4.0.3.0
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:4.4.0.3.0
|
4.4.0.3.0 | |
|
Oracle Utilities Applications 4.5.0.0.0
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:4.5.0.0.0
|
4.5.0.0.0 |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Utilities Applications <=4.5.0.1.3
Oracle / Utilities Applications
|
<=4.5.0.1.3 |
References
3 references
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Oracle Utilities Applications ist eine Produktfamilie mit branchenspezifischen L\u00f6sungen f\u00fcr Ver- und Entsorger.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Oracle Utilities Applications ausnutzen, um die Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-1650 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1650.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-1650 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1650"
},
{
"category": "external",
"summary": "Oracle Critical Patch Update Advisory - July 2024 - Appendix Oracle Utilities Applications vom 2024-07-16",
"url": "https://www.oracle.com/security-alerts/cpujul2024.html#AppendixUTIL"
}
],
"source_lang": "en-US",
"title": "Oracle Utilities Applications: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-07-16T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T18:11:29.436+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2024-1650",
"initial_release_date": "2024-07-16T22:00:00.000+00:00",
"revision_history": [
{
"date": "2024-07-16T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "4.4.0.0.0",
"product": {
"name": "Oracle Utilities Applications 4.4.0.0.0",
"product_id": "T036262",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:utilities:4.4.0.0.0"
}
}
},
{
"category": "product_version",
"name": "4.4.0.2.0",
"product": {
"name": "Oracle Utilities Applications 4.4.0.2.0",
"product_id": "T036263",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:utilities:4.4.0.2.0"
}
}
},
{
"category": "product_version",
"name": "4.4.0.3.0",
"product": {
"name": "Oracle Utilities Applications 4.4.0.3.0",
"product_id": "T036264",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:utilities:4.4.0.3.0"
}
}
},
{
"category": "product_version",
"name": "4.5.0.0.0",
"product": {
"name": "Oracle Utilities Applications 4.5.0.0.0",
"product_id": "T036265",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:utilities:4.5.0.0.0"
}
}
},
{
"category": "product_version_range",
"name": "\u003c=4.5.0.1.3",
"product": {
"name": "Oracle Utilities Applications \u003c=4.5.0.1.3",
"product_id": "T036266"
}
},
{
"category": "product_version",
"name": "24.1.0.0.0",
"product": {
"name": "Oracle Utilities Applications 24.1.0.0.0",
"product_id": "T036267",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:utilities:24.1.0.0.0"
}
}
},
{
"category": "product_version",
"name": "24.2.0.0.0",
"product": {
"name": "Oracle Utilities Applications 24.2.0.0.0",
"product_id": "T036268",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:utilities:24.2.0.0.0"
}
}
},
{
"category": "product_version",
"name": "4.3.0.6.0",
"product": {
"name": "Oracle Utilities Applications 4.3.0.6.0",
"product_id": "T036269",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:utilities:4.3.0.6.0"
}
}
}
],
"category": "product_name",
"name": "Utilities Applications"
}
],
"category": "vendor",
"name": "Oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-52428",
"notes": [
{
"category": "description",
"text": "In Oracle Utilities Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036262",
"T036267",
"T036268",
"T036269",
"T036263",
"T036264",
"T036265"
],
"last_affected": [
"T036266"
]
},
"release_date": "2024-07-16T22:00:00.000+00:00",
"title": "CVE-2023-52428"
},
{
"cve": "CVE-2024-29857",
"notes": [
{
"category": "description",
"text": "In Oracle Utilities Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036262",
"T036267",
"T036268",
"T036269",
"T036263",
"T036264",
"T036265"
],
"last_affected": [
"T036266"
]
},
"release_date": "2024-07-16T22:00:00.000+00:00",
"title": "CVE-2024-29857"
}
]
}
WID-SEC-W-2024-1885
Vulnerability from csaf_certbund - Published: 2024-08-20 22:00 - Updated: 2024-08-20 22:00Summary
Atlassian Bamboo: Mehrere Schwachstellen ermöglichen Codeausführung und DoS
Severity
Mittel
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Bamboo ist ein Werkzeug zur kontinuierlichen Integration und Bereitstellung, das automatisierte Builds, Tests und Freigaben in einem einzigen Arbeitsablauf verbindet.
Angriff: Ein entfernter, authentisierter oder anonymer Angreifer kann mehrere Schwachstellen in Atlassian Bamboo ausnutzen, um beliebigen Programmcode auszuführen und um einen Denial-of-Service-Zustand zu erzeugen.
Betroffene Betriebssysteme: - Sonstiges
- UNIX
- Windows
Es besteht eine nicht näher beschriebene Schwachstelle in Atlassian Bamboo. Ein entfernter, authentisierter Angreifer mit erhöhten Rechten kann dies ausnutzen, um beliebigen Code auszuführen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Bamboo <9.6.5
Atlassian / Bamboo
|
<9.6.5 | ||
|
Atlassian Bamboo <9.2.17
Atlassian / Bamboo
|
<9.2.17 |
Es besteht eine Schwachstelle in Atlassian Bamboo. Diese Fehler betrifft die org.bouncycastle:bcprov-jdk18on-Dependency und führt zu einem übermäßigen CPU-Verbrauch auf dem System. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Bamboo <9.6.5
Atlassian / Bamboo
|
<9.6.5 | ||
|
Atlassian Bamboo <9.2.17
Atlassian / Bamboo
|
<9.2.17 |
References
3 references
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Bamboo ist ein Werkzeug zur kontinuierlichen Integration und Bereitstellung, das automatisierte Builds, Tests und Freigaben in einem einzigen Arbeitsablauf verbindet.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, authentisierter oder anonymer Angreifer kann mehrere Schwachstellen in Atlassian Bamboo ausnutzen, um beliebigen Programmcode auszuf\u00fchren und um einen Denial-of-Service-Zustand zu erzeugen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-1885 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1885.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-1885 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1885"
},
{
"category": "external",
"summary": "Atlassian Security Bulletin - August 20 2024 vom 2024-08-20",
"url": "https://confluence.atlassian.com/security/security-bulletin-august-20-2024-1431535667.html"
}
],
"source_lang": "en-US",
"title": "Atlassian Bamboo: Mehrere Schwachstellen erm\u00f6glichen Codeausf\u00fchrung und DoS",
"tracking": {
"current_release_date": "2024-08-20T22:00:00.000+00:00",
"generator": {
"date": "2024-08-21T10:39:55.298+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.6"
}
},
"id": "WID-SEC-W-2024-1885",
"initial_release_date": "2024-08-20T22:00:00.000+00:00",
"revision_history": [
{
"date": "2024-08-20T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c9.6.5",
"product": {
"name": "Atlassian Bamboo \u003c9.6.5",
"product_id": "T036975"
}
},
{
"category": "product_version",
"name": "9.6.5",
"product": {
"name": "Atlassian Bamboo 9.6.5",
"product_id": "T036975-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bamboo:9.6.5"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.2.17",
"product": {
"name": "Atlassian Bamboo \u003c9.2.17",
"product_id": "T036976"
}
},
{
"category": "product_version",
"name": "9.2.17",
"product": {
"name": "Atlassian Bamboo 9.2.17",
"product_id": "T036976-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bamboo:9.2.17"
}
}
}
],
"category": "product_name",
"name": "Bamboo"
}
],
"category": "vendor",
"name": "Atlassian"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-21689",
"notes": [
{
"category": "description",
"text": "Es besteht eine nicht n\u00e4her beschriebene Schwachstelle in Atlassian Bamboo. Ein entfernter, authentisierter Angreifer mit erh\u00f6hten Rechten kann dies ausnutzen, um beliebigen Code auszuf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T036975",
"T036976"
]
},
"release_date": "2024-08-20T22:00:00.000+00:00",
"title": "CVE-2024-21689"
},
{
"cve": "CVE-2024-29857",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle in Atlassian Bamboo. Diese Fehler betrifft die org.bouncycastle:bcprov-jdk18on-Dependency und f\u00fchrt zu einem \u00fcberm\u00e4\u00dfigen CPU-Verbrauch auf dem System. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen."
}
],
"product_status": {
"known_affected": [
"T036975",
"T036976"
]
},
"release_date": "2024-08-20T22:00:00.000+00:00",
"title": "CVE-2024-29857"
}
]
}
WID-SEC-W-2024-1912
Vulnerability from csaf_certbund - Published: 2024-08-22 22:00 - Updated: 2024-08-22 22:00Summary
SOS GmbH JobScheduler: Mehrere Schwachstellen
Severity
Mittel
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Der JobScheduler ist eine Open-Source-Lösung für die Prozessautomatisierung auf Unternehmensebene.
Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in SOS GmbH JobScheduler ausnutzen, um Daten zu verändern, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu erzeugen.
Betroffene Betriebssysteme: - Sonstiges
- UNIX
- Windows
Es bestehen mehrere Schwachstellen im JobScheduler der SOS GmbH. Diese Fehler in JS7 JOC Cockpit entstehen durch die Verwendung einer veralteten Version der Elliptic Library (6.5.5), die bekannte Schwachstellen enthält, die kryptographische Signaturen betreffen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um kryptografische Signaturen zu beschädigen, was zu unautorisiertem Zugriff und Datenmanipulation führen kann.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SOS GmbH JobScheduler <2.7.2
SOS GmbH / JobScheduler
|
<2.7.2 | ||
|
SOS GmbH JobScheduler <2.5.10
SOS GmbH / JobScheduler
|
<2.5.10 | ||
|
SOS GmbH JobScheduler <2.6.7
SOS GmbH / JobScheduler
|
<2.6.7 |
Es bestehen mehrere Schwachstellen im JobScheduler der SOS GmbH. Diese Fehler in JS7 JOC Cockpit entstehen durch die Verwendung einer veralteten Version der Elliptic Library (6.5.5), die bekannte Schwachstellen enthält, die kryptographische Signaturen betreffen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um kryptografische Signaturen zu beschädigen, was zu unautorisiertem Zugriff und Datenmanipulation führen kann.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SOS GmbH JobScheduler <2.7.2
SOS GmbH / JobScheduler
|
<2.7.2 | ||
|
SOS GmbH JobScheduler <2.5.10
SOS GmbH / JobScheduler
|
<2.5.10 | ||
|
SOS GmbH JobScheduler <2.6.7
SOS GmbH / JobScheduler
|
<2.6.7 |
Es bestehen mehrere Schwachstellen im JobScheduler der SOS GmbH. Diese Fehler in JS7 JOC Cockpit entstehen durch die Verwendung einer veralteten Version der Elliptic Library (6.5.5), die bekannte Schwachstellen enthält, die kryptographische Signaturen betreffen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um kryptografische Signaturen zu beschädigen, was zu unautorisiertem Zugriff und Datenmanipulation führen kann.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SOS GmbH JobScheduler <2.7.2
SOS GmbH / JobScheduler
|
<2.7.2 | ||
|
SOS GmbH JobScheduler <2.5.10
SOS GmbH / JobScheduler
|
<2.5.10 | ||
|
SOS GmbH JobScheduler <2.6.7
SOS GmbH / JobScheduler
|
<2.6.7 |
Es bestehen mehrere Schwachstellen im JobScheduler der SOS GmbH. Diese Fehler werden durch den unsachgemäßen Umgang mit manipulierten F2m-Parametern und der Ed25519-Signaturprüfung in den Bouncy Castle-Bibliotheken verursacht, was zu einer Endlosschleife oder zu einer übermäßigen CPU-Auslastung führen kann. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SOS GmbH JobScheduler <2.5.10
SOS GmbH / JobScheduler
|
<2.5.10 | ||
|
SOS GmbH JobScheduler <2.6.7
SOS GmbH / JobScheduler
|
<2.6.7 |
Es bestehen mehrere Schwachstellen im JobScheduler der SOS GmbH. Diese Fehler werden durch den unsachgemäßen Umgang mit manipulierten F2m-Parametern und der Ed25519-Signaturprüfung in den Bouncy Castle-Bibliotheken verursacht, was zu einer Endlosschleife oder zu einer übermäßigen CPU-Auslastung führen kann. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SOS GmbH JobScheduler <2.5.10
SOS GmbH / JobScheduler
|
<2.5.10 | ||
|
SOS GmbH JobScheduler <2.6.7
SOS GmbH / JobScheduler
|
<2.6.7 |
Es besteht eine Schwachstelle im JobScheduler der SOS GmbH. Diese Fehler betrifft die Java TLS API und den JSSE Provider der Drittanbieterkomponente Bouncy Castle aufgrund eines zeitbasierten Seitenkanallecks während RSA-basierter Handshakes. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um vertrauliche Informationen preiszugeben.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SOS GmbH JobScheduler <2.5.10
SOS GmbH / JobScheduler
|
<2.5.10 | ||
|
SOS GmbH JobScheduler <2.6.7
SOS GmbH / JobScheduler
|
<2.6.7 |
References
7 references
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Der JobScheduler ist eine Open-Source-L\u00f6sung f\u00fcr die Prozessautomatisierung auf Unternehmensebene.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in SOS GmbH JobScheduler ausnutzen, um Daten zu ver\u00e4ndern, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu erzeugen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-1912 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1912.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-1912 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1912"
},
{
"category": "external",
"summary": "JobScheduler Vulnerability Remediation Release 2.7.2 vom 2024-08-22",
"url": "https://kb.sos-berlin.com/display/PKB/Vulnerability+Remediation+Release+2.7.2"
},
{
"category": "external",
"summary": "JobScheduler Vulnerability Remediation Release 2.6.7 vom 2024-08-22",
"url": "https://kb.sos-berlin.com/display/PKB/Vulnerability+Remediation+Release+2.6.7"
},
{
"category": "external",
"summary": "JobScheduler Vulnerability Remediation Release 2.5.10 vom 2024-08-22",
"url": "https://kb.sos-berlin.com/display/PKB/Vulnerability+Remediation+Release+2.5.10"
},
{
"category": "external",
"summary": "JobScheduler Issue JS-2130 vom 2024-08-22",
"url": "https://change.sos-berlin.com/browse/JS-2130"
},
{
"category": "external",
"summary": "JobScheduler Issue JOC-1889 vom 2024-08-22",
"url": "https://change.sos-berlin.com/browse/JOC-1889"
}
],
"source_lang": "en-US",
"title": "SOS GmbH JobScheduler: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-08-22T22:00:00.000+00:00",
"generator": {
"date": "2024-08-23T09:36:17.623+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.6"
}
},
"id": "WID-SEC-W-2024-1912",
"initial_release_date": "2024-08-22T22:00:00.000+00:00",
"revision_history": [
{
"date": "2024-08-22T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c2.7.2",
"product": {
"name": "SOS GmbH JobScheduler \u003c2.7.2",
"product_id": "T037040"
}
},
{
"category": "product_version",
"name": "2.7.2",
"product": {
"name": "SOS GmbH JobScheduler 2.7.2",
"product_id": "T037040-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:sos_gmbh:jobscheduler:2.7.2"
}
}
},
{
"category": "product_version_range",
"name": "\u003c2.5.10",
"product": {
"name": "SOS GmbH JobScheduler \u003c2.5.10",
"product_id": "T037041"
}
},
{
"category": "product_version",
"name": "2.5.10",
"product": {
"name": "SOS GmbH JobScheduler 2.5.10",
"product_id": "T037041-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:sos_gmbh:jobscheduler:2.5.10"
}
}
},
{
"category": "product_version_range",
"name": "\u003c2.6.7",
"product": {
"name": "SOS GmbH JobScheduler \u003c2.6.7",
"product_id": "T037042"
}
},
{
"category": "product_version",
"name": "2.6.7",
"product": {
"name": "SOS GmbH JobScheduler 2.6.7",
"product_id": "T037042-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:sos_gmbh:jobscheduler:2.6.7"
}
}
}
],
"category": "product_name",
"name": "JobScheduler"
}
],
"category": "vendor",
"name": "SOS GmbH"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-42459",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im JobScheduler der SOS GmbH. Diese Fehler in JS7 JOC Cockpit entstehen durch die Verwendung einer veralteten Version der Elliptic Library (6.5.5), die bekannte Schwachstellen enth\u00e4lt, die kryptographische Signaturen betreffen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um kryptografische Signaturen zu besch\u00e4digen, was zu unautorisiertem Zugriff und Datenmanipulation f\u00fchren kann."
}
],
"product_status": {
"known_affected": [
"T037040",
"T037041",
"T037042"
]
},
"release_date": "2024-08-22T22:00:00.000+00:00",
"title": "CVE-2024-42459"
},
{
"cve": "CVE-2024-42460",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im JobScheduler der SOS GmbH. Diese Fehler in JS7 JOC Cockpit entstehen durch die Verwendung einer veralteten Version der Elliptic Library (6.5.5), die bekannte Schwachstellen enth\u00e4lt, die kryptographische Signaturen betreffen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um kryptografische Signaturen zu besch\u00e4digen, was zu unautorisiertem Zugriff und Datenmanipulation f\u00fchren kann."
}
],
"product_status": {
"known_affected": [
"T037040",
"T037041",
"T037042"
]
},
"release_date": "2024-08-22T22:00:00.000+00:00",
"title": "CVE-2024-42460"
},
{
"cve": "CVE-2024-42461",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im JobScheduler der SOS GmbH. Diese Fehler in JS7 JOC Cockpit entstehen durch die Verwendung einer veralteten Version der Elliptic Library (6.5.5), die bekannte Schwachstellen enth\u00e4lt, die kryptographische Signaturen betreffen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um kryptografische Signaturen zu besch\u00e4digen, was zu unautorisiertem Zugriff und Datenmanipulation f\u00fchren kann."
}
],
"product_status": {
"known_affected": [
"T037040",
"T037041",
"T037042"
]
},
"release_date": "2024-08-22T22:00:00.000+00:00",
"title": "CVE-2024-42461"
},
{
"cve": "CVE-2024-29857",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im JobScheduler der SOS GmbH. Diese Fehler werden durch den unsachgem\u00e4\u00dfen Umgang mit manipulierten F2m-Parametern und der Ed25519-Signaturpr\u00fcfung in den Bouncy Castle-Bibliotheken verursacht, was zu einer Endlosschleife oder zu einer \u00fcberm\u00e4\u00dfigen CPU-Auslastung f\u00fchren kann. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen."
}
],
"product_status": {
"known_affected": [
"T037041",
"T037042"
]
},
"release_date": "2024-08-22T22:00:00.000+00:00",
"title": "CVE-2024-29857"
},
{
"cve": "CVE-2024-30172",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im JobScheduler der SOS GmbH. Diese Fehler werden durch den unsachgem\u00e4\u00dfen Umgang mit manipulierten F2m-Parametern und der Ed25519-Signaturpr\u00fcfung in den Bouncy Castle-Bibliotheken verursacht, was zu einer Endlosschleife oder zu einer \u00fcberm\u00e4\u00dfigen CPU-Auslastung f\u00fchren kann. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen."
}
],
"product_status": {
"known_affected": [
"T037041",
"T037042"
]
},
"release_date": "2024-08-22T22:00:00.000+00:00",
"title": "CVE-2024-30172"
},
{
"cve": "CVE-2024-30171",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle im JobScheduler der SOS GmbH. Diese Fehler betrifft die Java TLS API und den JSSE Provider der Drittanbieterkomponente Bouncy Castle aufgrund eines zeitbasierten Seitenkanallecks w\u00e4hrend RSA-basierter Handshakes. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um vertrauliche Informationen preiszugeben."
}
],
"product_status": {
"known_affected": [
"T037041",
"T037042"
]
},
"release_date": "2024-08-22T22:00:00.000+00:00",
"title": "CVE-2024-30171"
}
]
}
WID-SEC-W-2024-3195
Vulnerability from csaf_certbund - Published: 2024-10-15 22:00 - Updated: 2024-10-15 22:00Summary
Oracle Communications: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Oracle Communications umfasst branchenspezifische Lösungen für die Telekommunikationsbranche.
Angriff: Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Communications ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme: - Sonstiges
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
References
3 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Oracle Communications umfasst branchenspezifische L\u00f6sungen f\u00fcr die Telekommunikationsbranche.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Communications ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-3195 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3195.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-3195 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3195"
},
{
"category": "external",
"summary": "Oracle Critical Patch Update Advisory - October 2024 - Appendix Oracle Communications vom 2024-10-15",
"url": "https://www.oracle.com/security-alerts/cpuoct2024.html#AppendixCGBU"
}
],
"source_lang": "en-US",
"title": "Oracle Communications: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-10-15T22:00:00.000+00:00",
"generator": {
"date": "2024-10-16T10:12:35.400+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.8"
}
},
"id": "WID-SEC-W-2024-3195",
"initial_release_date": "2024-10-15T22:00:00.000+00:00",
"revision_history": [
{
"date": "2024-10-15T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "9.1.1.3.0",
"product": {
"name": "Oracle Communications 9.1.1.3.0",
"product_id": "T027333",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:9.1.1.3.0"
}
}
},
{
"category": "product_version",
"name": "12.6.1.0.0",
"product": {
"name": "Oracle Communications 12.6.1.0.0",
"product_id": "T027338",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:12.6.1.0.0"
}
}
},
{
"category": "product_version",
"name": "5.1",
"product": {
"name": "Oracle Communications 5.1",
"product_id": "T028684",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:5.1"
}
}
},
{
"category": "product_version",
"name": "15.0.0.0.0",
"product": {
"name": "Oracle Communications 15.0.0.0.0",
"product_id": "T032090",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:15.0.0.0.0"
}
}
},
{
"category": "product_version",
"name": "23.4.0",
"product": {
"name": "Oracle Communications 23.4.0",
"product_id": "T032091",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:23.4.0"
}
}
},
{
"category": "product_version",
"name": "23.4.2",
"product": {
"name": "Oracle Communications 23.4.2",
"product_id": "T034144",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:23.4.2"
}
}
},
{
"category": "product_version",
"name": "24.1.0",
"product": {
"name": "Oracle Communications 24.1.0",
"product_id": "T034145",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:24.1.0"
}
}
},
{
"category": "product_version",
"name": "5.2",
"product": {
"name": "Oracle Communications 5.2",
"product_id": "T034146",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:5.2"
}
}
},
{
"category": "product_version",
"name": "24.1.0.0.0",
"product": {
"name": "Oracle Communications 24.1.0.0.0",
"product_id": "T034147",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:24.1.0.0.0"
}
}
},
{
"category": "product_version",
"name": "23.4.3",
"product": {
"name": "Oracle Communications 23.4.3",
"product_id": "T036195",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:23.4.3"
}
}
},
{
"category": "product_version",
"name": "23.4.4",
"product": {
"name": "Oracle Communications 23.4.4",
"product_id": "T036196",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:23.4.4"
}
}
},
{
"category": "product_version_range",
"name": "\u003c=24.2.0",
"product": {
"name": "Oracle Communications \u003c=24.2.0",
"product_id": "T036197"
}
},
{
"category": "product_version_range",
"name": "\u003c=24.2.0",
"product": {
"name": "Oracle Communications \u003c=24.2.0",
"product_id": "T036197-fixed"
}
},
{
"category": "product_version",
"name": "4.1.0",
"product": {
"name": "Oracle Communications 4.1.0",
"product_id": "T036205",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:4.1.0"
}
}
},
{
"category": "product_version",
"name": "4.2.0",
"product": {
"name": "Oracle Communications 4.2.0",
"product_id": "T036206",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:4.2.0"
}
}
},
{
"category": "product_version",
"name": "9.2.0",
"product": {
"name": "Oracle Communications 9.2.0",
"product_id": "T036207",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:9.2.0"
}
}
},
{
"category": "product_version",
"name": "9.3.0",
"product": {
"name": "Oracle Communications 9.3.0",
"product_id": "T036208",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:9.3.0"
}
}
},
{
"category": "product_version",
"name": "12.11.0",
"product": {
"name": "Oracle Communications 12.11.0",
"product_id": "T036209",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:12.11.0"
}
}
},
{
"category": "product_version",
"name": "9.0.1.10.0",
"product": {
"name": "Oracle Communications 9.0.1.10.0",
"product_id": "T038373",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:9.0.1.10.0"
}
}
},
{
"category": "product_version_range",
"name": "\u003c=23.4.5",
"product": {
"name": "Oracle Communications \u003c=23.4.5",
"product_id": "T038375"
}
},
{
"category": "product_version_range",
"name": "\u003c=23.4.5",
"product": {
"name": "Oracle Communications \u003c=23.4.5",
"product_id": "T038375-fixed"
}
},
{
"category": "product_version",
"name": "24.2.1",
"product": {
"name": "Oracle Communications 24.2.1",
"product_id": "T038376",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:24.2.1"
}
}
},
{
"category": "product_version_range",
"name": "\u003c=23.4.6",
"product": {
"name": "Oracle Communications \u003c=23.4.6",
"product_id": "T038377"
}
},
{
"category": "product_version_range",
"name": "\u003c=23.4.6",
"product": {
"name": "Oracle Communications \u003c=23.4.6",
"product_id": "T038377-fixed"
}
},
{
"category": "product_version",
"name": "24.1.1",
"product": {
"name": "Oracle Communications 24.1.1",
"product_id": "T038378",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:24.1.1"
}
}
},
{
"category": "product_version",
"name": "24.2.2",
"product": {
"name": "Oracle Communications 24.2.2",
"product_id": "T038379",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:24.2.2"
}
}
},
{
"category": "product_version",
"name": "9.1.5",
"product": {
"name": "Oracle Communications 9.1.5",
"product_id": "T038380",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:9.1.5"
}
}
},
{
"category": "product_version",
"name": "9.1.0",
"product": {
"name": "Oracle Communications 9.1.0",
"product_id": "T038381",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:9.1.0"
}
}
},
{
"category": "product_version",
"name": "14",
"product": {
"name": "Oracle Communications 14.0",
"product_id": "T038382",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:14.0"
}
}
},
{
"category": "product_version",
"name": "9.1.1.9.0",
"product": {
"name": "Oracle Communications 9.1.1.9.0",
"product_id": "T038383",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:9.1.1.9.0"
}
}
},
{
"category": "product_version",
"name": "14.0.0.1",
"product": {
"name": "Oracle Communications 14.0.0.1",
"product_id": "T038384",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:14.0.0.1"
}
}
},
{
"category": "product_version",
"name": "17.0.1",
"product": {
"name": "Oracle Communications 17.0.1",
"product_id": "T038385",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:17.0.1"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.4.0.4",
"product": {
"name": "Oracle Communications \u003c10.4.0.4",
"product_id": "T038386"
}
},
{
"category": "product_version",
"name": "10.4.0.4",
"product": {
"name": "Oracle Communications 10.4.0.4",
"product_id": "T038386-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:10.4.0.4"
}
}
},
{
"category": "product_version_range",
"name": "\u003c=9.1.1.8.0",
"product": {
"name": "Oracle Communications \u003c=9.1.1.8.0",
"product_id": "T038426"
}
},
{
"category": "product_version_range",
"name": "\u003c=9.1.1.8.0",
"product": {
"name": "Oracle Communications \u003c=9.1.1.8.0",
"product_id": "T038426-fixed"
}
}
],
"category": "product_name",
"name": "Communications"
}
],
"category": "vendor",
"name": "Oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-2068",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2022-2068"
},
{
"cve": "CVE-2022-23437",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2022-23437"
},
{
"cve": "CVE-2022-2601",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2022-2601"
},
{
"cve": "CVE-2022-36760",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2022-36760"
},
{
"cve": "CVE-2023-2953",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2023-2953"
},
{
"cve": "CVE-2023-3635",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2023-3635"
},
{
"cve": "CVE-2023-38408",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2023-38408"
},
{
"cve": "CVE-2023-4043",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2023-4043"
},
{
"cve": "CVE-2023-46136",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2023-46136"
},
{
"cve": "CVE-2023-48795",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2023-48795"
},
{
"cve": "CVE-2023-51775",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2023-51775"
},
{
"cve": "CVE-2023-5685",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2023-5685"
},
{
"cve": "CVE-2023-6597",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2023-6597"
},
{
"cve": "CVE-2023-6816",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2023-6816"
},
{
"cve": "CVE-2024-0450",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2024-0450"
},
{
"cve": "CVE-2024-22020",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2024-22020"
},
{
"cve": "CVE-2024-22257",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2024-22257"
},
{
"cve": "CVE-2024-22262",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2024-22262"
},
{
"cve": "CVE-2024-23672",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2024-23672"
},
{
"cve": "CVE-2024-2398",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2024-2398"
},
{
"cve": "CVE-2024-25062",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2024-25062"
},
{
"cve": "CVE-2024-25638",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2024-25638"
},
{
"cve": "CVE-2024-26308",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2024-26308"
},
{
"cve": "CVE-2024-28182",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2024-28182"
},
{
"cve": "CVE-2024-28849",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2024-28849"
},
{
"cve": "CVE-2024-29025",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2024-29025"
},
{
"cve": "CVE-2024-29736",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2024-29736"
},
{
"cve": "CVE-2024-29857",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2024-29857"
},
{
"cve": "CVE-2024-30251",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2024-30251"
},
{
"cve": "CVE-2024-31080",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2024-31080"
},
{
"cve": "CVE-2024-31744",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2024-31744"
},
{
"cve": "CVE-2024-32760",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2024-32760"
},
{
"cve": "CVE-2024-33602",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2024-33602"
},
{
"cve": "CVE-2024-34750",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2024-34750"
},
{
"cve": "CVE-2024-37371",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2024-37371"
},
{
"cve": "CVE-2024-37891",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2024-37891"
},
{
"cve": "CVE-2024-38816",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2024-38816"
},
{
"cve": "CVE-2024-40898",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2024-40898"
},
{
"cve": "CVE-2024-43044",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2024-43044"
},
{
"cve": "CVE-2024-45492",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2024-45492"
},
{
"cve": "CVE-2024-4577",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2024-4577"
},
{
"cve": "CVE-2024-4603",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2024-4603"
},
{
"cve": "CVE-2024-5971",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2024-5971"
},
{
"cve": "CVE-2024-6162",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2024-6162"
},
{
"cve": "CVE-2024-6387",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2024-6387"
},
{
"cve": "CVE-2024-7254",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2024-7254"
}
]
}
WID-SEC-W-2025-0001
Vulnerability from csaf_certbund - Published: 2025-01-01 23:00 - Updated: 2025-11-18 23:00Summary
IBM DB2: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: IBM DB2 ist ein relationales Datenbanksystem (RDBS) von IBM.
Angriff: Ein entfernter oder lokaler Angreifer kann mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data ausnutzen, um seine Privilegien zu erhöhen, beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, Sicherheitsmaßnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen.
Betroffene Betriebssysteme: - Sonstiges
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM DB2 Warehouse <5.1.0
IBM / DB2
|
Warehouse <5.1.0 | ||
|
IBM DB2 <5.1.0
IBM / DB2
|
<5.1.0 | ||
|
IBM Spectrum Protect Plus <10.1.6.4
IBM / Spectrum Protect Plus
|
<10.1.6.4 | ||
|
IBM Cognos Analytics <11.2.4 IF4
IBM / Cognos Analytics
|
<11.2.4 IF4 | ||
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
IBM Cognos Analytics <12.0.4 IF2
IBM / Cognos Analytics
|
<12.0.4 IF2 | ||
|
IBM Spectrum Protect Plus <10.1.17.1
IBM / Spectrum Protect Plus
|
<10.1.17.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM DB2 Warehouse <5.1.0
IBM / DB2
|
Warehouse <5.1.0 | ||
|
IBM DB2 <5.1.0
IBM / DB2
|
<5.1.0 | ||
|
IBM Spectrum Protect Plus <10.1.6.4
IBM / Spectrum Protect Plus
|
<10.1.6.4 | ||
|
IBM Cognos Analytics <11.2.4 IF4
IBM / Cognos Analytics
|
<11.2.4 IF4 | ||
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
IBM Cognos Analytics <12.0.4 IF2
IBM / Cognos Analytics
|
<12.0.4 IF2 | ||
|
IBM Spectrum Protect Plus <10.1.17.1
IBM / Spectrum Protect Plus
|
<10.1.17.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM DB2 Warehouse <5.1.0
IBM / DB2
|
Warehouse <5.1.0 | ||
|
IBM DB2 <5.1.0
IBM / DB2
|
<5.1.0 | ||
|
IBM Spectrum Protect Plus <10.1.6.4
IBM / Spectrum Protect Plus
|
<10.1.6.4 | ||
|
IBM Cognos Analytics <11.2.4 IF4
IBM / Cognos Analytics
|
<11.2.4 IF4 | ||
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
IBM Cognos Analytics <12.0.4 IF2
IBM / Cognos Analytics
|
<12.0.4 IF2 | ||
|
IBM Spectrum Protect Plus <10.1.17.1
IBM / Spectrum Protect Plus
|
<10.1.17.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM DB2 Warehouse <5.1.0
IBM / DB2
|
Warehouse <5.1.0 | ||
|
IBM DB2 <5.1.0
IBM / DB2
|
<5.1.0 | ||
|
IBM Spectrum Protect Plus <10.1.6.4
IBM / Spectrum Protect Plus
|
<10.1.6.4 | ||
|
IBM Cognos Analytics <11.2.4 IF4
IBM / Cognos Analytics
|
<11.2.4 IF4 | ||
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
IBM Cognos Analytics <12.0.4 IF2
IBM / Cognos Analytics
|
<12.0.4 IF2 | ||
|
IBM Spectrum Protect Plus <10.1.17.1
IBM / Spectrum Protect Plus
|
<10.1.17.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM DB2 Warehouse <5.1.0
IBM / DB2
|
Warehouse <5.1.0 | ||
|
IBM DB2 <5.1.0
IBM / DB2
|
<5.1.0 | ||
|
IBM Spectrum Protect Plus <10.1.6.4
IBM / Spectrum Protect Plus
|
<10.1.6.4 | ||
|
IBM Cognos Analytics <11.2.4 IF4
IBM / Cognos Analytics
|
<11.2.4 IF4 | ||
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
IBM Cognos Analytics <12.0.4 IF2
IBM / Cognos Analytics
|
<12.0.4 IF2 | ||
|
IBM Spectrum Protect Plus <10.1.17.1
IBM / Spectrum Protect Plus
|
<10.1.17.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM DB2 Warehouse <5.1.0
IBM / DB2
|
Warehouse <5.1.0 | ||
|
IBM DB2 <5.1.0
IBM / DB2
|
<5.1.0 | ||
|
IBM Spectrum Protect Plus <10.1.6.4
IBM / Spectrum Protect Plus
|
<10.1.6.4 | ||
|
IBM Cognos Analytics <11.2.4 IF4
IBM / Cognos Analytics
|
<11.2.4 IF4 | ||
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
IBM Cognos Analytics <12.0.4 IF2
IBM / Cognos Analytics
|
<12.0.4 IF2 | ||
|
IBM Spectrum Protect Plus <10.1.17.1
IBM / Spectrum Protect Plus
|
<10.1.17.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM DB2 Warehouse <5.1.0
IBM / DB2
|
Warehouse <5.1.0 | ||
|
IBM DB2 <5.1.0
IBM / DB2
|
<5.1.0 | ||
|
IBM Spectrum Protect Plus <10.1.6.4
IBM / Spectrum Protect Plus
|
<10.1.6.4 | ||
|
IBM Cognos Analytics <11.2.4 IF4
IBM / Cognos Analytics
|
<11.2.4 IF4 | ||
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
IBM Cognos Analytics <12.0.4 IF2
IBM / Cognos Analytics
|
<12.0.4 IF2 | ||
|
IBM Spectrum Protect Plus <10.1.17.1
IBM / Spectrum Protect Plus
|
<10.1.17.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM DB2 Warehouse <5.1.0
IBM / DB2
|
Warehouse <5.1.0 | ||
|
IBM DB2 <5.1.0
IBM / DB2
|
<5.1.0 | ||
|
IBM Spectrum Protect Plus <10.1.6.4
IBM / Spectrum Protect Plus
|
<10.1.6.4 | ||
|
IBM Cognos Analytics <11.2.4 IF4
IBM / Cognos Analytics
|
<11.2.4 IF4 | ||
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
IBM Cognos Analytics <12.0.4 IF2
IBM / Cognos Analytics
|
<12.0.4 IF2 | ||
|
IBM Spectrum Protect Plus <10.1.17.1
IBM / Spectrum Protect Plus
|
<10.1.17.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM DB2 Warehouse <5.1.0
IBM / DB2
|
Warehouse <5.1.0 | ||
|
IBM DB2 <5.1.0
IBM / DB2
|
<5.1.0 | ||
|
IBM Spectrum Protect Plus <10.1.6.4
IBM / Spectrum Protect Plus
|
<10.1.6.4 | ||
|
IBM Cognos Analytics <11.2.4 IF4
IBM / Cognos Analytics
|
<11.2.4 IF4 | ||
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
IBM Cognos Analytics <12.0.4 IF2
IBM / Cognos Analytics
|
<12.0.4 IF2 | ||
|
IBM Spectrum Protect Plus <10.1.17.1
IBM / Spectrum Protect Plus
|
<10.1.17.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM DB2 Warehouse <5.1.0
IBM / DB2
|
Warehouse <5.1.0 | ||
|
IBM DB2 <5.1.0
IBM / DB2
|
<5.1.0 | ||
|
IBM Spectrum Protect Plus <10.1.6.4
IBM / Spectrum Protect Plus
|
<10.1.6.4 | ||
|
IBM Cognos Analytics <11.2.4 IF4
IBM / Cognos Analytics
|
<11.2.4 IF4 | ||
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
IBM Cognos Analytics <12.0.4 IF2
IBM / Cognos Analytics
|
<12.0.4 IF2 | ||
|
IBM Spectrum Protect Plus <10.1.17.1
IBM / Spectrum Protect Plus
|
<10.1.17.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM DB2 Warehouse <5.1.0
IBM / DB2
|
Warehouse <5.1.0 | ||
|
IBM DB2 <5.1.0
IBM / DB2
|
<5.1.0 | ||
|
IBM Spectrum Protect Plus <10.1.6.4
IBM / Spectrum Protect Plus
|
<10.1.6.4 | ||
|
IBM Cognos Analytics <11.2.4 IF4
IBM / Cognos Analytics
|
<11.2.4 IF4 | ||
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
IBM Cognos Analytics <12.0.4 IF2
IBM / Cognos Analytics
|
<12.0.4 IF2 | ||
|
IBM Spectrum Protect Plus <10.1.17.1
IBM / Spectrum Protect Plus
|
<10.1.17.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM DB2 Warehouse <5.1.0
IBM / DB2
|
Warehouse <5.1.0 | ||
|
IBM DB2 <5.1.0
IBM / DB2
|
<5.1.0 | ||
|
IBM Spectrum Protect Plus <10.1.6.4
IBM / Spectrum Protect Plus
|
<10.1.6.4 | ||
|
IBM Cognos Analytics <11.2.4 IF4
IBM / Cognos Analytics
|
<11.2.4 IF4 | ||
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
IBM Cognos Analytics <12.0.4 IF2
IBM / Cognos Analytics
|
<12.0.4 IF2 | ||
|
IBM Spectrum Protect Plus <10.1.17.1
IBM / Spectrum Protect Plus
|
<10.1.17.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM DB2 Warehouse <5.1.0
IBM / DB2
|
Warehouse <5.1.0 | ||
|
IBM DB2 <5.1.0
IBM / DB2
|
<5.1.0 | ||
|
IBM Spectrum Protect Plus <10.1.6.4
IBM / Spectrum Protect Plus
|
<10.1.6.4 | ||
|
IBM Cognos Analytics <11.2.4 IF4
IBM / Cognos Analytics
|
<11.2.4 IF4 | ||
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
IBM Cognos Analytics <12.0.4 IF2
IBM / Cognos Analytics
|
<12.0.4 IF2 | ||
|
IBM Spectrum Protect Plus <10.1.17.1
IBM / Spectrum Protect Plus
|
<10.1.17.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM DB2 Warehouse <5.1.0
IBM / DB2
|
Warehouse <5.1.0 | ||
|
IBM DB2 <5.1.0
IBM / DB2
|
<5.1.0 | ||
|
IBM Spectrum Protect Plus <10.1.6.4
IBM / Spectrum Protect Plus
|
<10.1.6.4 | ||
|
IBM Cognos Analytics <11.2.4 IF4
IBM / Cognos Analytics
|
<11.2.4 IF4 | ||
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
IBM Cognos Analytics <12.0.4 IF2
IBM / Cognos Analytics
|
<12.0.4 IF2 | ||
|
IBM Spectrum Protect Plus <10.1.17.1
IBM / Spectrum Protect Plus
|
<10.1.17.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM DB2 Warehouse <5.1.0
IBM / DB2
|
Warehouse <5.1.0 | ||
|
IBM DB2 <5.1.0
IBM / DB2
|
<5.1.0 | ||
|
IBM Spectrum Protect Plus <10.1.6.4
IBM / Spectrum Protect Plus
|
<10.1.6.4 | ||
|
IBM Cognos Analytics <11.2.4 IF4
IBM / Cognos Analytics
|
<11.2.4 IF4 | ||
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
IBM Cognos Analytics <12.0.4 IF2
IBM / Cognos Analytics
|
<12.0.4 IF2 | ||
|
IBM Spectrum Protect Plus <10.1.17.1
IBM / Spectrum Protect Plus
|
<10.1.17.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM DB2 Warehouse <5.1.0
IBM / DB2
|
Warehouse <5.1.0 | ||
|
IBM DB2 <5.1.0
IBM / DB2
|
<5.1.0 | ||
|
IBM Spectrum Protect Plus <10.1.6.4
IBM / Spectrum Protect Plus
|
<10.1.6.4 | ||
|
IBM Cognos Analytics <11.2.4 IF4
IBM / Cognos Analytics
|
<11.2.4 IF4 | ||
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
IBM Cognos Analytics <12.0.4 IF2
IBM / Cognos Analytics
|
<12.0.4 IF2 | ||
|
IBM Spectrum Protect Plus <10.1.17.1
IBM / Spectrum Protect Plus
|
<10.1.17.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM DB2 Warehouse <5.1.0
IBM / DB2
|
Warehouse <5.1.0 | ||
|
IBM DB2 <5.1.0
IBM / DB2
|
<5.1.0 | ||
|
IBM Spectrum Protect Plus <10.1.6.4
IBM / Spectrum Protect Plus
|
<10.1.6.4 | ||
|
IBM Cognos Analytics <11.2.4 IF4
IBM / Cognos Analytics
|
<11.2.4 IF4 | ||
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
IBM Cognos Analytics <12.0.4 IF2
IBM / Cognos Analytics
|
<12.0.4 IF2 | ||
|
IBM Spectrum Protect Plus <10.1.17.1
IBM / Spectrum Protect Plus
|
<10.1.17.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM DB2 Warehouse <5.1.0
IBM / DB2
|
Warehouse <5.1.0 | ||
|
IBM DB2 <5.1.0
IBM / DB2
|
<5.1.0 | ||
|
IBM Spectrum Protect Plus <10.1.6.4
IBM / Spectrum Protect Plus
|
<10.1.6.4 | ||
|
IBM Cognos Analytics <11.2.4 IF4
IBM / Cognos Analytics
|
<11.2.4 IF4 | ||
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
IBM Cognos Analytics <12.0.4 IF2
IBM / Cognos Analytics
|
<12.0.4 IF2 | ||
|
IBM Spectrum Protect Plus <10.1.17.1
IBM / Spectrum Protect Plus
|
<10.1.17.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM DB2 Warehouse <5.1.0
IBM / DB2
|
Warehouse <5.1.0 | ||
|
IBM DB2 <5.1.0
IBM / DB2
|
<5.1.0 | ||
|
IBM Spectrum Protect Plus <10.1.6.4
IBM / Spectrum Protect Plus
|
<10.1.6.4 | ||
|
IBM Cognos Analytics <11.2.4 IF4
IBM / Cognos Analytics
|
<11.2.4 IF4 | ||
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
IBM Cognos Analytics <12.0.4 IF2
IBM / Cognos Analytics
|
<12.0.4 IF2 | ||
|
IBM Spectrum Protect Plus <10.1.17.1
IBM / Spectrum Protect Plus
|
<10.1.17.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM DB2 Warehouse <5.1.0
IBM / DB2
|
Warehouse <5.1.0 | ||
|
IBM DB2 <5.1.0
IBM / DB2
|
<5.1.0 | ||
|
IBM Spectrum Protect Plus <10.1.6.4
IBM / Spectrum Protect Plus
|
<10.1.6.4 | ||
|
IBM Cognos Analytics <11.2.4 IF4
IBM / Cognos Analytics
|
<11.2.4 IF4 | ||
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
IBM Cognos Analytics <12.0.4 IF2
IBM / Cognos Analytics
|
<12.0.4 IF2 | ||
|
IBM Spectrum Protect Plus <10.1.17.1
IBM / Spectrum Protect Plus
|
<10.1.17.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM DB2 Warehouse <5.1.0
IBM / DB2
|
Warehouse <5.1.0 | ||
|
IBM DB2 <5.1.0
IBM / DB2
|
<5.1.0 | ||
|
IBM Spectrum Protect Plus <10.1.6.4
IBM / Spectrum Protect Plus
|
<10.1.6.4 | ||
|
IBM Cognos Analytics <11.2.4 IF4
IBM / Cognos Analytics
|
<11.2.4 IF4 | ||
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
IBM Cognos Analytics <12.0.4 IF2
IBM / Cognos Analytics
|
<12.0.4 IF2 | ||
|
IBM Spectrum Protect Plus <10.1.17.1
IBM / Spectrum Protect Plus
|
<10.1.17.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM DB2 Warehouse <5.1.0
IBM / DB2
|
Warehouse <5.1.0 | ||
|
IBM DB2 <5.1.0
IBM / DB2
|
<5.1.0 | ||
|
IBM Spectrum Protect Plus <10.1.6.4
IBM / Spectrum Protect Plus
|
<10.1.6.4 | ||
|
IBM Cognos Analytics <11.2.4 IF4
IBM / Cognos Analytics
|
<11.2.4 IF4 | ||
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
IBM Cognos Analytics <12.0.4 IF2
IBM / Cognos Analytics
|
<12.0.4 IF2 | ||
|
IBM Spectrum Protect Plus <10.1.17.1
IBM / Spectrum Protect Plus
|
<10.1.17.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM DB2 Warehouse <5.1.0
IBM / DB2
|
Warehouse <5.1.0 | ||
|
IBM DB2 <5.1.0
IBM / DB2
|
<5.1.0 | ||
|
IBM Spectrum Protect Plus <10.1.6.4
IBM / Spectrum Protect Plus
|
<10.1.6.4 | ||
|
IBM Cognos Analytics <11.2.4 IF4
IBM / Cognos Analytics
|
<11.2.4 IF4 | ||
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
IBM Cognos Analytics <12.0.4 IF2
IBM / Cognos Analytics
|
<12.0.4 IF2 | ||
|
IBM Spectrum Protect Plus <10.1.17.1
IBM / Spectrum Protect Plus
|
<10.1.17.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM DB2 Warehouse <5.1.0
IBM / DB2
|
Warehouse <5.1.0 | ||
|
IBM DB2 <5.1.0
IBM / DB2
|
<5.1.0 | ||
|
IBM Spectrum Protect Plus <10.1.6.4
IBM / Spectrum Protect Plus
|
<10.1.6.4 | ||
|
IBM Cognos Analytics <11.2.4 IF4
IBM / Cognos Analytics
|
<11.2.4 IF4 | ||
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
IBM Cognos Analytics <12.0.4 IF2
IBM / Cognos Analytics
|
<12.0.4 IF2 | ||
|
IBM Spectrum Protect Plus <10.1.17.1
IBM / Spectrum Protect Plus
|
<10.1.17.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM DB2 Warehouse <5.1.0
IBM / DB2
|
Warehouse <5.1.0 | ||
|
IBM DB2 <5.1.0
IBM / DB2
|
<5.1.0 | ||
|
IBM Spectrum Protect Plus <10.1.6.4
IBM / Spectrum Protect Plus
|
<10.1.6.4 | ||
|
IBM Cognos Analytics <11.2.4 IF4
IBM / Cognos Analytics
|
<11.2.4 IF4 | ||
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
IBM Cognos Analytics <12.0.4 IF2
IBM / Cognos Analytics
|
<12.0.4 IF2 | ||
|
IBM Spectrum Protect Plus <10.1.17.1
IBM / Spectrum Protect Plus
|
<10.1.17.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM DB2 Warehouse <5.1.0
IBM / DB2
|
Warehouse <5.1.0 | ||
|
IBM DB2 <5.1.0
IBM / DB2
|
<5.1.0 | ||
|
IBM Spectrum Protect Plus <10.1.6.4
IBM / Spectrum Protect Plus
|
<10.1.6.4 | ||
|
IBM Cognos Analytics <11.2.4 IF4
IBM / Cognos Analytics
|
<11.2.4 IF4 | ||
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
IBM Cognos Analytics <12.0.4 IF2
IBM / Cognos Analytics
|
<12.0.4 IF2 | ||
|
IBM Spectrum Protect Plus <10.1.17.1
IBM / Spectrum Protect Plus
|
<10.1.17.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM DB2 Warehouse <5.1.0
IBM / DB2
|
Warehouse <5.1.0 | ||
|
IBM DB2 <5.1.0
IBM / DB2
|
<5.1.0 | ||
|
IBM Spectrum Protect Plus <10.1.6.4
IBM / Spectrum Protect Plus
|
<10.1.6.4 | ||
|
IBM Cognos Analytics <11.2.4 IF4
IBM / Cognos Analytics
|
<11.2.4 IF4 | ||
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
IBM Cognos Analytics <12.0.4 IF2
IBM / Cognos Analytics
|
<12.0.4 IF2 | ||
|
IBM Spectrum Protect Plus <10.1.17.1
IBM / Spectrum Protect Plus
|
<10.1.17.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM DB2 Warehouse <5.1.0
IBM / DB2
|
Warehouse <5.1.0 | ||
|
IBM DB2 <5.1.0
IBM / DB2
|
<5.1.0 | ||
|
IBM Spectrum Protect Plus <10.1.6.4
IBM / Spectrum Protect Plus
|
<10.1.6.4 | ||
|
IBM Cognos Analytics <11.2.4 IF4
IBM / Cognos Analytics
|
<11.2.4 IF4 | ||
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
IBM Cognos Analytics <12.0.4 IF2
IBM / Cognos Analytics
|
<12.0.4 IF2 | ||
|
IBM Spectrum Protect Plus <10.1.17.1
IBM / Spectrum Protect Plus
|
<10.1.17.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM DB2 Warehouse <5.1.0
IBM / DB2
|
Warehouse <5.1.0 | ||
|
IBM DB2 <5.1.0
IBM / DB2
|
<5.1.0 | ||
|
IBM Spectrum Protect Plus <10.1.6.4
IBM / Spectrum Protect Plus
|
<10.1.6.4 | ||
|
IBM Cognos Analytics <11.2.4 IF4
IBM / Cognos Analytics
|
<11.2.4 IF4 | ||
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
IBM Cognos Analytics <12.0.4 IF2
IBM / Cognos Analytics
|
<12.0.4 IF2 | ||
|
IBM Spectrum Protect Plus <10.1.17.1
IBM / Spectrum Protect Plus
|
<10.1.17.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM DB2 Warehouse <5.1.0
IBM / DB2
|
Warehouse <5.1.0 | ||
|
IBM DB2 <5.1.0
IBM / DB2
|
<5.1.0 | ||
|
IBM Spectrum Protect Plus <10.1.6.4
IBM / Spectrum Protect Plus
|
<10.1.6.4 | ||
|
IBM Cognos Analytics <11.2.4 IF4
IBM / Cognos Analytics
|
<11.2.4 IF4 | ||
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
IBM Cognos Analytics <12.0.4 IF2
IBM / Cognos Analytics
|
<12.0.4 IF2 | ||
|
IBM Spectrum Protect Plus <10.1.17.1
IBM / Spectrum Protect Plus
|
<10.1.17.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM DB2 Warehouse <5.1.0
IBM / DB2
|
Warehouse <5.1.0 | ||
|
IBM DB2 <5.1.0
IBM / DB2
|
<5.1.0 | ||
|
IBM Spectrum Protect Plus <10.1.6.4
IBM / Spectrum Protect Plus
|
<10.1.6.4 | ||
|
IBM Cognos Analytics <11.2.4 IF4
IBM / Cognos Analytics
|
<11.2.4 IF4 | ||
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
IBM Cognos Analytics <12.0.4 IF2
IBM / Cognos Analytics
|
<12.0.4 IF2 | ||
|
IBM Spectrum Protect Plus <10.1.17.1
IBM / Spectrum Protect Plus
|
<10.1.17.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM DB2 Warehouse <5.1.0
IBM / DB2
|
Warehouse <5.1.0 | ||
|
IBM DB2 <5.1.0
IBM / DB2
|
<5.1.0 | ||
|
IBM Spectrum Protect Plus <10.1.6.4
IBM / Spectrum Protect Plus
|
<10.1.6.4 | ||
|
IBM Cognos Analytics <11.2.4 IF4
IBM / Cognos Analytics
|
<11.2.4 IF4 | ||
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
IBM Cognos Analytics <12.0.4 IF2
IBM / Cognos Analytics
|
<12.0.4 IF2 | ||
|
IBM Spectrum Protect Plus <10.1.17.1
IBM / Spectrum Protect Plus
|
<10.1.17.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM DB2 Warehouse <5.1.0
IBM / DB2
|
Warehouse <5.1.0 | ||
|
IBM DB2 <5.1.0
IBM / DB2
|
<5.1.0 | ||
|
IBM Spectrum Protect Plus <10.1.6.4
IBM / Spectrum Protect Plus
|
<10.1.6.4 | ||
|
IBM Cognos Analytics <11.2.4 IF4
IBM / Cognos Analytics
|
<11.2.4 IF4 | ||
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
IBM Cognos Analytics <12.0.4 IF2
IBM / Cognos Analytics
|
<12.0.4 IF2 | ||
|
IBM Spectrum Protect Plus <10.1.17.1
IBM / Spectrum Protect Plus
|
<10.1.17.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM DB2 Warehouse <5.1.0
IBM / DB2
|
Warehouse <5.1.0 | ||
|
IBM DB2 <5.1.0
IBM / DB2
|
<5.1.0 | ||
|
IBM Spectrum Protect Plus <10.1.6.4
IBM / Spectrum Protect Plus
|
<10.1.6.4 | ||
|
IBM Cognos Analytics <11.2.4 IF4
IBM / Cognos Analytics
|
<11.2.4 IF4 | ||
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
IBM Cognos Analytics <12.0.4 IF2
IBM / Cognos Analytics
|
<12.0.4 IF2 | ||
|
IBM Spectrum Protect Plus <10.1.17.1
IBM / Spectrum Protect Plus
|
<10.1.17.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM DB2 Warehouse <5.1.0
IBM / DB2
|
Warehouse <5.1.0 | ||
|
IBM DB2 <5.1.0
IBM / DB2
|
<5.1.0 | ||
|
IBM Spectrum Protect Plus <10.1.6.4
IBM / Spectrum Protect Plus
|
<10.1.6.4 | ||
|
IBM Cognos Analytics <11.2.4 IF4
IBM / Cognos Analytics
|
<11.2.4 IF4 | ||
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
IBM Cognos Analytics <12.0.4 IF2
IBM / Cognos Analytics
|
<12.0.4 IF2 | ||
|
IBM Spectrum Protect Plus <10.1.17.1
IBM / Spectrum Protect Plus
|
<10.1.17.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
References
10 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "IBM DB2 ist ein relationales Datenbanksystem (RDBS) von IBM.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter oder lokaler Angreifer kann mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-0001 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0001.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-0001 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0001"
},
{
"category": "external",
"summary": "IBM Security Bulletin vom 2025-01-01",
"url": "https://www.ibm.com/support/pages/node/7180105"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7180361 vom 2025-01-07",
"url": "https://www.ibm.com/support/pages/node/7180361"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:1227 vom 2025-02-12",
"url": "https://access.redhat.com/errata/RHSA-2025:1227"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7183676 vom 2025-02-27",
"url": "https://www.ibm.com/support/pages/node/7183676"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7229443 vom 2025-03-28",
"url": "https://www.ibm.com/support/pages/node/7229443"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7237702 vom 2025-06-24",
"url": "https://www.ibm.com/support/pages/node/7237702"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7249276 vom 2025-10-27",
"url": "https://www.ibm.com/support/pages/node/7249276"
},
{
"category": "external",
"summary": "Atlassian Security Bulletin - November 18 2025",
"url": "https://confluence.atlassian.com/security/security-bulletin-november-18-2025-1671463469.html"
}
],
"source_lang": "en-US",
"title": "IBM DB2: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-11-18T23:00:00.000+00:00",
"generator": {
"date": "2025-11-19T09:37:09.985+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2025-0001",
"initial_release_date": "2025-01-01T23:00:00.000+00:00",
"revision_history": [
{
"date": "2025-01-01T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-01-06T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-02-12T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-02-27T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-03-30T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-06-23T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-10-27T23:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-11-18T23:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates aufgenommen"
}
],
"status": "final",
"version": "8"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.1.1",
"product": {
"name": "Atlassian Confluence \u003c10.1.1",
"product_id": "T048680"
}
},
{
"category": "product_version",
"name": "10.1.1",
"product": {
"name": "Atlassian Confluence 10.1.1",
"product_id": "T048680-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:confluence:10.1.1"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.0.2",
"product": {
"name": "Atlassian Confluence \u003c10.0.2",
"product_id": "T048685"
}
},
{
"category": "product_version",
"name": "10.0.2",
"product": {
"name": "Atlassian Confluence 10.0.2",
"product_id": "T048685-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:confluence:10.0.2"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.2.7",
"product": {
"name": "Atlassian Confluence \u003c9.2.7",
"product_id": "T048686"
}
},
{
"category": "product_version",
"name": "9.2.7",
"product": {
"name": "Atlassian Confluence 9.2.7",
"product_id": "T048686-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:confluence:9.2.7"
}
}
},
{
"category": "product_version_range",
"name": "\u003c8.5.25",
"product": {
"name": "Atlassian Confluence \u003c8.5.25",
"product_id": "T048687"
}
},
{
"category": "product_version",
"name": "8.5.25",
"product": {
"name": "Atlassian Confluence 8.5.25",
"product_id": "T048687-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:confluence:8.5.25"
}
}
}
],
"category": "product_name",
"name": "Confluence"
}
],
"category": "vendor",
"name": "Atlassian"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c12.0.4 IF2",
"product": {
"name": "IBM Cognos Analytics \u003c12.0.4 IF2",
"product_id": "T041469"
}
},
{
"category": "product_version",
"name": "12.0.4 IF2",
"product": {
"name": "IBM Cognos Analytics 12.0.4 IF2",
"product_id": "T041469-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:cognos_analytics:12.0.4_if2"
}
}
},
{
"category": "product_version_range",
"name": "\u003c11.2.4 IF4",
"product": {
"name": "IBM Cognos Analytics \u003c11.2.4 IF4",
"product_id": "T041470"
}
},
{
"category": "product_version",
"name": "11.2.4 IF4",
"product": {
"name": "IBM Cognos Analytics 11.2.4 IF4",
"product_id": "T041470-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:cognos_analytics:11.2.4_if4"
}
}
}
],
"category": "product_name",
"name": "Cognos Analytics"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c5.1.0",
"product": {
"name": "IBM DB2 \u003c5.1.0",
"product_id": "T039987"
}
},
{
"category": "product_version",
"name": "5.1.0",
"product": {
"name": "IBM DB2 5.1.0",
"product_id": "T039987-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:db2:5.1.0"
}
}
},
{
"category": "product_version_range",
"name": "Warehouse \u003c5.1.0",
"product": {
"name": "IBM DB2 Warehouse \u003c5.1.0",
"product_id": "T039988"
}
},
{
"category": "product_version",
"name": "Warehouse 5.1.0",
"product": {
"name": "IBM DB2 Warehouse 5.1.0",
"product_id": "T039988-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:db2:warehouse__5.1.0"
}
}
},
{
"category": "product_version",
"name": "on Cloud Pak for Data",
"product": {
"name": "IBM DB2 on Cloud Pak for Data",
"product_id": "T042208",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:db2:on_cloud_pak_for_data"
}
}
}
],
"category": "product_name",
"name": "DB2"
},
{
"category": "product_name",
"name": "IBM QRadar SIEM",
"product": {
"name": "IBM QRadar SIEM",
"product_id": "T021415",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:qradar_siem:-"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.1.6.4",
"product": {
"name": "IBM Spectrum Protect Plus \u003c10.1.6.4",
"product_id": "T040030"
}
},
{
"category": "product_version",
"name": "10.1.6.4",
"product": {
"name": "IBM Spectrum Protect Plus 10.1.6.4",
"product_id": "T040030-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:spectrum_protect_plus:10.1.6.4"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.1.17.1",
"product": {
"name": "IBM Spectrum Protect Plus \u003c10.1.17.1",
"product_id": "T044782"
}
},
{
"category": "product_version",
"name": "10.1.17.1",
"product": {
"name": "IBM Spectrum Protect Plus 10.1.17.1",
"product_id": "T044782-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:spectrum_protect_plus:10.1.17.1"
}
}
}
],
"category": "product_name",
"name": "Spectrum Protect Plus"
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-32740",
"product_status": {
"known_affected": [
"67646",
"T048680",
"T042208",
"T039988",
"T039987",
"T040030",
"T041470",
"T021415",
"T048685",
"T041469",
"T044782",
"T048687",
"T048686"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2021-32740"
},
{
"cve": "CVE-2021-41186",
"product_status": {
"known_affected": [
"67646",
"T048680",
"T042208",
"T039988",
"T039987",
"T040030",
"T041470",
"T021415",
"T048685",
"T041469",
"T044782",
"T048687",
"T048686"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2021-41186"
},
{
"cve": "CVE-2022-0759",
"product_status": {
"known_affected": [
"67646",
"T048680",
"T042208",
"T039988",
"T039987",
"T040030",
"T041470",
"T021415",
"T048685",
"T041469",
"T044782",
"T048687",
"T048686"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2022-0759"
},
{
"cve": "CVE-2022-24795",
"product_status": {
"known_affected": [
"67646",
"T048680",
"T042208",
"T039988",
"T039987",
"T040030",
"T041470",
"T021415",
"T048685",
"T041469",
"T044782",
"T048687",
"T048686"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2022-24795"
},
{
"cve": "CVE-2022-31163",
"product_status": {
"known_affected": [
"67646",
"T048680",
"T042208",
"T039988",
"T039987",
"T040030",
"T041470",
"T021415",
"T048685",
"T041469",
"T044782",
"T048687",
"T048686"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2022-31163"
},
{
"cve": "CVE-2023-39325",
"product_status": {
"known_affected": [
"67646",
"T048680",
"T042208",
"T039988",
"T039987",
"T040030",
"T041470",
"T021415",
"T048685",
"T041469",
"T044782",
"T048687",
"T048686"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2023-39325"
},
{
"cve": "CVE-2023-41993",
"product_status": {
"known_affected": [
"67646",
"T048680",
"T042208",
"T039988",
"T039987",
"T040030",
"T041470",
"T021415",
"T048685",
"T041469",
"T044782",
"T048687",
"T048686"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2023-41993"
},
{
"cve": "CVE-2023-45283",
"product_status": {
"known_affected": [
"67646",
"T048680",
"T042208",
"T039988",
"T039987",
"T040030",
"T041470",
"T021415",
"T048685",
"T041469",
"T044782",
"T048687",
"T048686"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2023-45283"
},
{
"cve": "CVE-2023-45288",
"product_status": {
"known_affected": [
"67646",
"T048680",
"T042208",
"T039988",
"T039987",
"T040030",
"T041470",
"T021415",
"T048685",
"T041469",
"T044782",
"T048687",
"T048686"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2023-45288"
},
{
"cve": "CVE-2023-6597",
"product_status": {
"known_affected": [
"67646",
"T048680",
"T042208",
"T039988",
"T039987",
"T040030",
"T041470",
"T021415",
"T048685",
"T041469",
"T044782",
"T048687",
"T048686"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2023-6597"
},
{
"cve": "CVE-2024-0406",
"product_status": {
"known_affected": [
"67646",
"T048680",
"T042208",
"T039988",
"T039987",
"T040030",
"T041470",
"T021415",
"T048685",
"T041469",
"T044782",
"T048687",
"T048686"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-0406"
},
{
"cve": "CVE-2024-20918",
"product_status": {
"known_affected": [
"67646",
"T048680",
"T042208",
"T039988",
"T039987",
"T040030",
"T041470",
"T021415",
"T048685",
"T041469",
"T044782",
"T048687",
"T048686"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-20918"
},
{
"cve": "CVE-2024-20952",
"product_status": {
"known_affected": [
"67646",
"T048680",
"T042208",
"T039988",
"T039987",
"T040030",
"T041470",
"T021415",
"T048685",
"T041469",
"T044782",
"T048687",
"T048686"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-20952"
},
{
"cve": "CVE-2024-2398",
"product_status": {
"known_affected": [
"67646",
"T048680",
"T042208",
"T039988",
"T039987",
"T040030",
"T041470",
"T021415",
"T048685",
"T041469",
"T044782",
"T048687",
"T048686"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-2398"
},
{
"cve": "CVE-2024-24786",
"product_status": {
"known_affected": [
"67646",
"T048680",
"T042208",
"T039988",
"T039987",
"T040030",
"T041470",
"T021415",
"T048685",
"T041469",
"T044782",
"T048687",
"T048686"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-24786"
},
{
"cve": "CVE-2024-27281",
"product_status": {
"known_affected": [
"67646",
"T048680",
"T042208",
"T039988",
"T039987",
"T040030",
"T041470",
"T021415",
"T048685",
"T041469",
"T044782",
"T048687",
"T048686"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-27281"
},
{
"cve": "CVE-2024-2961",
"product_status": {
"known_affected": [
"67646",
"T048680",
"T042208",
"T039988",
"T039987",
"T040030",
"T041470",
"T021415",
"T048685",
"T041469",
"T044782",
"T048687",
"T048686"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-2961"
},
{
"cve": "CVE-2024-29857",
"product_status": {
"known_affected": [
"67646",
"T048680",
"T042208",
"T039988",
"T039987",
"T040030",
"T041470",
"T021415",
"T048685",
"T041469",
"T044782",
"T048687",
"T048686"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-29857"
},
{
"cve": "CVE-2024-33599",
"product_status": {
"known_affected": [
"67646",
"T048680",
"T042208",
"T039988",
"T039987",
"T040030",
"T041470",
"T021415",
"T048685",
"T041469",
"T044782",
"T048687",
"T048686"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-33599"
},
{
"cve": "CVE-2024-33883",
"product_status": {
"known_affected": [
"67646",
"T048680",
"T042208",
"T039988",
"T039987",
"T040030",
"T041470",
"T021415",
"T048685",
"T041469",
"T044782",
"T048687",
"T048686"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-33883"
},
{
"cve": "CVE-2024-37370",
"product_status": {
"known_affected": [
"67646",
"T048680",
"T042208",
"T039988",
"T039987",
"T040030",
"T041470",
"T021415",
"T048685",
"T041469",
"T044782",
"T048687",
"T048686"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-37370"
},
{
"cve": "CVE-2024-37371",
"product_status": {
"known_affected": [
"67646",
"T048680",
"T042208",
"T039988",
"T039987",
"T040030",
"T041470",
"T021415",
"T048685",
"T041469",
"T044782",
"T048687",
"T048686"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-37371"
},
{
"cve": "CVE-2024-37890",
"product_status": {
"known_affected": [
"67646",
"T048680",
"T042208",
"T039988",
"T039987",
"T040030",
"T041470",
"T021415",
"T048685",
"T041469",
"T044782",
"T048687",
"T048686"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-37890"
},
{
"cve": "CVE-2024-39338",
"product_status": {
"known_affected": [
"67646",
"T048680",
"T042208",
"T039988",
"T039987",
"T040030",
"T041470",
"T021415",
"T048685",
"T041469",
"T044782",
"T048687",
"T048686"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-39338"
},
{
"cve": "CVE-2024-4068",
"product_status": {
"known_affected": [
"67646",
"T048680",
"T042208",
"T039988",
"T039987",
"T040030",
"T041470",
"T021415",
"T048685",
"T041469",
"T044782",
"T048687",
"T048686"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-4068"
},
{
"cve": "CVE-2024-41110",
"product_status": {
"known_affected": [
"67646",
"T048680",
"T042208",
"T039988",
"T039987",
"T040030",
"T041470",
"T021415",
"T048685",
"T041469",
"T044782",
"T048687",
"T048686"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-41110"
},
{
"cve": "CVE-2024-41123",
"product_status": {
"known_affected": [
"67646",
"T048680",
"T042208",
"T039988",
"T039987",
"T040030",
"T041470",
"T021415",
"T048685",
"T041469",
"T044782",
"T048687",
"T048686"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-41123"
},
{
"cve": "CVE-2024-41946",
"product_status": {
"known_affected": [
"67646",
"T048680",
"T042208",
"T039988",
"T039987",
"T040030",
"T041470",
"T021415",
"T048685",
"T041469",
"T044782",
"T048687",
"T048686"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-41946"
},
{
"cve": "CVE-2024-45296",
"product_status": {
"known_affected": [
"67646",
"T048680",
"T042208",
"T039988",
"T039987",
"T040030",
"T041470",
"T021415",
"T048685",
"T041469",
"T044782",
"T048687",
"T048686"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-45296"
},
{
"cve": "CVE-2024-45491",
"product_status": {
"known_affected": [
"67646",
"T048680",
"T042208",
"T039988",
"T039987",
"T040030",
"T041470",
"T021415",
"T048685",
"T041469",
"T044782",
"T048687",
"T048686"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-45491"
},
{
"cve": "CVE-2024-45590",
"product_status": {
"known_affected": [
"67646",
"T048680",
"T042208",
"T039988",
"T039987",
"T040030",
"T041470",
"T021415",
"T048685",
"T041469",
"T044782",
"T048687",
"T048686"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-45590"
},
{
"cve": "CVE-2024-47220",
"product_status": {
"known_affected": [
"67646",
"T048680",
"T042208",
"T039988",
"T039987",
"T040030",
"T041470",
"T021415",
"T048685",
"T041469",
"T044782",
"T048687",
"T048686"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-47220"
},
{
"cve": "CVE-2024-47554",
"product_status": {
"known_affected": [
"67646",
"T048680",
"T042208",
"T039988",
"T039987",
"T040030",
"T041470",
"T021415",
"T048685",
"T041469",
"T044782",
"T048687",
"T048686"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-47554"
},
{
"cve": "CVE-2024-6119",
"product_status": {
"known_affected": [
"67646",
"T048680",
"T042208",
"T039988",
"T039987",
"T040030",
"T041470",
"T021415",
"T048685",
"T041469",
"T044782",
"T048687",
"T048686"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-6119"
},
{
"cve": "CVE-2024-6345",
"product_status": {
"known_affected": [
"67646",
"T048680",
"T042208",
"T039988",
"T039987",
"T040030",
"T041470",
"T021415",
"T048685",
"T041469",
"T044782",
"T048687",
"T048686"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-6345"
}
]
}
WID-SEC-W-2025-0143
Vulnerability from csaf_certbund - Published: 2025-01-21 23:00 - Updated: 2025-08-17 22:00Summary
Oracle Fusion Middleware: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Oracle Fusion Middleware bündelt mehrere Produkte zur Erstellung, Betrieb und Management von intelligenten Business Anwendungen.
Angriff: Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Fusion Middleware ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme: - Linux
- UNIX
- Windows
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
References
3 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Oracle Fusion Middleware b\u00fcndelt mehrere Produkte zur Erstellung, Betrieb und Management von intelligenten Business Anwendungen.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Fusion Middleware ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-0143 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0143.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-0143 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0143"
},
{
"category": "external",
"summary": "Oracle Critical Patch Update Advisory - January 2025 - Appendix Oracle Fusion Middleware vom 2025-01-21",
"url": "https://www.oracle.com/security-alerts/cpujan2025.html#AppendixFMW"
}
],
"source_lang": "en-US",
"title": "Oracle Fusion Middleware: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-08-17T22:00:00.000+00:00",
"generator": {
"date": "2025-08-18T11:50:24.468+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2025-0143",
"initial_release_date": "2025-01-21T23:00:00.000+00:00",
"revision_history": [
{
"date": "2025-01-21T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-08-11T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2025-08-17T22:00:00.000+00:00",
"number": "3",
"summary": "Korrektur"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "12.2.1.4.0",
"product": {
"name": "Oracle Fusion Middleware 12.2.1.4.0",
"product_id": "751674",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:fusion_middleware:12.2.1.4.0"
}
}
},
{
"category": "product_version",
"name": "14.1.1.0.0",
"product": {
"name": "Oracle Fusion Middleware 14.1.1.0.0",
"product_id": "829576",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:fusion_middleware:14.1.1.0.0"
}
}
},
{
"category": "product_version",
"name": "8.5.7",
"product": {
"name": "Oracle Fusion Middleware 8.5.7",
"product_id": "T034057",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:fusion_middleware:8.5.7"
}
}
},
{
"category": "product_version",
"name": "14.1.2.0.0",
"product": {
"name": "Oracle Fusion Middleware 14.1.2.0.0",
"product_id": "T040467",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:fusion_middleware:14.1.2.0.0"
}
}
}
],
"category": "product_name",
"name": "Fusion Middleware"
}
],
"category": "vendor",
"name": "Oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-12415",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2019-12415"
},
{
"cve": "CVE-2023-44483",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2023-44483"
},
{
"cve": "CVE-2023-49582",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2023-49582"
},
{
"cve": "CVE-2023-51775",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2023-51775"
},
{
"cve": "CVE-2023-7272",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2023-7272"
},
{
"cve": "CVE-2024-23635",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2024-23635"
},
{
"cve": "CVE-2024-29857",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2024-29857"
},
{
"cve": "CVE-2024-34750",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2024-34750"
},
{
"cve": "CVE-2024-37371",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2024-37371"
},
{
"cve": "CVE-2024-38475",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2024-38475"
},
{
"cve": "CVE-2024-38819",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2024-38819"
},
{
"cve": "CVE-2024-45492",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2024-45492"
},
{
"cve": "CVE-2024-47072",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2024-47072"
},
{
"cve": "CVE-2024-47554",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2024-47554"
},
{
"cve": "CVE-2024-47561",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2024-47561"
},
{
"cve": "CVE-2024-5535",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2024-5535"
},
{
"cve": "CVE-2024-8096",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2024-8096"
},
{
"cve": "CVE-2025-21498",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2025-21498"
},
{
"cve": "CVE-2025-21535",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2025-21535"
},
{
"cve": "CVE-2025-21549",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2025-21549"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…