Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2024-38820 (GCVE-0-2024-38820)
Vulnerability from cvelistv5 – Published: 2024-10-18 05:39 – Updated: 2024-11-29 12:04
VLAI
EPSS
Title
CVE-2024-38820: Spring Framework DataBinder Case Sensitive Match Exception
Summary
The fix for CVE-2022-22968 made disallowedFields patterns in DataBinder case insensitive. However, String.toLowerCase() has some Locale dependent exceptions that could potentially result in fields not protected as expected.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-178 - Improper Handling of Case Sensitivity
Assigner
References
2 references
Impacted products
Date Public
2024-10-17 05:32
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38820",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-18T16:33:48.971617Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-178",
"description": "CWE-178 Improper Handling of Case Sensitivity",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-05T20:15:24.631Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-11-29T12:04:41.387Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20241129-0003/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"packageName": "Spring Framework",
"product": "Spring",
"vendor": "VMware",
"versions": [
{
"lessThan": "5.3.41",
"status": "affected",
"version": "5.3.x",
"versionType": "Enterprise Support Only"
},
{
"lessThan": "6.0.25",
"status": "affected",
"version": "6.0.x",
"versionType": "Enterprise Support Only"
},
{
"lessThan": "6.1.14",
"status": "affected",
"version": "6.1.x",
"versionType": "OSS"
}
]
}
],
"datePublic": "2024-10-17T05:32:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eThe fix for CVE-2022-22968 made \u003ccode\u003edisallowedFields\u003c/code\u003e\u0026nbsp;patterns in \u003ccode\u003eDataBinder\u003c/code\u003e\u0026nbsp;case insensitive. However, \u003ccode\u003eString.toLowerCase()\u003c/code\u003e\u0026nbsp;has some Locale dependent exceptions that could potentially result in fields not protected as expected.\u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cbr\u003e"
}
],
"value": "The fix for CVE-2022-22968 made disallowedFields\u00a0patterns in DataBinder\u00a0case insensitive. However, String.toLowerCase()\u00a0has some Locale dependent exceptions that could potentially result in fields not protected as expected."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-18T05:39:05.275Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://spring.io/security/cve-2024-38820"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "CVE-2024-38820: Spring Framework DataBinder Case Sensitive Match Exception",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2024-38820",
"datePublished": "2024-10-18T05:39:05.275Z",
"dateReserved": "2024-06-19T22:32:06.583Z",
"dateUpdated": "2024-11-29T12:04:41.387Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2024-38820",
"date": "2026-06-28",
"epss": "0.00631",
"percentile": "0.45674"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-38820\",\"sourceIdentifier\":\"security@vmware.com\",\"published\":\"2024-10-18T06:15:03.333\",\"lastModified\":\"2026-06-17T07:41:06.497\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The fix for CVE-2022-22968 made disallowedFields\u00a0patterns in DataBinder\u00a0case insensitive. However, String.toLowerCase()\u00a0has some Locale dependent exceptions that could potentially result in fields not protected as expected.\"},{\"lang\":\"es\",\"value\":\"La correcci\u00f3n de CVE-2022-22968 hizo que los patrones disallowedFields en DataBinder no distingan entre may\u00fasculas y min\u00fasculas. Sin embargo, String.toLowerCase() tiene algunas excepciones dependientes de la configuraci\u00f3n regional que podr\u00edan generar campos no protegidos como se esperaba.\"}],\"affected\":[{\"source\":\"security@vmware.com\",\"affectedData\":[{\"vendor\":\"VMware\",\"product\":\"Spring\",\"defaultStatus\":\"affected\",\"packageName\":\"Spring Framework\",\"versions\":[{\"version\":\"5.3.x\",\"lessThan\":\"5.3.41\",\"versionType\":\"Enterprise Support Only\",\"status\":\"affected\"},{\"version\":\"6.0.x\",\"lessThan\":\"6.0.25\",\"versionType\":\"Enterprise Support Only\",\"status\":\"affected\"},{\"version\":\"6.1.x\",\"lessThan\":\"6.1.14\",\"versionType\":\"OSS\",\"status\":\"affected\"}]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security@vmware.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N\",\"baseScore\":3.1,\"baseSeverity\":\"LOW\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.6,\"impactScore\":1.4},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2024-10-18T16:33:48.971617Z\",\"id\":\"CVE-2024-38820\",\"options\":[{\"exploitation\":\"none\"},{\"automatable\":\"no\"},{\"technicalImpact\":\"partial\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-178\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:spring_framework:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.3.0\",\"versionEndExcluding\":\"5.3.41\",\"matchCriteriaId\":\"CF21F5D2-C4C5-4F24-AC72-D035237FF88E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:spring_framework:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.0.0\",\"versionEndExcluding\":\"6.0.25\",\"matchCriteriaId\":\"39D2699C-C6AD-4D79-A35B-2D273FA1C97C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:spring_framework:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.1.0\",\"versionEndExcluding\":\"6.1.14\",\"matchCriteriaId\":\"34886C2E-A108-48D6-9536-D33EF3C90A0A\"}]}]}],\"references\":[{\"url\":\"https://spring.io/security/cve-2024-38820\",\"source\":\"security@vmware.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20241129-0003/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://security.netapp.com/advisory/ntap-20241129-0003/\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-11-29T12:04:41.387Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-38820\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-10-18T16:33:48.971617Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-178\", \"description\": \"CWE-178 Improper Handling of Case Sensitivity\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-10-18T16:33:52.621Z\"}}], \"cna\": {\"title\": \"CVE-2024-38820: Spring Framework DataBinder Case Sensitive Match Exception\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 3.1, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"LOW\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"NONE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"VMware\", \"product\": \"Spring\", \"versions\": [{\"status\": \"affected\", \"version\": \"5.3.x\", \"lessThan\": \"5.3.41\", \"versionType\": \"Enterprise Support Only\"}, {\"status\": \"affected\", \"version\": \"6.0.x\", \"lessThan\": \"6.0.25\", \"versionType\": \"Enterprise Support Only\"}, {\"status\": \"affected\", \"version\": \"6.1.x\", \"lessThan\": \"6.1.14\", \"versionType\": \"OSS\"}], \"packageName\": \"Spring Framework\", \"defaultStatus\": \"affected\"}], \"datePublic\": \"2024-10-17T05:32:00.000Z\", \"references\": [{\"url\": \"https://spring.io/security/cve-2024-38820\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"The fix for CVE-2022-22968 made disallowedFields\\u00a0patterns in DataBinder\\u00a0case insensitive. However, String.toLowerCase()\\u00a0has some Locale dependent exceptions that could potentially result in fields not protected as expected.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eThe fix for CVE-2022-22968 made \u003ccode\u003edisallowedFields\u003c/code\u003e\u0026nbsp;patterns in \u003ccode\u003eDataBinder\u003c/code\u003e\u0026nbsp;case insensitive. However, \u003ccode\u003eString.toLowerCase()\u003c/code\u003e\u0026nbsp;has some Locale dependent exceptions that could potentially result in fields not protected as expected.\u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cbr\u003e\", \"base64\": false}]}], \"providerMetadata\": {\"orgId\": \"dcf2e128-44bd-42ed-91e8-88f912c1401d\", \"shortName\": \"vmware\", \"dateUpdated\": \"2024-10-18T05:39:05.275Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-38820\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-11-29T12:04:41.387Z\", \"dateReserved\": \"2024-06-19T22:32:06.583Z\", \"assignerOrgId\": \"dcf2e128-44bd-42ed-91e8-88f912c1401d\", \"datePublished\": \"2024-10-18T05:39:05.275Z\", \"assignerShortName\": \"vmware\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
NCSC-2025-0129
Vulnerability from csaf_ncscnl - Published: 2025-04-16 15:02 - Updated: 2025-04-16 15:02Summary
Kwetsbaarheden verholpen in Oracle Analytics
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten: Oracle heeft kwetsbaarheden verholpen in Oracle Analytics.
Interpretaties: De kwetsbaarheden stellen ongeauthenticeerde kwaadwillenden in staat om toegang te krijgen tot gevoelige gegevens, Denial-of-Service aan te richten, en zelfs volledige controle over systemen te verkrijgen. Specifieke kwetsbaarheden in Oracle Business Intelligence Enterprise Edition kunnen leiden tot ongeautoriseerde toegang en manipulatie van gegevens via HTTP. Daarnaast zijn er kwetsbaarheden die Denial-of-Service kunnen veroorzaken door onjuiste invoer of misbruik van systeemfunctionaliteiten.
Oplossingen: Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans: medium
Schade: high
CWE-399: CWE-399
CWE-669: Incorrect Resource Transfer Between Spheres
CWE-178: Improper Handling of Case Sensitivity
CWE-311: Missing Encryption of Sensitive Data
CWE-639: Authorization Bypass Through User-Controlled Key
CWE-125: Out-of-bounds Read
CWE-404: Improper Resource Shutdown or Release
CWE-284: Improper Access Control
CWE-401: Missing Release of Memory after Effective Lifetime
CWE-94: Improper Control of Generation of Code ('Code Injection')
CWE-400: Uncontrolled Resource Consumption
CWE-770: Allocation of Resources Without Limits or Throttling
CWE-502: Deserialization of Untrusted Data
CWE-787: Out-of-bounds Write
CWE-73: External Control of File Name or Path
CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop')
CWE-20: Improper Input Validation
CWE-87: Improper Neutralization of Alternate XSS Syntax
CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
8.8 (High)
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:oracle/12.2.1.4.0
Oracle / Oracle Business Intelligence Enterprise Edition
|
cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:enterprise:*:*:*
|
vers:oracle/12.2.1.4.0 | |
|
vers:oracle/12.2.1.4.0
Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition
|
cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:enterprise:*:*:*
|
vers:oracle/12.2.1.4.0 | |
|
vers:oracle/6.4.0.0.0
Oracle / Oracle Business Intelligence Enterprise Edition
|
vers:oracle/6.4.0.0.0 | ||
|
vers:oracle/7.0.0.0.0
Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition
|
cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0:*:*:*:enterprise:*:*:*
|
vers:oracle/7.0.0.0.0 | |
|
vers:oracle/7.6.0.0.0
Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition
|
cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0:*:*:*:enterprise:*:*:*
|
vers:oracle/7.6.0.0.0 | |
|
vers:unknown/12.2.1.4.0
Oracle / Oracle / BI Publisher
|
vers:unknown/12.2.1.4.0 | ||
|
vers:unknown/7.6.0.0.0
Oracle / Oracle / BI Publisher
|
vers:unknown/7.6.0.0.0 | ||
|
vers:oracle/12.2.1.4.0
Oracle / Oracle Analytics / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:*:*:*:*:*:*:*
|
vers:oracle/12.2.1.4.0 | |
|
vers:oracle/7.0.0.0.0
Oracle / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.0.0.0.0 | |
|
vers:oracle/7.0.0.0.0
Oracle / Oracle Analytics / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.0.0.0.0 | |
|
vers:oracle/7.6.0.0.0
Oracle / Oracle Analytics / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.6.0.0.0 | |
|
vers:oracle/7.6.0.0.0
Oracle / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.6.0.0.0 | |
|
vers:semver/12.2.1.4.0
Oracle Corporation / Oracle BI Publisher
|
vers:semver/12.2.1.4.0 | ||
|
vers:semver/7.6.0.0.0
Oracle Corporation / Oracle BI Publisher
|
vers:semver/7.6.0.0.0 |
CWE-404
- Improper Resource Shutdown or Release
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:oracle/12.2.1.4.0
Oracle / Oracle Business Intelligence Enterprise Edition
|
cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:enterprise:*:*:*
|
vers:oracle/12.2.1.4.0 | |
|
vers:oracle/12.2.1.4.0
Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition
|
cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:enterprise:*:*:*
|
vers:oracle/12.2.1.4.0 | |
|
vers:oracle/6.4.0.0.0
Oracle / Oracle Business Intelligence Enterprise Edition
|
vers:oracle/6.4.0.0.0 | ||
|
vers:oracle/7.0.0.0.0
Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition
|
cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0:*:*:*:enterprise:*:*:*
|
vers:oracle/7.0.0.0.0 | |
|
vers:oracle/7.6.0.0.0
Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition
|
cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0:*:*:*:enterprise:*:*:*
|
vers:oracle/7.6.0.0.0 | |
|
vers:unknown/12.2.1.4.0
Oracle / Oracle / BI Publisher
|
vers:unknown/12.2.1.4.0 | ||
|
vers:unknown/7.6.0.0.0
Oracle / Oracle / BI Publisher
|
vers:unknown/7.6.0.0.0 | ||
|
vers:oracle/12.2.1.4.0
Oracle / Oracle Analytics / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:*:*:*:*:*:*:*
|
vers:oracle/12.2.1.4.0 | |
|
vers:oracle/7.0.0.0.0
Oracle / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.0.0.0.0 | |
|
vers:oracle/7.0.0.0.0
Oracle / Oracle Analytics / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.0.0.0.0 | |
|
vers:oracle/7.6.0.0.0
Oracle / Oracle Analytics / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.6.0.0.0 | |
|
vers:oracle/7.6.0.0.0
Oracle / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.6.0.0.0 | |
|
vers:semver/12.2.1.4.0
Oracle Corporation / Oracle BI Publisher
|
vers:semver/12.2.1.4.0 | ||
|
vers:semver/7.6.0.0.0
Oracle Corporation / Oracle BI Publisher
|
vers:semver/7.6.0.0.0 |
9.8 (Critical)
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:oracle/12.2.1.4.0
Oracle / Oracle Business Intelligence Enterprise Edition
|
cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:enterprise:*:*:*
|
vers:oracle/12.2.1.4.0 | |
|
vers:oracle/12.2.1.4.0
Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition
|
cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:enterprise:*:*:*
|
vers:oracle/12.2.1.4.0 | |
|
vers:oracle/6.4.0.0.0
Oracle / Oracle Business Intelligence Enterprise Edition
|
vers:oracle/6.4.0.0.0 | ||
|
vers:oracle/7.0.0.0.0
Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition
|
cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0:*:*:*:enterprise:*:*:*
|
vers:oracle/7.0.0.0.0 | |
|
vers:oracle/7.6.0.0.0
Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition
|
cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0:*:*:*:enterprise:*:*:*
|
vers:oracle/7.6.0.0.0 | |
|
vers:unknown/12.2.1.4.0
Oracle / Oracle / BI Publisher
|
vers:unknown/12.2.1.4.0 | ||
|
vers:unknown/7.6.0.0.0
Oracle / Oracle / BI Publisher
|
vers:unknown/7.6.0.0.0 | ||
|
vers:oracle/12.2.1.4.0
Oracle / Oracle Analytics / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:*:*:*:*:*:*:*
|
vers:oracle/12.2.1.4.0 | |
|
vers:oracle/7.0.0.0.0
Oracle / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.0.0.0.0 | |
|
vers:oracle/7.0.0.0.0
Oracle / Oracle Analytics / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.0.0.0.0 | |
|
vers:oracle/7.6.0.0.0
Oracle / Oracle Analytics / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.6.0.0.0 | |
|
vers:oracle/7.6.0.0.0
Oracle / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.6.0.0.0 | |
|
vers:semver/12.2.1.4.0
Oracle Corporation / Oracle BI Publisher
|
vers:semver/12.2.1.4.0 | ||
|
vers:semver/7.6.0.0.0
Oracle Corporation / Oracle BI Publisher
|
vers:semver/7.6.0.0.0 |
9.8 (Critical)
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:oracle/12.2.1.4.0
Oracle / Oracle Business Intelligence Enterprise Edition
|
cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:enterprise:*:*:*
|
vers:oracle/12.2.1.4.0 | |
|
vers:oracle/12.2.1.4.0
Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition
|
cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:enterprise:*:*:*
|
vers:oracle/12.2.1.4.0 | |
|
vers:oracle/6.4.0.0.0
Oracle / Oracle Business Intelligence Enterprise Edition
|
vers:oracle/6.4.0.0.0 | ||
|
vers:oracle/7.0.0.0.0
Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition
|
cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0:*:*:*:enterprise:*:*:*
|
vers:oracle/7.0.0.0.0 | |
|
vers:oracle/7.6.0.0.0
Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition
|
cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0:*:*:*:enterprise:*:*:*
|
vers:oracle/7.6.0.0.0 | |
|
vers:unknown/12.2.1.4.0
Oracle / Oracle / BI Publisher
|
vers:unknown/12.2.1.4.0 | ||
|
vers:unknown/7.6.0.0.0
Oracle / Oracle / BI Publisher
|
vers:unknown/7.6.0.0.0 | ||
|
vers:oracle/12.2.1.4.0
Oracle / Oracle Analytics / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:*:*:*:*:*:*:*
|
vers:oracle/12.2.1.4.0 | |
|
vers:oracle/7.0.0.0.0
Oracle / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.0.0.0.0 | |
|
vers:oracle/7.0.0.0.0
Oracle / Oracle Analytics / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.0.0.0.0 | |
|
vers:oracle/7.6.0.0.0
Oracle / Oracle Analytics / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.6.0.0.0 | |
|
vers:oracle/7.6.0.0.0
Oracle / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.6.0.0.0 | |
|
vers:semver/12.2.1.4.0
Oracle Corporation / Oracle BI Publisher
|
vers:semver/12.2.1.4.0 | ||
|
vers:semver/7.6.0.0.0
Oracle Corporation / Oracle BI Publisher
|
vers:semver/7.6.0.0.0 |
7.5 (High)
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:oracle/12.2.1.4.0
Oracle / Oracle Business Intelligence Enterprise Edition
|
cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:enterprise:*:*:*
|
vers:oracle/12.2.1.4.0 | |
|
vers:oracle/12.2.1.4.0
Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition
|
cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:enterprise:*:*:*
|
vers:oracle/12.2.1.4.0 | |
|
vers:oracle/6.4.0.0.0
Oracle / Oracle Business Intelligence Enterprise Edition
|
vers:oracle/6.4.0.0.0 | ||
|
vers:oracle/7.0.0.0.0
Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition
|
cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0:*:*:*:enterprise:*:*:*
|
vers:oracle/7.0.0.0.0 | |
|
vers:oracle/7.6.0.0.0
Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition
|
cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0:*:*:*:enterprise:*:*:*
|
vers:oracle/7.6.0.0.0 | |
|
vers:unknown/12.2.1.4.0
Oracle / Oracle / BI Publisher
|
vers:unknown/12.2.1.4.0 | ||
|
vers:unknown/7.6.0.0.0
Oracle / Oracle / BI Publisher
|
vers:unknown/7.6.0.0.0 | ||
|
vers:oracle/12.2.1.4.0
Oracle / Oracle Analytics / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:*:*:*:*:*:*:*
|
vers:oracle/12.2.1.4.0 | |
|
vers:oracle/7.0.0.0.0
Oracle / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.0.0.0.0 | |
|
vers:oracle/7.0.0.0.0
Oracle / Oracle Analytics / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.0.0.0.0 | |
|
vers:oracle/7.6.0.0.0
Oracle / Oracle Analytics / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.6.0.0.0 | |
|
vers:oracle/7.6.0.0.0
Oracle / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.6.0.0.0 | |
|
vers:semver/12.2.1.4.0
Oracle Corporation / Oracle BI Publisher
|
vers:semver/12.2.1.4.0 | ||
|
vers:semver/7.6.0.0.0
Oracle Corporation / Oracle BI Publisher
|
vers:semver/7.6.0.0.0 |
6.5 (Medium)
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:oracle/12.2.1.4.0
Oracle / Oracle Business Intelligence Enterprise Edition
|
cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:enterprise:*:*:*
|
vers:oracle/12.2.1.4.0 | |
|
vers:oracle/12.2.1.4.0
Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition
|
cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:enterprise:*:*:*
|
vers:oracle/12.2.1.4.0 | |
|
vers:oracle/6.4.0.0.0
Oracle / Oracle Business Intelligence Enterprise Edition
|
vers:oracle/6.4.0.0.0 | ||
|
vers:oracle/7.0.0.0.0
Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition
|
cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0:*:*:*:enterprise:*:*:*
|
vers:oracle/7.0.0.0.0 | |
|
vers:oracle/7.6.0.0.0
Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition
|
cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0:*:*:*:enterprise:*:*:*
|
vers:oracle/7.6.0.0.0 | |
|
vers:unknown/12.2.1.4.0
Oracle / Oracle / BI Publisher
|
vers:unknown/12.2.1.4.0 | ||
|
vers:unknown/7.6.0.0.0
Oracle / Oracle / BI Publisher
|
vers:unknown/7.6.0.0.0 | ||
|
vers:oracle/12.2.1.4.0
Oracle / Oracle Analytics / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:*:*:*:*:*:*:*
|
vers:oracle/12.2.1.4.0 | |
|
vers:oracle/7.0.0.0.0
Oracle / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.0.0.0.0 | |
|
vers:oracle/7.0.0.0.0
Oracle / Oracle Analytics / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.0.0.0.0 | |
|
vers:oracle/7.6.0.0.0
Oracle / Oracle Analytics / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.6.0.0.0 | |
|
vers:oracle/7.6.0.0.0
Oracle / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.6.0.0.0 | |
|
vers:semver/12.2.1.4.0
Oracle Corporation / Oracle BI Publisher
|
vers:semver/12.2.1.4.0 | ||
|
vers:semver/7.6.0.0.0
Oracle Corporation / Oracle BI Publisher
|
vers:semver/7.6.0.0.0 |
CWE-787
- Out-of-bounds Write
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:oracle/12.2.1.4.0
Oracle / Oracle Business Intelligence Enterprise Edition
|
cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:enterprise:*:*:*
|
vers:oracle/12.2.1.4.0 | |
|
vers:oracle/12.2.1.4.0
Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition
|
cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:enterprise:*:*:*
|
vers:oracle/12.2.1.4.0 | |
|
vers:oracle/6.4.0.0.0
Oracle / Oracle Business Intelligence Enterprise Edition
|
vers:oracle/6.4.0.0.0 | ||
|
vers:oracle/7.0.0.0.0
Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition
|
cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0:*:*:*:enterprise:*:*:*
|
vers:oracle/7.0.0.0.0 | |
|
vers:oracle/7.6.0.0.0
Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition
|
cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0:*:*:*:enterprise:*:*:*
|
vers:oracle/7.6.0.0.0 | |
|
vers:unknown/12.2.1.4.0
Oracle / Oracle / BI Publisher
|
vers:unknown/12.2.1.4.0 | ||
|
vers:unknown/7.6.0.0.0
Oracle / Oracle / BI Publisher
|
vers:unknown/7.6.0.0.0 | ||
|
vers:oracle/12.2.1.4.0
Oracle / Oracle Analytics / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:*:*:*:*:*:*:*
|
vers:oracle/12.2.1.4.0 | |
|
vers:oracle/7.0.0.0.0
Oracle / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.0.0.0.0 | |
|
vers:oracle/7.0.0.0.0
Oracle / Oracle Analytics / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.0.0.0.0 | |
|
vers:oracle/7.6.0.0.0
Oracle / Oracle Analytics / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.6.0.0.0 | |
|
vers:oracle/7.6.0.0.0
Oracle / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.6.0.0.0 | |
|
vers:semver/12.2.1.4.0
Oracle Corporation / Oracle BI Publisher
|
vers:semver/12.2.1.4.0 | ||
|
vers:semver/7.6.0.0.0
Oracle Corporation / Oracle BI Publisher
|
vers:semver/7.6.0.0.0 |
7.5 (High)
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:oracle/12.2.1.4.0
Oracle / Oracle Business Intelligence Enterprise Edition
|
cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:enterprise:*:*:*
|
vers:oracle/12.2.1.4.0 | |
|
vers:oracle/12.2.1.4.0
Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition
|
cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:enterprise:*:*:*
|
vers:oracle/12.2.1.4.0 | |
|
vers:oracle/6.4.0.0.0
Oracle / Oracle Business Intelligence Enterprise Edition
|
vers:oracle/6.4.0.0.0 | ||
|
vers:oracle/7.0.0.0.0
Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition
|
cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0:*:*:*:enterprise:*:*:*
|
vers:oracle/7.0.0.0.0 | |
|
vers:oracle/7.6.0.0.0
Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition
|
cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0:*:*:*:enterprise:*:*:*
|
vers:oracle/7.6.0.0.0 | |
|
vers:unknown/12.2.1.4.0
Oracle / Oracle / BI Publisher
|
vers:unknown/12.2.1.4.0 | ||
|
vers:unknown/7.6.0.0.0
Oracle / Oracle / BI Publisher
|
vers:unknown/7.6.0.0.0 | ||
|
vers:oracle/12.2.1.4.0
Oracle / Oracle Analytics / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:*:*:*:*:*:*:*
|
vers:oracle/12.2.1.4.0 | |
|
vers:oracle/7.0.0.0.0
Oracle / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.0.0.0.0 | |
|
vers:oracle/7.0.0.0.0
Oracle / Oracle Analytics / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.0.0.0.0 | |
|
vers:oracle/7.6.0.0.0
Oracle / Oracle Analytics / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.6.0.0.0 | |
|
vers:oracle/7.6.0.0.0
Oracle / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.6.0.0.0 | |
|
vers:semver/12.2.1.4.0
Oracle Corporation / Oracle BI Publisher
|
vers:semver/12.2.1.4.0 | ||
|
vers:semver/7.6.0.0.0
Oracle Corporation / Oracle BI Publisher
|
vers:semver/7.6.0.0.0 |
9.1 (Critical)
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:oracle/12.2.1.4.0
Oracle / Oracle Business Intelligence Enterprise Edition
|
cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:enterprise:*:*:*
|
vers:oracle/12.2.1.4.0 | |
|
vers:oracle/12.2.1.4.0
Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition
|
cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:enterprise:*:*:*
|
vers:oracle/12.2.1.4.0 | |
|
vers:oracle/6.4.0.0.0
Oracle / Oracle Business Intelligence Enterprise Edition
|
vers:oracle/6.4.0.0.0 | ||
|
vers:oracle/7.0.0.0.0
Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition
|
cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0:*:*:*:enterprise:*:*:*
|
vers:oracle/7.0.0.0.0 | |
|
vers:oracle/7.6.0.0.0
Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition
|
cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0:*:*:*:enterprise:*:*:*
|
vers:oracle/7.6.0.0.0 | |
|
vers:unknown/12.2.1.4.0
Oracle / Oracle / BI Publisher
|
vers:unknown/12.2.1.4.0 | ||
|
vers:unknown/7.6.0.0.0
Oracle / Oracle / BI Publisher
|
vers:unknown/7.6.0.0.0 | ||
|
vers:oracle/12.2.1.4.0
Oracle / Oracle Analytics / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:*:*:*:*:*:*:*
|
vers:oracle/12.2.1.4.0 | |
|
vers:oracle/7.0.0.0.0
Oracle / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.0.0.0.0 | |
|
vers:oracle/7.0.0.0.0
Oracle / Oracle Analytics / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.0.0.0.0 | |
|
vers:oracle/7.6.0.0.0
Oracle / Oracle Analytics / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.6.0.0.0 | |
|
vers:oracle/7.6.0.0.0
Oracle / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.6.0.0.0 | |
|
vers:semver/12.2.1.4.0
Oracle Corporation / Oracle BI Publisher
|
vers:semver/12.2.1.4.0 | ||
|
vers:semver/7.6.0.0.0
Oracle Corporation / Oracle BI Publisher
|
vers:semver/7.6.0.0.0 |
4.4 (Medium)
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:oracle/12.2.1.4.0
Oracle / Oracle Business Intelligence Enterprise Edition
|
cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:enterprise:*:*:*
|
vers:oracle/12.2.1.4.0 | |
|
vers:oracle/12.2.1.4.0
Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition
|
cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:enterprise:*:*:*
|
vers:oracle/12.2.1.4.0 | |
|
vers:oracle/6.4.0.0.0
Oracle / Oracle Business Intelligence Enterprise Edition
|
vers:oracle/6.4.0.0.0 | ||
|
vers:oracle/7.0.0.0.0
Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition
|
cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0:*:*:*:enterprise:*:*:*
|
vers:oracle/7.0.0.0.0 | |
|
vers:oracle/7.6.0.0.0
Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition
|
cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0:*:*:*:enterprise:*:*:*
|
vers:oracle/7.6.0.0.0 | |
|
vers:unknown/12.2.1.4.0
Oracle / Oracle / BI Publisher
|
vers:unknown/12.2.1.4.0 | ||
|
vers:unknown/7.6.0.0.0
Oracle / Oracle / BI Publisher
|
vers:unknown/7.6.0.0.0 | ||
|
vers:oracle/12.2.1.4.0
Oracle / Oracle Analytics / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:*:*:*:*:*:*:*
|
vers:oracle/12.2.1.4.0 | |
|
vers:oracle/7.0.0.0.0
Oracle / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.0.0.0.0 | |
|
vers:oracle/7.0.0.0.0
Oracle / Oracle Analytics / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.0.0.0.0 | |
|
vers:oracle/7.6.0.0.0
Oracle / Oracle Analytics / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.6.0.0.0 | |
|
vers:oracle/7.6.0.0.0
Oracle / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.6.0.0.0 | |
|
vers:semver/12.2.1.4.0
Oracle Corporation / Oracle BI Publisher
|
vers:semver/12.2.1.4.0 | ||
|
vers:semver/7.6.0.0.0
Oracle Corporation / Oracle BI Publisher
|
vers:semver/7.6.0.0.0 |
9.8 (Critical)
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:oracle/12.2.1.4.0
Oracle / Oracle Business Intelligence Enterprise Edition
|
cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:enterprise:*:*:*
|
vers:oracle/12.2.1.4.0 | |
|
vers:oracle/12.2.1.4.0
Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition
|
cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:enterprise:*:*:*
|
vers:oracle/12.2.1.4.0 | |
|
vers:oracle/6.4.0.0.0
Oracle / Oracle Business Intelligence Enterprise Edition
|
vers:oracle/6.4.0.0.0 | ||
|
vers:oracle/7.0.0.0.0
Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition
|
cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0:*:*:*:enterprise:*:*:*
|
vers:oracle/7.0.0.0.0 | |
|
vers:oracle/7.6.0.0.0
Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition
|
cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0:*:*:*:enterprise:*:*:*
|
vers:oracle/7.6.0.0.0 | |
|
vers:unknown/12.2.1.4.0
Oracle / Oracle / BI Publisher
|
vers:unknown/12.2.1.4.0 | ||
|
vers:unknown/7.6.0.0.0
Oracle / Oracle / BI Publisher
|
vers:unknown/7.6.0.0.0 | ||
|
vers:oracle/12.2.1.4.0
Oracle / Oracle Analytics / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:*:*:*:*:*:*:*
|
vers:oracle/12.2.1.4.0 | |
|
vers:oracle/7.0.0.0.0
Oracle / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.0.0.0.0 | |
|
vers:oracle/7.0.0.0.0
Oracle / Oracle Analytics / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.0.0.0.0 | |
|
vers:oracle/7.6.0.0.0
Oracle / Oracle Analytics / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.6.0.0.0 | |
|
vers:oracle/7.6.0.0.0
Oracle / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.6.0.0.0 | |
|
vers:semver/12.2.1.4.0
Oracle Corporation / Oracle BI Publisher
|
vers:semver/12.2.1.4.0 | ||
|
vers:semver/7.6.0.0.0
Oracle Corporation / Oracle BI Publisher
|
vers:semver/7.6.0.0.0 |
4.8 (Medium)
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:oracle/12.2.1.4.0
Oracle / Oracle Business Intelligence Enterprise Edition
|
cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:enterprise:*:*:*
|
vers:oracle/12.2.1.4.0 | |
|
vers:oracle/12.2.1.4.0
Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition
|
cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:enterprise:*:*:*
|
vers:oracle/12.2.1.4.0 | |
|
vers:oracle/6.4.0.0.0
Oracle / Oracle Business Intelligence Enterprise Edition
|
vers:oracle/6.4.0.0.0 | ||
|
vers:oracle/7.0.0.0.0
Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition
|
cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0:*:*:*:enterprise:*:*:*
|
vers:oracle/7.0.0.0.0 | |
|
vers:oracle/7.6.0.0.0
Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition
|
cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0:*:*:*:enterprise:*:*:*
|
vers:oracle/7.6.0.0.0 | |
|
vers:unknown/12.2.1.4.0
Oracle / Oracle / BI Publisher
|
vers:unknown/12.2.1.4.0 | ||
|
vers:unknown/7.6.0.0.0
Oracle / Oracle / BI Publisher
|
vers:unknown/7.6.0.0.0 | ||
|
vers:oracle/12.2.1.4.0
Oracle / Oracle Analytics / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:*:*:*:*:*:*:*
|
vers:oracle/12.2.1.4.0 | |
|
vers:oracle/7.0.0.0.0
Oracle / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.0.0.0.0 | |
|
vers:oracle/7.0.0.0.0
Oracle / Oracle Analytics / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.0.0.0.0 | |
|
vers:oracle/7.6.0.0.0
Oracle / Oracle Analytics / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.6.0.0.0 | |
|
vers:oracle/7.6.0.0.0
Oracle / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.6.0.0.0 | |
|
vers:semver/12.2.1.4.0
Oracle Corporation / Oracle BI Publisher
|
vers:semver/12.2.1.4.0 | ||
|
vers:semver/7.6.0.0.0
Oracle Corporation / Oracle BI Publisher
|
vers:semver/7.6.0.0.0 |
9.8 (Critical)
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:oracle/12.2.1.4.0
Oracle / Oracle Business Intelligence Enterprise Edition
|
cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:enterprise:*:*:*
|
vers:oracle/12.2.1.4.0 | |
|
vers:oracle/12.2.1.4.0
Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition
|
cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:enterprise:*:*:*
|
vers:oracle/12.2.1.4.0 | |
|
vers:oracle/6.4.0.0.0
Oracle / Oracle Business Intelligence Enterprise Edition
|
vers:oracle/6.4.0.0.0 | ||
|
vers:oracle/7.0.0.0.0
Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition
|
cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0:*:*:*:enterprise:*:*:*
|
vers:oracle/7.0.0.0.0 | |
|
vers:oracle/7.6.0.0.0
Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition
|
cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0:*:*:*:enterprise:*:*:*
|
vers:oracle/7.6.0.0.0 | |
|
vers:unknown/12.2.1.4.0
Oracle / Oracle / BI Publisher
|
vers:unknown/12.2.1.4.0 | ||
|
vers:unknown/7.6.0.0.0
Oracle / Oracle / BI Publisher
|
vers:unknown/7.6.0.0.0 | ||
|
vers:oracle/12.2.1.4.0
Oracle / Oracle Analytics / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:*:*:*:*:*:*:*
|
vers:oracle/12.2.1.4.0 | |
|
vers:oracle/7.0.0.0.0
Oracle / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.0.0.0.0 | |
|
vers:oracle/7.0.0.0.0
Oracle / Oracle Analytics / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.0.0.0.0 | |
|
vers:oracle/7.6.0.0.0
Oracle / Oracle Analytics / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.6.0.0.0 | |
|
vers:oracle/7.6.0.0.0
Oracle / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.6.0.0.0 | |
|
vers:semver/12.2.1.4.0
Oracle Corporation / Oracle BI Publisher
|
vers:semver/12.2.1.4.0 | ||
|
vers:semver/7.6.0.0.0
Oracle Corporation / Oracle BI Publisher
|
vers:semver/7.6.0.0.0 |
5.4 (Medium)
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:oracle/12.2.1.4.0
Oracle / Oracle Business Intelligence Enterprise Edition
|
cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:enterprise:*:*:*
|
vers:oracle/12.2.1.4.0 | |
|
vers:oracle/12.2.1.4.0
Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition
|
cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:enterprise:*:*:*
|
vers:oracle/12.2.1.4.0 | |
|
vers:oracle/6.4.0.0.0
Oracle / Oracle Business Intelligence Enterprise Edition
|
vers:oracle/6.4.0.0.0 | ||
|
vers:oracle/7.0.0.0.0
Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition
|
cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0:*:*:*:enterprise:*:*:*
|
vers:oracle/7.0.0.0.0 | |
|
vers:oracle/7.6.0.0.0
Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition
|
cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0:*:*:*:enterprise:*:*:*
|
vers:oracle/7.6.0.0.0 | |
|
vers:unknown/12.2.1.4.0
Oracle / Oracle / BI Publisher
|
vers:unknown/12.2.1.4.0 | ||
|
vers:unknown/7.6.0.0.0
Oracle / Oracle / BI Publisher
|
vers:unknown/7.6.0.0.0 | ||
|
vers:oracle/12.2.1.4.0
Oracle / Oracle Analytics / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:*:*:*:*:*:*:*
|
vers:oracle/12.2.1.4.0 | |
|
vers:oracle/7.0.0.0.0
Oracle / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.0.0.0.0 | |
|
vers:oracle/7.0.0.0.0
Oracle / Oracle Analytics / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.0.0.0.0 | |
|
vers:oracle/7.6.0.0.0
Oracle / Oracle Analytics / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.6.0.0.0 | |
|
vers:oracle/7.6.0.0.0
Oracle / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.6.0.0.0 | |
|
vers:semver/12.2.1.4.0
Oracle Corporation / Oracle BI Publisher
|
vers:semver/12.2.1.4.0 | ||
|
vers:semver/7.6.0.0.0
Oracle Corporation / Oracle BI Publisher
|
vers:semver/7.6.0.0.0 |
7.5 (High)
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:oracle/12.2.1.4.0
Oracle / Oracle Business Intelligence Enterprise Edition
|
cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:enterprise:*:*:*
|
vers:oracle/12.2.1.4.0 | |
|
vers:oracle/12.2.1.4.0
Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition
|
cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:enterprise:*:*:*
|
vers:oracle/12.2.1.4.0 | |
|
vers:oracle/6.4.0.0.0
Oracle / Oracle Business Intelligence Enterprise Edition
|
vers:oracle/6.4.0.0.0 | ||
|
vers:oracle/7.0.0.0.0
Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition
|
cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0:*:*:*:enterprise:*:*:*
|
vers:oracle/7.0.0.0.0 | |
|
vers:oracle/7.6.0.0.0
Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition
|
cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0:*:*:*:enterprise:*:*:*
|
vers:oracle/7.6.0.0.0 | |
|
vers:unknown/12.2.1.4.0
Oracle / Oracle / BI Publisher
|
vers:unknown/12.2.1.4.0 | ||
|
vers:unknown/7.6.0.0.0
Oracle / Oracle / BI Publisher
|
vers:unknown/7.6.0.0.0 | ||
|
vers:oracle/12.2.1.4.0
Oracle / Oracle Analytics / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:*:*:*:*:*:*:*
|
vers:oracle/12.2.1.4.0 | |
|
vers:oracle/7.0.0.0.0
Oracle / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.0.0.0.0 | |
|
vers:oracle/7.0.0.0.0
Oracle / Oracle Analytics / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.0.0.0.0 | |
|
vers:oracle/7.6.0.0.0
Oracle / Oracle Analytics / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.6.0.0.0 | |
|
vers:oracle/7.6.0.0.0
Oracle / Oracle BI Publisher
|
cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.6.0.0.0 | |
|
vers:semver/12.2.1.4.0
Oracle Corporation / Oracle BI Publisher
|
vers:semver/12.2.1.4.0 | ||
|
vers:semver/7.6.0.0.0
Oracle Corporation / Oracle BI Publisher
|
vers:semver/7.6.0.0.0 |
References
16 references
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "Oracle heeft kwetsbaarheden verholpen in Oracle Analytics.",
"title": "Feiten"
},
{
"category": "description",
"text": "De kwetsbaarheden stellen ongeauthenticeerde kwaadwillenden in staat om toegang te krijgen tot gevoelige gegevens, Denial-of-Service aan te richten, en zelfs volledige controle over systemen te verkrijgen. Specifieke kwetsbaarheden in Oracle Business Intelligence Enterprise Edition kunnen leiden tot ongeautoriseerde toegang en manipulatie van gegevens via HTTP. Daarnaast zijn er kwetsbaarheden die Denial-of-Service kunnen veroorzaken door onjuiste invoer of misbruik van systeemfunctionaliteiten.",
"title": "Interpretaties"
},
{
"category": "description",
"text": "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "CWE-399",
"title": "CWE-399"
},
{
"category": "general",
"text": "Incorrect Resource Transfer Between Spheres",
"title": "CWE-669"
},
{
"category": "general",
"text": "Improper Handling of Case Sensitivity",
"title": "CWE-178"
},
{
"category": "general",
"text": "Missing Encryption of Sensitive Data",
"title": "CWE-311"
},
{
"category": "general",
"text": "Authorization Bypass Through User-Controlled Key",
"title": "CWE-639"
},
{
"category": "general",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "general",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "general",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "general",
"text": "Missing Release of Memory after Effective Lifetime",
"title": "CWE-401"
},
{
"category": "general",
"text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"title": "CWE-94"
},
{
"category": "general",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "general",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "general",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
},
{
"category": "general",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "general",
"text": "External Control of File Name or Path",
"title": "CWE-73"
},
{
"category": "general",
"text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"title": "CWE-835"
},
{
"category": "general",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "general",
"text": "Improper Neutralization of Alternate XSS Syntax",
"title": "CWE-87"
},
{
"category": "general",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Reference - cveprojectv5; nvd; oracle",
"url": "https://www.oracle.com/security-alerts/cpuapr2025.html"
}
],
"title": "Kwetsbaarheden verholpen in Oracle Analytics",
"tracking": {
"current_release_date": "2025-04-16T15:02:22.596981Z",
"generator": {
"date": "2025-02-25T15:15:00Z",
"engine": {
"name": "V.A.",
"version": "1.0"
}
},
"id": "NCSC-2025-0129",
"initial_release_date": "2025-04-16T15:02:22.596981Z",
"revision_history": [
{
"date": "2025-04-16T15:02:22.596981Z",
"number": "1.0.0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/12.2.1.4.0",
"product": {
"name": "vers:oracle/12.2.1.4.0",
"product_id": "CSAFPID-1144583",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:enterprise:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/6.4.0.0.0",
"product": {
"name": "vers:oracle/6.4.0.0.0",
"product_id": "CSAFPID-1144584"
}
}
],
"category": "product_name",
"name": "Oracle Business Intelligence Enterprise Edition"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/12.2.1.4.0",
"product": {
"name": "vers:oracle/12.2.1.4.0",
"product_id": "CSAFPID-1839844",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:enterprise:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/7.0.0.0.0",
"product": {
"name": "vers:oracle/7.0.0.0.0",
"product_id": "CSAFPID-1839843",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0:*:*:*:enterprise:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/7.6.0.0.0",
"product": {
"name": "vers:oracle/7.6.0.0.0",
"product_id": "CSAFPID-1839853",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0:*:*:*:enterprise:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Business Intelligence Enterprise Edition"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/12.2.1.4.0",
"product": {
"name": "vers:oracle/12.2.1.4.0",
"product_id": "CSAFPID-2698946",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/7.0.0.0.0",
"product": {
"name": "vers:oracle/7.0.0.0.0",
"product_id": "CSAFPID-1839839",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/7.6.0.0.0",
"product": {
"name": "vers:oracle/7.6.0.0.0",
"product_id": "CSAFPID-1839840",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle BI Publisher"
}
],
"category": "product_family",
"name": "Oracle Analytics"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/12.2.1.4.0",
"product": {
"name": "vers:unknown/12.2.1.4.0",
"product_id": "CSAFPID-1215050"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/7.6.0.0.0",
"product": {
"name": "vers:unknown/7.6.0.0.0",
"product_id": "CSAFPID-1838786"
}
}
],
"category": "product_name",
"name": "BI Publisher"
}
],
"category": "product_family",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/7.0.0.0.0",
"product": {
"name": "vers:oracle/7.0.0.0.0",
"product_id": "CSAFPID-1145643",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/7.6.0.0.0",
"product": {
"name": "vers:oracle/7.6.0.0.0",
"product_id": "CSAFPID-1173987",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle BI Publisher"
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:semver/12.2.1.4.0",
"product": {
"name": "vers:semver/12.2.1.4.0",
"product_id": "CSAFPID-2698635"
}
},
{
"category": "product_version_range",
"name": "vers:semver/7.6.0.0.0",
"product": {
"name": "vers:semver/7.6.0.0.0",
"product_id": "CSAFPID-2698634"
}
}
],
"category": "product_name",
"name": "Oracle BI Publisher"
}
],
"category": "vendor",
"name": "Oracle Corporation"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-36033",
"cwe": {
"id": "CWE-87",
"name": "Improper Neutralization of Alternate XSS Syntax"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Alternate XSS Syntax",
"title": "CWE-87"
},
{
"category": "other",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1144583",
"CSAFPID-1839844",
"CSAFPID-1144584",
"CSAFPID-1839843",
"CSAFPID-1839853",
"CSAFPID-1215050",
"CSAFPID-1838786",
"CSAFPID-2698946",
"CSAFPID-1145643",
"CSAFPID-1839839",
"CSAFPID-1839840",
"CSAFPID-1173987",
"CSAFPID-2698635",
"CSAFPID-2698634"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-36033",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-36033.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1144583",
"CSAFPID-1839844",
"CSAFPID-1144584",
"CSAFPID-1839843",
"CSAFPID-1839853",
"CSAFPID-1215050",
"CSAFPID-1838786",
"CSAFPID-2698946",
"CSAFPID-1145643",
"CSAFPID-1839839",
"CSAFPID-1839840",
"CSAFPID-1173987",
"CSAFPID-2698635",
"CSAFPID-2698634"
]
}
],
"title": "CVE-2022-36033"
},
{
"cve": "CVE-2023-24998",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "other",
"text": "CWE-399",
"title": "CWE-399"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1144583",
"CSAFPID-1839844",
"CSAFPID-1144584",
"CSAFPID-1839843",
"CSAFPID-1839853",
"CSAFPID-1215050",
"CSAFPID-1838786",
"CSAFPID-2698946",
"CSAFPID-1145643",
"CSAFPID-1839839",
"CSAFPID-1839840",
"CSAFPID-1173987",
"CSAFPID-2698635",
"CSAFPID-2698634"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-24998",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-24998.json"
}
],
"title": "CVE-2023-24998"
},
{
"cve": "CVE-2023-25399",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"notes": [
{
"category": "other",
"text": "Missing Release of Memory after Effective Lifetime",
"title": "CWE-401"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1144583",
"CSAFPID-1839844",
"CSAFPID-1144584",
"CSAFPID-1839843",
"CSAFPID-1839853",
"CSAFPID-1215050",
"CSAFPID-1838786",
"CSAFPID-2698946",
"CSAFPID-1145643",
"CSAFPID-1839839",
"CSAFPID-1839840",
"CSAFPID-1173987",
"CSAFPID-2698635",
"CSAFPID-2698634"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-25399",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-25399.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1144583",
"CSAFPID-1839844",
"CSAFPID-1144584",
"CSAFPID-1839843",
"CSAFPID-1839853",
"CSAFPID-1215050",
"CSAFPID-1838786",
"CSAFPID-2698946",
"CSAFPID-1145643",
"CSAFPID-1839839",
"CSAFPID-1839840",
"CSAFPID-1173987",
"CSAFPID-2698635",
"CSAFPID-2698634"
]
}
],
"title": "CVE-2023-25399"
},
{
"cve": "CVE-2023-38546",
"cwe": {
"id": "CWE-73",
"name": "External Control of File Name or Path"
},
"notes": [
{
"category": "other",
"text": "External Control of File Name or Path",
"title": "CWE-73"
},
{
"category": "other",
"text": "Missing Encryption of Sensitive Data",
"title": "CWE-311"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1144583",
"CSAFPID-1839844",
"CSAFPID-1144584",
"CSAFPID-1839843",
"CSAFPID-1839853",
"CSAFPID-1215050",
"CSAFPID-1838786",
"CSAFPID-2698946",
"CSAFPID-1145643",
"CSAFPID-1839839",
"CSAFPID-1839840",
"CSAFPID-1173987",
"CSAFPID-2698635",
"CSAFPID-2698634"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-38546",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-38546.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1144583",
"CSAFPID-1839844",
"CSAFPID-1144584",
"CSAFPID-1839843",
"CSAFPID-1839853",
"CSAFPID-1215050",
"CSAFPID-1838786",
"CSAFPID-2698946",
"CSAFPID-1145643",
"CSAFPID-1839839",
"CSAFPID-1839840",
"CSAFPID-1173987",
"CSAFPID-2698635",
"CSAFPID-2698634"
]
}
],
"title": "CVE-2023-38546"
},
{
"cve": "CVE-2023-52428",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1144583",
"CSAFPID-1839844",
"CSAFPID-1144584",
"CSAFPID-1839843",
"CSAFPID-1839853",
"CSAFPID-1215050",
"CSAFPID-1838786",
"CSAFPID-2698946",
"CSAFPID-1145643",
"CSAFPID-1839839",
"CSAFPID-1839840",
"CSAFPID-1173987",
"CSAFPID-2698635",
"CSAFPID-2698634"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-52428",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52428.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1144583",
"CSAFPID-1839844",
"CSAFPID-1144584",
"CSAFPID-1839843",
"CSAFPID-1839853",
"CSAFPID-1215050",
"CSAFPID-1838786",
"CSAFPID-2698946",
"CSAFPID-1145643",
"CSAFPID-1839839",
"CSAFPID-1839840",
"CSAFPID-1173987",
"CSAFPID-2698635",
"CSAFPID-2698634"
]
}
],
"title": "CVE-2023-52428"
},
{
"cve": "CVE-2024-7264",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "general",
"text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1144583",
"CSAFPID-1839844",
"CSAFPID-1144584",
"CSAFPID-1839843",
"CSAFPID-1839853",
"CSAFPID-1215050",
"CSAFPID-1838786",
"CSAFPID-2698946",
"CSAFPID-1145643",
"CSAFPID-1839839",
"CSAFPID-1839840",
"CSAFPID-1173987",
"CSAFPID-2698635",
"CSAFPID-2698634"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-7264",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7264.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1144583",
"CSAFPID-1839844",
"CSAFPID-1144584",
"CSAFPID-1839843",
"CSAFPID-1839853",
"CSAFPID-1215050",
"CSAFPID-1838786",
"CSAFPID-2698946",
"CSAFPID-1145643",
"CSAFPID-1839839",
"CSAFPID-1839840",
"CSAFPID-1173987",
"CSAFPID-2698635",
"CSAFPID-2698634"
]
}
],
"title": "CVE-2024-7264"
},
{
"cve": "CVE-2024-9143",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1144583",
"CSAFPID-1839844",
"CSAFPID-1144584",
"CSAFPID-1839843",
"CSAFPID-1839853",
"CSAFPID-1215050",
"CSAFPID-1838786",
"CSAFPID-2698946",
"CSAFPID-1145643",
"CSAFPID-1839839",
"CSAFPID-1839840",
"CSAFPID-1173987",
"CSAFPID-2698635",
"CSAFPID-2698634"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-9143",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-9143.json"
}
],
"title": "CVE-2024-9143"
},
{
"cve": "CVE-2024-30172",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "other",
"text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"title": "CWE-835"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1144583",
"CSAFPID-1839844",
"CSAFPID-1144584",
"CSAFPID-1839843",
"CSAFPID-1839853",
"CSAFPID-1215050",
"CSAFPID-1838786",
"CSAFPID-2698946",
"CSAFPID-1145643",
"CSAFPID-1839839",
"CSAFPID-1839840",
"CSAFPID-1173987",
"CSAFPID-2698635",
"CSAFPID-2698634"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-30172",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-30172.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1144583",
"CSAFPID-1839844",
"CSAFPID-1144584",
"CSAFPID-1839843",
"CSAFPID-1839853",
"CSAFPID-1215050",
"CSAFPID-1838786",
"CSAFPID-2698946",
"CSAFPID-1145643",
"CSAFPID-1839839",
"CSAFPID-1839840",
"CSAFPID-1173987",
"CSAFPID-2698635",
"CSAFPID-2698634"
]
}
],
"title": "CVE-2024-30172"
},
{
"cve": "CVE-2024-32007",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1144583",
"CSAFPID-1839844",
"CSAFPID-1144584",
"CSAFPID-1839843",
"CSAFPID-1839853",
"CSAFPID-1215050",
"CSAFPID-1838786",
"CSAFPID-2698946",
"CSAFPID-1145643",
"CSAFPID-1839839",
"CSAFPID-1839840",
"CSAFPID-1173987",
"CSAFPID-2698635",
"CSAFPID-2698634"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-32007",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-32007.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1144583",
"CSAFPID-1839844",
"CSAFPID-1144584",
"CSAFPID-1839843",
"CSAFPID-1839853",
"CSAFPID-1215050",
"CSAFPID-1838786",
"CSAFPID-2698946",
"CSAFPID-1145643",
"CSAFPID-1839839",
"CSAFPID-1839840",
"CSAFPID-1173987",
"CSAFPID-2698635",
"CSAFPID-2698634"
]
}
],
"title": "CVE-2024-32007"
},
{
"cve": "CVE-2024-37891",
"cwe": {
"id": "CWE-669",
"name": "Incorrect Resource Transfer Between Spheres"
},
"notes": [
{
"category": "other",
"text": "Incorrect Resource Transfer Between Spheres",
"title": "CWE-669"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1144583",
"CSAFPID-1839844",
"CSAFPID-1144584",
"CSAFPID-1839843",
"CSAFPID-1839853",
"CSAFPID-1215050",
"CSAFPID-1838786",
"CSAFPID-2698946",
"CSAFPID-1145643",
"CSAFPID-1839839",
"CSAFPID-1839840",
"CSAFPID-1173987",
"CSAFPID-2698635",
"CSAFPID-2698634"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-37891",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37891.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1144583",
"CSAFPID-1839844",
"CSAFPID-1144584",
"CSAFPID-1839843",
"CSAFPID-1839853",
"CSAFPID-1215050",
"CSAFPID-1838786",
"CSAFPID-2698946",
"CSAFPID-1145643",
"CSAFPID-1839839",
"CSAFPID-1839840",
"CSAFPID-1173987",
"CSAFPID-2698635",
"CSAFPID-2698634"
]
}
],
"title": "CVE-2024-37891"
},
{
"cve": "CVE-2024-38820",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"notes": [
{
"category": "other",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "other",
"text": "Improper Handling of Case Sensitivity",
"title": "CWE-178"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1144583",
"CSAFPID-1839844",
"CSAFPID-1144584",
"CSAFPID-1839843",
"CSAFPID-1839853",
"CSAFPID-1215050",
"CSAFPID-1838786",
"CSAFPID-2698946",
"CSAFPID-1145643",
"CSAFPID-1839839",
"CSAFPID-1839840",
"CSAFPID-1173987",
"CSAFPID-2698635",
"CSAFPID-2698634"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38820",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38820.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1144583",
"CSAFPID-1839844",
"CSAFPID-1144584",
"CSAFPID-1839843",
"CSAFPID-1839853",
"CSAFPID-1215050",
"CSAFPID-1838786",
"CSAFPID-2698946",
"CSAFPID-1145643",
"CSAFPID-1839839",
"CSAFPID-1839840",
"CSAFPID-1173987",
"CSAFPID-2698635",
"CSAFPID-2698634"
]
}
],
"title": "CVE-2024-38820"
},
{
"cve": "CVE-2024-38827",
"cwe": {
"id": "CWE-639",
"name": "Authorization Bypass Through User-Controlled Key"
},
"notes": [
{
"category": "other",
"text": "Authorization Bypass Through User-Controlled Key",
"title": "CWE-639"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1144583",
"CSAFPID-1839844",
"CSAFPID-1144584",
"CSAFPID-1839843",
"CSAFPID-1839853",
"CSAFPID-1215050",
"CSAFPID-1838786",
"CSAFPID-2698946",
"CSAFPID-1145643",
"CSAFPID-1839839",
"CSAFPID-1839840",
"CSAFPID-1173987",
"CSAFPID-2698635",
"CSAFPID-2698634"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38827",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38827.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1144583",
"CSAFPID-1839844",
"CSAFPID-1144584",
"CSAFPID-1839843",
"CSAFPID-1839853",
"CSAFPID-1215050",
"CSAFPID-1838786",
"CSAFPID-2698946",
"CSAFPID-1145643",
"CSAFPID-1839839",
"CSAFPID-1839840",
"CSAFPID-1173987",
"CSAFPID-2698635",
"CSAFPID-2698634"
]
}
],
"title": "CVE-2024-38827"
},
{
"cve": "CVE-2024-52046",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"title": "CWE-94"
},
{
"category": "other",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1144583",
"CSAFPID-1839844",
"CSAFPID-1144584",
"CSAFPID-1839843",
"CSAFPID-1839853",
"CSAFPID-1215050",
"CSAFPID-1838786",
"CSAFPID-2698946",
"CSAFPID-1145643",
"CSAFPID-1839839",
"CSAFPID-1839840",
"CSAFPID-1173987",
"CSAFPID-2698635",
"CSAFPID-2698634"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-52046",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-52046.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1144583",
"CSAFPID-1839844",
"CSAFPID-1144584",
"CSAFPID-1839843",
"CSAFPID-1839853",
"CSAFPID-1215050",
"CSAFPID-1838786",
"CSAFPID-2698946",
"CSAFPID-1145643",
"CSAFPID-1839839",
"CSAFPID-1839840",
"CSAFPID-1173987",
"CSAFPID-2698635",
"CSAFPID-2698634"
]
}
],
"title": "CVE-2024-52046"
},
{
"cve": "CVE-2025-30723",
"product_status": {
"known_affected": [
"CSAFPID-1144583",
"CSAFPID-1839844",
"CSAFPID-1144584",
"CSAFPID-1839843",
"CSAFPID-1839853",
"CSAFPID-1215050",
"CSAFPID-1838786",
"CSAFPID-2698946",
"CSAFPID-1145643",
"CSAFPID-1839839",
"CSAFPID-1839840",
"CSAFPID-1173987",
"CSAFPID-2698635",
"CSAFPID-2698634"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-30723",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30723.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1144583",
"CSAFPID-1839844",
"CSAFPID-1144584",
"CSAFPID-1839843",
"CSAFPID-1839853",
"CSAFPID-1215050",
"CSAFPID-1838786",
"CSAFPID-2698946",
"CSAFPID-1145643",
"CSAFPID-1839839",
"CSAFPID-1839840",
"CSAFPID-1173987",
"CSAFPID-2698635",
"CSAFPID-2698634"
]
}
],
"title": "CVE-2025-30723"
},
{
"cve": "CVE-2025-30724",
"product_status": {
"known_affected": [
"CSAFPID-1144583",
"CSAFPID-1839844",
"CSAFPID-1144584",
"CSAFPID-1839843",
"CSAFPID-1839853",
"CSAFPID-1215050",
"CSAFPID-1838786",
"CSAFPID-2698946",
"CSAFPID-1145643",
"CSAFPID-1839839",
"CSAFPID-1839840",
"CSAFPID-1173987",
"CSAFPID-2698635",
"CSAFPID-2698634"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-30724",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30724.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1144583",
"CSAFPID-1839844",
"CSAFPID-1144584",
"CSAFPID-1839843",
"CSAFPID-1839853",
"CSAFPID-1215050",
"CSAFPID-1838786",
"CSAFPID-2698946",
"CSAFPID-1145643",
"CSAFPID-1839839",
"CSAFPID-1839840",
"CSAFPID-1173987",
"CSAFPID-2698635",
"CSAFPID-2698634"
]
}
],
"title": "CVE-2025-30724"
}
]
}
WID-SEC-W-2024-3237
Vulnerability from csaf_certbund - Published: 2024-10-17 22:00 - Updated: 2026-05-12 22:00Summary
VMware Tanzu Spring Framework: Mehrere Schwachstellen
Severity
Mittel
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Das Spring Framework bietet ein Entwicklungsmodell für Java mit Infrastrukturunterstützung auf Anwendungsebene.
Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in VMware Tanzu Spring Framework ausnutzen, um Informationen offenzulegen oder Sicherheitsmaßnahmen zu umgehen.
Betroffene Betriebssysteme: - Linux
- Sonstiges
- UNIX
- Windows
Affected products
Known affected
30 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
VMware Tanzu Spring Framework <6.0.25
VMware Tanzu / Spring Framework
|
<6.0.25 | ||
|
VMware Tanzu Spring Framework <6.1.14
VMware Tanzu / Spring Framework
|
<6.1.14 | ||
|
Hitachi Ops Center
Hitachi / Ops Center
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
Dell NetWorker <19.13
Dell / NetWorker
|
<19.13 | ||
|
Adobe Experience Manager Forms <6.5.22.0 (AEMForms-6.5.0-0095)
Adobe / Experience Manager Forms
|
<6.5.22.0 (AEMForms-6.5.0-0095) | ||
|
HCL Commerce 9.1.0-9.1.19.0
HCL / Commerce
|
cpe:/a:hcltechsw:commerce:9.1.0_-_9.1.19.0
|
9.1.0-9.1.19.0 | |
|
RealObjects PDFreactor <12.0.1
RealObjects / PDFreactor
|
<12.0.1 | ||
|
IBM Operational Decision Manager
IBM
|
cpe:/a:ibm:operational_decision_manager:-
|
— | |
|
HCL BigFix Service Management
HCL / BigFix
|
cpe:/a:hcltech:bigfix:service_management
|
Service Management | |
|
Atlassian Bitbucket <9.4.13 (LTS)
Atlassian / Bitbucket
|
<9.4.13 (LTS) | ||
|
Hitachi Ops Center <11.0.4-00
Hitachi / Ops Center
|
<11.0.4-00 | ||
|
Atlassian Bitbucket <8.19.25 (LTS)
Atlassian / Bitbucket
|
<8.19.25 (LTS) | ||
|
Atlassian Bitbucket <10.0.2
Atlassian / Bitbucket
|
<10.0.2 | ||
|
Atlassian Confluence <9.2.0 (LTS)
Atlassian / Confluence
|
<9.2.0 (LTS) | ||
|
IBM InfoSphere Information Server
IBM / InfoSphere Information Server
|
cpe:/a:ibm:infosphere_information_server:-
|
— | |
|
Atlassian Bitbucket Data Center <8.9.24 (LTS)
Atlassian / Bitbucket
|
Data Center <8.9.24 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.2 (LTS)
Atlassian / Bitbucket
|
Data Center <9.4.2 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.5.0
Atlassian / Bitbucket
|
Data Center <9.5.0 | ||
|
Atlassian Confluence <7.19.30
Atlassian / Confluence
|
<7.19.30 | ||
|
Red Hat Integration Camel for Spring Boot 1
Red Hat / Integration
|
cpe:/a:redhat:integration:camel_for_spring_boot_1
|
Camel for Spring Boot 1 | |
|
Atlassian Confluence <8.5.18
Atlassian / Confluence
|
<8.5.18 | ||
|
NetApp ActiveIQ Unified Manager
NetApp / ActiveIQ Unified Manager
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— | |
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 | ||
|
VMware Tanzu Spring Framework <5.3.41
VMware Tanzu / Spring Framework
|
<5.3.41 | ||
|
NetApp ActiveIQ Unified Manager
NetApp / ActiveIQ Unified Manager
|
cpe:/a:netapp:active_iq_unified_manager:for_linux
|
— | |
|
IBM InfoSphere Information Server 11.7
IBM / InfoSphere Information Server
|
cpe:/a:ibm:infosphere_information_server:11.7
|
11.7 | |
|
IBM Business Automation Workflow
IBM
|
cpe:/a:ibm:business_automation_workflow:-
|
— | |
|
Atlassian Confluence <7.19.30 (LTS)
Atlassian / Confluence
|
<7.19.30 (LTS) | ||
|
Atlassian Confluence <8.5.18 (LTS)
Atlassian / Confluence
|
<8.5.18 (LTS) | ||
|
SolarWinds Security Event Manager <2025.4
SolarWinds / Security Event Manager
|
<2025.4 |
Affected products
Known affected
30 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
VMware Tanzu Spring Framework <6.0.25
VMware Tanzu / Spring Framework
|
<6.0.25 | ||
|
VMware Tanzu Spring Framework <6.1.14
VMware Tanzu / Spring Framework
|
<6.1.14 | ||
|
Hitachi Ops Center
Hitachi / Ops Center
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
Dell NetWorker <19.13
Dell / NetWorker
|
<19.13 | ||
|
Adobe Experience Manager Forms <6.5.22.0 (AEMForms-6.5.0-0095)
Adobe / Experience Manager Forms
|
<6.5.22.0 (AEMForms-6.5.0-0095) | ||
|
HCL Commerce 9.1.0-9.1.19.0
HCL / Commerce
|
cpe:/a:hcltechsw:commerce:9.1.0_-_9.1.19.0
|
9.1.0-9.1.19.0 | |
|
RealObjects PDFreactor <12.0.1
RealObjects / PDFreactor
|
<12.0.1 | ||
|
IBM Operational Decision Manager
IBM
|
cpe:/a:ibm:operational_decision_manager:-
|
— | |
|
HCL BigFix Service Management
HCL / BigFix
|
cpe:/a:hcltech:bigfix:service_management
|
Service Management | |
|
Atlassian Bitbucket <9.4.13 (LTS)
Atlassian / Bitbucket
|
<9.4.13 (LTS) | ||
|
Hitachi Ops Center <11.0.4-00
Hitachi / Ops Center
|
<11.0.4-00 | ||
|
Atlassian Bitbucket <8.19.25 (LTS)
Atlassian / Bitbucket
|
<8.19.25 (LTS) | ||
|
Atlassian Bitbucket <10.0.2
Atlassian / Bitbucket
|
<10.0.2 | ||
|
Atlassian Confluence <9.2.0 (LTS)
Atlassian / Confluence
|
<9.2.0 (LTS) | ||
|
IBM InfoSphere Information Server
IBM / InfoSphere Information Server
|
cpe:/a:ibm:infosphere_information_server:-
|
— | |
|
Atlassian Bitbucket Data Center <8.9.24 (LTS)
Atlassian / Bitbucket
|
Data Center <8.9.24 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.2 (LTS)
Atlassian / Bitbucket
|
Data Center <9.4.2 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.5.0
Atlassian / Bitbucket
|
Data Center <9.5.0 | ||
|
Atlassian Confluence <7.19.30
Atlassian / Confluence
|
<7.19.30 | ||
|
Red Hat Integration Camel for Spring Boot 1
Red Hat / Integration
|
cpe:/a:redhat:integration:camel_for_spring_boot_1
|
Camel for Spring Boot 1 | |
|
Atlassian Confluence <8.5.18
Atlassian / Confluence
|
<8.5.18 | ||
|
NetApp ActiveIQ Unified Manager
NetApp / ActiveIQ Unified Manager
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— | |
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 | ||
|
VMware Tanzu Spring Framework <5.3.41
VMware Tanzu / Spring Framework
|
<5.3.41 | ||
|
NetApp ActiveIQ Unified Manager
NetApp / ActiveIQ Unified Manager
|
cpe:/a:netapp:active_iq_unified_manager:for_linux
|
— | |
|
IBM InfoSphere Information Server 11.7
IBM / InfoSphere Information Server
|
cpe:/a:ibm:infosphere_information_server:11.7
|
11.7 | |
|
IBM Business Automation Workflow
IBM
|
cpe:/a:ibm:business_automation_workflow:-
|
— | |
|
Atlassian Confluence <7.19.30 (LTS)
Atlassian / Confluence
|
<7.19.30 (LTS) | ||
|
Atlassian Confluence <8.5.18 (LTS)
Atlassian / Confluence
|
<8.5.18 (LTS) | ||
|
SolarWinds Security Event Manager <2025.4
SolarWinds / Security Event Manager
|
<2025.4 |
References
24 references
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Das Spring Framework bietet ein Entwicklungsmodell f\u00fcr Java mit Infrastrukturunterst\u00fctzung auf Anwendungsebene.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in VMware Tanzu Spring Framework ausnutzen, um Informationen offenzulegen oder Sicherheitsma\u00dfnahmen zu umgehen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-3237 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3237.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-3237 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3237"
},
{
"category": "external",
"summary": "NetApp Security Advisory NTAP-20250110-0010 vom 2025-01-10",
"url": "https://security.netapp.com/advisory/ntap-20250110-0010/"
},
{
"category": "external",
"summary": "Atlassian Security Advisory CONFSERVER-98564 vom 2024-12-19",
"url": "https://jira.atlassian.com/browse/CONFSERVER-98564"
},
{
"category": "external",
"summary": "PoC auf GitHub vom 2024-12-17",
"url": "https://github.com/masa42/CVE-2024-38819-POC"
},
{
"category": "external",
"summary": "Spring blog vom 2024-10-17",
"url": "https://spring.io/blog/2024/10/17/spring-framework-cve-2024-38819-and-cve-2024-38820-published"
},
{
"category": "external",
"summary": "PDFreactor 12 Hotfix Release vom 2024-11-13",
"url": "https://www.pdfreactor.com/pdfreactor-12-hotfix-release-12-0-1-now-available/"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:10700 vom 2024-12-02",
"url": "https://access.redhat.com/errata/RHSA-2024:10700"
},
{
"category": "external",
"summary": "Atlassian Security Advisory BSERV-19781 vom 2025-01-21",
"url": "https://confluence.atlassian.com/security/security-bulletin-january-21-2025-1489803942.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7185046 vom 2025-03-28",
"url": "https://www.ibm.com/support/pages/node/7185046"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7229205 vom 2025-04-05",
"url": "https://www.ibm.com/support/pages/node/7229205"
},
{
"category": "external",
"summary": "Adobe Security Bulletin APSB25-27 vom 2025-04-08",
"url": "https://helpx.adobe.com/security/products/aem-forms/apsb25-27.html"
},
{
"category": "external",
"summary": "Hitachi Vulnerability Information HITACHI-SEC-2025-113 vom 2025-05-15",
"url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2025-113/index.html"
},
{
"category": "external",
"summary": "NetApp Security Advisory NTAP-20241129-0003 vom 2025-06-20",
"url": "https://security.netapp.com/advisory/NTAP-20241129-0003"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2025-258 vom 2025-06-30",
"url": "https://www.dell.com/support/kbdoc/de-de/000338043/dsa-2025-258-security-update-for-dell-networker-multiple-third-party-component-vulnerabilities"
},
{
"category": "external",
"summary": "HCL Security Bulletin vom 2025-08-28",
"url": "https://support.hcl-software.com/community?id=community_blog\u0026sys_id=d45b6a4b93636e901254f0cd1dba10f2"
},
{
"category": "external",
"summary": "Hitachi Vulnerability Information HITACHI-SEC-2025-127 vom 2025-09-30",
"url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2025-127/index.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7246096 vom 2025-09-29",
"url": "https://www.ibm.com/support/pages/node/7246096"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7183042 vom 2025-10-08",
"url": "https://www.ibm.com/support/pages/node/7247442"
},
{
"category": "external",
"summary": "Solarwinds SEM 2025.4 release notes vom 2025-10-14",
"url": "https://documentation.solarwinds.com/en/success_center/sem/content/release_notes/sem_2025-4_release_notes.htm"
},
{
"category": "external",
"summary": "Atlassian Security Bulletin - November 18 2025",
"url": "https://confluence.atlassian.com/security/security-bulletin-november-18-2025-1671463469.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7252567 vom 2025-11-26",
"url": "https://www.ibm.com/support/pages/node/7252567"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2026-152 vom 2026-03-23",
"url": "https://www.dell.com/support/kbdoc/de-de/000443243/dsa-2026-152-dell-secure-connect-gateway-security-update-for-multiple-third-party-component-vulnerabilities"
},
{
"category": "external",
"summary": "HCL Security Bulletin vom 2026-05-12",
"url": "https://support.hcl-software.com/community?id=community_blog\u0026sys_id=2f600efd2bf4c7900c64f1a1d891bf19"
}
],
"source_lang": "en-US",
"title": "VMware Tanzu Spring Framework: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-05-12T22:00:00.000+00:00",
"generator": {
"date": "2026-05-13T08:12:10.257+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2024-3237",
"initial_release_date": "2024-10-17T22:00:00.000+00:00",
"revision_history": [
{
"date": "2024-10-17T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2024-11-13T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2024-12-02T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-12-17T23:00:00.000+00:00",
"number": "4",
"summary": "PoC aufgenommen"
},
{
"date": "2024-12-18T23:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Atlassian aufgenommen"
},
{
"date": "2025-01-09T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von NetApp aufgenommen"
},
{
"date": "2025-01-21T23:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Atlassian aufgenommen"
},
{
"date": "2025-03-30T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-04-06T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-04-08T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Adobe aufgenommen"
},
{
"date": "2025-04-09T22:00:00.000+00:00",
"number": "11",
"summary": "Doppelte Eintragung bereinigt"
},
{
"date": "2025-05-14T22:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von HITACHI aufgenommen"
},
{
"date": "2025-06-22T22:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von NetApp aufgenommen"
},
{
"date": "2025-06-29T22:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Dell aufgenommen"
},
{
"date": "2025-08-28T22:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2025-09-29T22:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von HITACHI und IBM aufgenommen"
},
{
"date": "2025-10-08T22:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-10-13T22:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2025-11-18T23:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2025-11-25T23:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-11-30T23:00:00.000+00:00",
"number": "21",
"summary": "Referenz(en) aufgenommen: 7253216"
},
{
"date": "2026-03-23T23:00:00.000+00:00",
"number": "22",
"summary": "Neue Updates von Dell aufgenommen"
},
{
"date": "2026-05-12T22:00:00.000+00:00",
"number": "23",
"summary": "Neue Updates aufgenommen"
}
],
"status": "final",
"version": "23"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c6.5.22.0 (AEMForms-6.5.0-0095)",
"product": {
"name": "Adobe Experience Manager Forms \u003c6.5.22.0 (AEMForms-6.5.0-0095)",
"product_id": "T042514"
}
},
{
"category": "product_version",
"name": "6.5.22.0 (AEMForms-6.5.0-0095)",
"product": {
"name": "Adobe Experience Manager Forms 6.5.22.0 (AEMForms-6.5.0-0095)",
"product_id": "T042514-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:adobe:aem_forms:6.5.22.0_%28aemforms-6.5.0-0095%29"
}
}
}
],
"category": "product_name",
"name": "Experience Manager Forms"
}
],
"category": "vendor",
"name": "Adobe"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "Data Center \u003c9.5.0",
"product": {
"name": "Atlassian Bitbucket Data Center \u003c9.5.0",
"product_id": "T040536"
}
},
{
"category": "product_version",
"name": "Data Center 9.5.0",
"product": {
"name": "Atlassian Bitbucket Data Center 9.5.0",
"product_id": "T040536-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bitbucket:data_center__9.5.0"
}
}
},
{
"category": "product_version_range",
"name": "Data Center \u003c9.4.2 (LTS)",
"product": {
"name": "Atlassian Bitbucket Data Center \u003c9.4.2 (LTS)",
"product_id": "T040537"
}
},
{
"category": "product_version",
"name": "Data Center 9.4.2 (LTS)",
"product": {
"name": "Atlassian Bitbucket Data Center 9.4.2 (LTS)",
"product_id": "T040537-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bitbucket:data_center__9.4.2_%28lts%29"
}
}
},
{
"category": "product_version_range",
"name": "Data Center \u003c8.9.24 (LTS)",
"product": {
"name": "Atlassian Bitbucket Data Center \u003c8.9.24 (LTS)",
"product_id": "T040538"
}
},
{
"category": "product_version",
"name": "Data Center 8.9.24 (LTS)",
"product": {
"name": "Atlassian Bitbucket Data Center 8.9.24 (LTS)",
"product_id": "T040538-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bitbucket:data_center__8.9.24_%28lts%29"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.0.2",
"product": {
"name": "Atlassian Bitbucket \u003c10.0.2",
"product_id": "T048675"
}
},
{
"category": "product_version",
"name": "10.0.2",
"product": {
"name": "Atlassian Bitbucket 10.0.2",
"product_id": "T048675-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bitbucket:10.0.2"
}
}
},
{
"category": "product_version_range",
"name": "\u003c8.19.25 (LTS)",
"product": {
"name": "Atlassian Bitbucket \u003c8.19.25 (LTS)",
"product_id": "T048676"
}
},
{
"category": "product_version",
"name": "8.19.25 (LTS)",
"product": {
"name": "Atlassian Bitbucket 8.19.25 (LTS)",
"product_id": "T048676-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bitbucket:8.19.25_%28lts%29"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.4.13 (LTS)",
"product": {
"name": "Atlassian Bitbucket \u003c9.4.13 (LTS)",
"product_id": "T048677"
}
},
{
"category": "product_version",
"name": "9.4.13 (LTS)",
"product": {
"name": "Atlassian Bitbucket 9.4.13 (LTS)",
"product_id": "T048677-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bitbucket:9.4.13_%28lts%29"
}
}
}
],
"category": "product_name",
"name": "Bitbucket"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c8.5.18",
"product": {
"name": "Atlassian Confluence \u003c8.5.18",
"product_id": "T039943"
}
},
{
"category": "product_version",
"name": "8.5.18",
"product": {
"name": "Atlassian Confluence 8.5.18",
"product_id": "T039943-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:confluence:8.5.18"
}
}
},
{
"category": "product_version_range",
"name": "\u003c7.19.30",
"product": {
"name": "Atlassian Confluence \u003c7.19.30",
"product_id": "T039944"
}
},
{
"category": "product_version",
"name": "7.19.30",
"product": {
"name": "Atlassian Confluence 7.19.30",
"product_id": "T039944-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:confluence:7.19.30"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.2.0 (LTS)",
"product": {
"name": "Atlassian Confluence \u003c9.2.0 (LTS)",
"product_id": "T040539"
}
},
{
"category": "product_version",
"name": "9.2.0 (LTS)",
"product": {
"name": "Atlassian Confluence 9.2.0 (LTS)",
"product_id": "T040539-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:confluence:9.2.0_%28lts%29"
}
}
},
{
"category": "product_version_range",
"name": "\u003c8.5.18 (LTS)",
"product": {
"name": "Atlassian Confluence \u003c8.5.18 (LTS)",
"product_id": "T040540"
}
},
{
"category": "product_version",
"name": "8.5.18 (LTS)",
"product": {
"name": "Atlassian Confluence 8.5.18 (LTS)",
"product_id": "T040540-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:confluence:8.5.18_%28lts%29"
}
}
},
{
"category": "product_version_range",
"name": "\u003c7.19.30 (LTS)",
"product": {
"name": "Atlassian Confluence \u003c7.19.30 (LTS)",
"product_id": "T040541"
}
},
{
"category": "product_version",
"name": "7.19.30 (LTS)",
"product": {
"name": "Atlassian Confluence 7.19.30 (LTS)",
"product_id": "T040541-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:confluence:7.19.30_%28lts%29"
}
}
}
],
"category": "product_name",
"name": "Confluence"
}
],
"category": "vendor",
"name": "Atlassian"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c19.13",
"product": {
"name": "Dell NetWorker \u003c19.13",
"product_id": "T044954"
}
},
{
"category": "product_version",
"name": "19.13",
"product": {
"name": "Dell NetWorker 19.13",
"product_id": "T044954-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:networker:19.13"
}
}
}
],
"category": "product_name",
"name": "NetWorker"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c5.34.00.16",
"product": {
"name": "Dell Secure Connect Gateway \u003c5.34.00.16",
"product_id": "T052048"
}
},
{
"category": "product_version",
"name": "5.34.00.16",
"product": {
"name": "Dell Secure Connect Gateway 5.34.00.16",
"product_id": "T052048-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:secure_connect_gateway:5.34.00.16"
}
}
}
],
"category": "product_name",
"name": "Secure Connect Gateway"
}
],
"category": "vendor",
"name": "Dell"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "Service Management",
"product": {
"name": "HCL BigFix Service Management",
"product_id": "T046595",
"product_identification_helper": {
"cpe": "cpe:/a:hcltech:bigfix:service_management"
}
}
}
],
"category": "product_name",
"name": "BigFix"
},
{
"branches": [
{
"category": "product_version",
"name": "9.1.0-9.1.19.0",
"product": {
"name": "HCL Commerce 9.1.0-9.1.19.0",
"product_id": "T053858",
"product_identification_helper": {
"cpe": "cpe:/a:hcltechsw:commerce:9.1.0_-_9.1.19.0"
}
}
}
],
"category": "product_name",
"name": "Commerce"
}
],
"category": "vendor",
"name": "HCL"
},
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Hitachi Ops Center",
"product": {
"name": "Hitachi Ops Center",
"product_id": "T038840",
"product_identification_helper": {
"cpe": "cpe:/a:hitachi:ops_center:-"
}
}
},
{
"category": "product_version_range",
"name": "\u003c11.0.4-00",
"product": {
"name": "Hitachi Ops Center \u003c11.0.4-00",
"product_id": "T043089"
}
},
{
"category": "product_version",
"name": "11.0.4-00",
"product": {
"name": "Hitachi Ops Center 11.0.4-00",
"product_id": "T043089-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:hitachi:ops_center:11.0.4-00"
}
}
}
],
"category": "product_name",
"name": "Ops Center"
}
],
"category": "vendor",
"name": "Hitachi"
},
{
"branches": [
{
"category": "product_name",
"name": "IBM Business Automation Workflow",
"product": {
"name": "IBM Business Automation Workflow",
"product_id": "T019704",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "11.7",
"product": {
"name": "IBM InfoSphere Information Server 11.7",
"product_id": "444803",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:infosphere_information_server:11.7"
}
}
},
{
"category": "product_name",
"name": "IBM InfoSphere Information Server",
"product": {
"name": "IBM InfoSphere Information Server",
"product_id": "T035705",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:infosphere_information_server:-"
}
}
}
],
"category": "product_name",
"name": "InfoSphere Information Server"
},
{
"category": "product_name",
"name": "IBM Operational Decision Manager",
"product": {
"name": "IBM Operational Decision Manager",
"product_id": "T005180",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:operational_decision_manager:-"
}
}
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "NetApp ActiveIQ Unified Manager",
"product": {
"name": "NetApp ActiveIQ Unified Manager",
"product_id": "T016960",
"product_identification_helper": {
"cpe": "cpe:/a:netapp:active_iq_unified_manager:-"
}
}
},
{
"category": "product_name",
"name": "NetApp ActiveIQ Unified Manager",
"product": {
"name": "NetApp ActiveIQ Unified Manager",
"product_id": "T023548",
"product_identification_helper": {
"cpe": "cpe:/a:netapp:active_iq_unified_manager:for_linux"
}
}
}
],
"category": "product_name",
"name": "ActiveIQ Unified Manager"
}
],
"category": "vendor",
"name": "NetApp"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c12.0.1",
"product": {
"name": "RealObjects PDFreactor \u003c12.0.1",
"product_id": "T039150"
}
},
{
"category": "product_version",
"name": "12.0.1",
"product": {
"name": "RealObjects PDFreactor 12.0.1",
"product_id": "T039150-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:realobjects:pdfreactor:12.0.1"
}
}
}
],
"category": "product_name",
"name": "PDFreactor"
}
],
"category": "vendor",
"name": "RealObjects"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "Camel for Spring Boot 1",
"product": {
"name": "Red Hat Integration Camel for Spring Boot 1",
"product_id": "T035240",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:integration:camel_for_spring_boot_1"
}
}
}
],
"category": "product_name",
"name": "Integration"
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c2025.4",
"product": {
"name": "SolarWinds Security Event Manager \u003c2025.4",
"product_id": "T047576"
}
},
{
"category": "product_version",
"name": "2025.4",
"product": {
"name": "SolarWinds Security Event Manager 2025.4",
"product_id": "T047576-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:solarwinds:security_event_manager:2025.4"
}
}
}
],
"category": "product_name",
"name": "Security Event Manager"
}
],
"category": "vendor",
"name": "SolarWinds"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c5.3.41",
"product": {
"name": "VMware Tanzu Spring Framework \u003c5.3.41",
"product_id": "T038499"
}
},
{
"category": "product_version",
"name": "5.3.41",
"product": {
"name": "VMware Tanzu Spring Framework 5.3.41",
"product_id": "T038499-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:vmware_tanzu:spring_framework:5.3.41"
}
}
},
{
"category": "product_version_range",
"name": "\u003c6.0.25",
"product": {
"name": "VMware Tanzu Spring Framework \u003c6.0.25",
"product_id": "T038500"
}
},
{
"category": "product_version",
"name": "6.0.25",
"product": {
"name": "VMware Tanzu Spring Framework 6.0.25",
"product_id": "T038500-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:vmware_tanzu:spring_framework:6.0.25"
}
}
},
{
"category": "product_version_range",
"name": "\u003c6.1.14",
"product": {
"name": "VMware Tanzu Spring Framework \u003c6.1.14",
"product_id": "T038501"
}
},
{
"category": "product_version",
"name": "6.1.14",
"product": {
"name": "VMware Tanzu Spring Framework 6.1.14",
"product_id": "T038501-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:vmware_tanzu:spring_framework:6.1.14"
}
}
}
],
"category": "product_name",
"name": "Spring Framework"
}
],
"category": "vendor",
"name": "VMware Tanzu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-38819",
"product_status": {
"known_affected": [
"T038500",
"T038501",
"T038840",
"T044954",
"T042514",
"T053858",
"T039150",
"T005180",
"T046595",
"T048677",
"T043089",
"T048676",
"T048675",
"T040539",
"T035705",
"T040538",
"T040537",
"T040536",
"T039944",
"T035240",
"T039943",
"T016960",
"T052048",
"T038499",
"T023548",
"444803",
"T019704",
"T040541",
"T040540",
"T047576"
]
},
"release_date": "2024-10-17T22:00:00.000+00:00",
"title": "CVE-2024-38819"
},
{
"cve": "CVE-2024-38820",
"product_status": {
"known_affected": [
"T038500",
"T038501",
"T038840",
"T044954",
"T042514",
"T053858",
"T039150",
"T005180",
"T046595",
"T048677",
"T043089",
"T048676",
"T048675",
"T040539",
"T035705",
"T040538",
"T040537",
"T040536",
"T039944",
"T035240",
"T039943",
"T016960",
"T052048",
"T038499",
"T023548",
"444803",
"T019704",
"T040541",
"T040540",
"T047576"
]
},
"release_date": "2024-10-17T22:00:00.000+00:00",
"title": "CVE-2024-38820"
}
]
}
WID-SEC-W-2025-0307
Vulnerability from csaf_certbund - Published: 2025-02-10 23:00 - Updated: 2025-02-10 23:00Summary
SAP Patchday Februar 2025: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: SAP stellt unternehmensweite Lösungen für Geschäftsprozesse wie Buchführung, Vertrieb, Einkauf und Lagerhaltung zur Verfügung.
Angriff: Ein Angreifer kann mehrere Schwachstellen in der SAP-Software ausnutzen, um erhöhte Berechtigungen zu erlangen, Sicherheitsmaßnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuführen, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen.
Betroffene Betriebssysteme: - Sonstiges
- UNIX
- Windows
Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungsprüfungen oder eine unsachgemäße Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsmaßnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuführen, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Maß an Berechtigungen, um erfolgreich ausgenutzt zu werden.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungsprüfungen oder eine unsachgemäße Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsmaßnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuführen, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Maß an Berechtigungen, um erfolgreich ausgenutzt zu werden.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungsprüfungen oder eine unsachgemäße Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsmaßnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuführen, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Maß an Berechtigungen, um erfolgreich ausgenutzt zu werden.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungsprüfungen oder eine unsachgemäße Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsmaßnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuführen, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Maß an Berechtigungen, um erfolgreich ausgenutzt zu werden.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungsprüfungen oder eine unsachgemäße Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsmaßnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuführen, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Maß an Berechtigungen, um erfolgreich ausgenutzt zu werden.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungsprüfungen oder eine unsachgemäße Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsmaßnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuführen, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Maß an Berechtigungen, um erfolgreich ausgenutzt zu werden.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungsprüfungen oder eine unsachgemäße Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsmaßnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuführen, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Maß an Berechtigungen, um erfolgreich ausgenutzt zu werden.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungsprüfungen oder eine unsachgemäße Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsmaßnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuführen, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Maß an Berechtigungen, um erfolgreich ausgenutzt zu werden.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungsprüfungen oder eine unsachgemäße Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsmaßnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuführen, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Maß an Berechtigungen, um erfolgreich ausgenutzt zu werden.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungsprüfungen oder eine unsachgemäße Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsmaßnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuführen, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Maß an Berechtigungen, um erfolgreich ausgenutzt zu werden.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungsprüfungen oder eine unsachgemäße Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsmaßnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuführen, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Maß an Berechtigungen, um erfolgreich ausgenutzt zu werden.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungsprüfungen oder eine unsachgemäße Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsmaßnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuführen, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Maß an Berechtigungen, um erfolgreich ausgenutzt zu werden.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungsprüfungen oder eine unsachgemäße Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsmaßnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuführen, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Maß an Berechtigungen, um erfolgreich ausgenutzt zu werden.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungsprüfungen oder eine unsachgemäße Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsmaßnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuführen, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Maß an Berechtigungen, um erfolgreich ausgenutzt zu werden.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungsprüfungen oder eine unsachgemäße Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsmaßnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuführen, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Maß an Berechtigungen, um erfolgreich ausgenutzt zu werden.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungsprüfungen oder eine unsachgemäße Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsmaßnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuführen, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Maß an Berechtigungen, um erfolgreich ausgenutzt zu werden.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungsprüfungen oder eine unsachgemäße Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsmaßnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuführen, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Maß an Berechtigungen, um erfolgreich ausgenutzt zu werden.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungsprüfungen oder eine unsachgemäße Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsmaßnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuführen, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Maß an Berechtigungen, um erfolgreich ausgenutzt zu werden.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungsprüfungen oder eine unsachgemäße Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsmaßnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuführen, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Maß an Berechtigungen, um erfolgreich ausgenutzt zu werden.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungsprüfungen oder eine unsachgemäße Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsmaßnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuführen, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Maß an Berechtigungen, um erfolgreich ausgenutzt zu werden.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungsprüfungen oder eine unsachgemäße Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsmaßnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuführen, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Maß an Berechtigungen, um erfolgreich ausgenutzt zu werden.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungsprüfungen oder eine unsachgemäße Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsmaßnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuführen, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Maß an Berechtigungen, um erfolgreich ausgenutzt zu werden.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungsprüfungen oder eine unsachgemäße Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsmaßnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuführen, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Maß an Berechtigungen, um erfolgreich ausgenutzt zu werden.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungsprüfungen oder eine unsachgemäße Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsmaßnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuführen, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Maß an Berechtigungen, um erfolgreich ausgenutzt zu werden.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
References
3 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "SAP stellt unternehmensweite L\u00f6sungen f\u00fcr Gesch\u00e4ftsprozesse wie Buchf\u00fchrung, Vertrieb, Einkauf und Lagerhaltung zur Verf\u00fcgung.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in der SAP-Software ausnutzen, um erh\u00f6hte Berechtigungen zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-0307 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0307.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-0307 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0307"
},
{
"category": "external",
"summary": "SAP Security Patch Day vom 2025-02-10",
"url": "https://support.sap.com/en/my-support/knowledge-base/security-notes-news/february-2025.html"
}
],
"source_lang": "en-US",
"title": "SAP Patchday Februar 2025: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-02-10T23:00:00.000+00:00",
"generator": {
"date": "2025-02-11T10:06:06.082+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.10"
}
},
"id": "WID-SEC-W-2025-0307",
"initial_release_date": "2025-02-10T23:00:00.000+00:00",
"revision_history": [
{
"date": "2025-02-10T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "SAP Software",
"product": {
"name": "SAP Software",
"product_id": "T040977",
"product_identification_helper": {
"cpe": "cpe:/a:sap:sap:-"
}
}
}
],
"category": "vendor",
"name": "SAP"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-24527",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T040977"
]
},
"release_date": "2025-02-10T23:00:00.000+00:00",
"title": "CVE-2023-24527"
},
{
"cve": "CVE-2024-22126",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T040977"
]
},
"release_date": "2025-02-10T23:00:00.000+00:00",
"title": "CVE-2024-22126"
},
{
"cve": "CVE-2024-38819",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T040977"
]
},
"release_date": "2025-02-10T23:00:00.000+00:00",
"title": "CVE-2024-38819"
},
{
"cve": "CVE-2024-38820",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T040977"
]
},
"release_date": "2025-02-10T23:00:00.000+00:00",
"title": "CVE-2024-38820"
},
{
"cve": "CVE-2024-38828",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T040977"
]
},
"release_date": "2025-02-10T23:00:00.000+00:00",
"title": "CVE-2024-38828"
},
{
"cve": "CVE-2024-45216",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T040977"
]
},
"release_date": "2025-02-10T23:00:00.000+00:00",
"title": "CVE-2024-45216"
},
{
"cve": "CVE-2024-45217",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T040977"
]
},
"release_date": "2025-02-10T23:00:00.000+00:00",
"title": "CVE-2024-45217"
},
{
"cve": "CVE-2025-0054",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T040977"
]
},
"release_date": "2025-02-10T23:00:00.000+00:00",
"title": "CVE-2025-0054"
},
{
"cve": "CVE-2025-0064",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T040977"
]
},
"release_date": "2025-02-10T23:00:00.000+00:00",
"title": "CVE-2025-0064"
},
{
"cve": "CVE-2025-23187",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T040977"
]
},
"release_date": "2025-02-10T23:00:00.000+00:00",
"title": "CVE-2025-23187"
},
{
"cve": "CVE-2025-23189",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T040977"
]
},
"release_date": "2025-02-10T23:00:00.000+00:00",
"title": "CVE-2025-23189"
},
{
"cve": "CVE-2025-23190",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T040977"
]
},
"release_date": "2025-02-10T23:00:00.000+00:00",
"title": "CVE-2025-23190"
},
{
"cve": "CVE-2025-23191",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T040977"
]
},
"release_date": "2025-02-10T23:00:00.000+00:00",
"title": "CVE-2025-23191"
},
{
"cve": "CVE-2025-23193",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T040977"
]
},
"release_date": "2025-02-10T23:00:00.000+00:00",
"title": "CVE-2025-23193"
},
{
"cve": "CVE-2025-24867",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T040977"
]
},
"release_date": "2025-02-10T23:00:00.000+00:00",
"title": "CVE-2025-24867"
},
{
"cve": "CVE-2025-24868",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T040977"
]
},
"release_date": "2025-02-10T23:00:00.000+00:00",
"title": "CVE-2025-24868"
},
{
"cve": "CVE-2025-24869",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T040977"
]
},
"release_date": "2025-02-10T23:00:00.000+00:00",
"title": "CVE-2025-24869"
},
{
"cve": "CVE-2025-24870",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T040977"
]
},
"release_date": "2025-02-10T23:00:00.000+00:00",
"title": "CVE-2025-24870"
},
{
"cve": "CVE-2025-24872",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T040977"
]
},
"release_date": "2025-02-10T23:00:00.000+00:00",
"title": "CVE-2025-24872"
},
{
"cve": "CVE-2025-24874",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T040977"
]
},
"release_date": "2025-02-10T23:00:00.000+00:00",
"title": "CVE-2025-24874"
},
{
"cve": "CVE-2025-24875",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T040977"
]
},
"release_date": "2025-02-10T23:00:00.000+00:00",
"title": "CVE-2025-24875"
},
{
"cve": "CVE-2025-24876",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T040977"
]
},
"release_date": "2025-02-10T23:00:00.000+00:00",
"title": "CVE-2025-24876"
},
{
"cve": "CVE-2025-25241",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T040977"
]
},
"release_date": "2025-02-10T23:00:00.000+00:00",
"title": "CVE-2025-25241"
},
{
"cve": "CVE-2025-25243",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T040977"
]
},
"release_date": "2025-02-10T23:00:00.000+00:00",
"title": "CVE-2025-25243"
}
]
}
WID-SEC-W-2025-0521
Vulnerability from csaf_certbund - Published: 2025-03-10 23:00 - Updated: 2025-03-10 23:00Summary
SAP Patchday März 2025: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: SAP stellt unternehmensweite Lösungen für Geschäftsprozesse wie Buchführung, Vertrieb, Einkauf und Lagerhaltung zur Verfügung.
Angriff: Ein Angreifer kann diese Schwachstellen ausnutzen, um erhöhte Privilegien zu erlangen, beliebigen Code auszuführen, Cross-Site-Scripting-Angriffe durchzuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und Daten zu manipulieren.
Betroffene Betriebssysteme: - Linux
- Sonstiges
- Windows
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
References
3 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "SAP stellt unternehmensweite L\u00f6sungen f\u00fcr Gesch\u00e4ftsprozesse wie Buchf\u00fchrung, Vertrieb, Einkauf und Lagerhaltung zur Verf\u00fcgung.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann diese Schwachstellen ausnutzen, um erh\u00f6hte Privilegien zu erlangen, beliebigen Code auszuf\u00fchren, Cross-Site-Scripting-Angriffe durchzuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und Daten zu manipulieren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- Sonstiges\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-0521 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0521.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-0521 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0521"
},
{
"category": "external",
"summary": "SAP Security Patch Day - March 2025 vom 2025-03-10",
"url": "https://support.sap.com/en/my-support/knowledge-base/security-notes-news/march-2025.html"
}
],
"source_lang": "en-US",
"title": "SAP Patchday M\u00e4rz 2025: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-03-10T23:00:00.000+00:00",
"generator": {
"date": "2025-03-11T11:40:17.201+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.12"
}
},
"id": "WID-SEC-W-2025-0521",
"initial_release_date": "2025-03-10T23:00:00.000+00:00",
"revision_history": [
{
"date": "2025-03-10T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "SAP Software",
"product": {
"name": "SAP Software",
"product_id": "T041721",
"product_identification_helper": {
"cpe": "cpe:/a:sap:sap:-"
}
}
}
],
"category": "vendor",
"name": "SAP"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-38286",
"product_status": {
"known_affected": [
"T041721"
]
},
"release_date": "2025-03-10T23:00:00.000+00:00",
"title": "CVE-2024-38286"
},
{
"cve": "CVE-2024-38819",
"product_status": {
"known_affected": [
"T041721"
]
},
"release_date": "2025-03-10T23:00:00.000+00:00",
"title": "CVE-2024-38819"
},
{
"cve": "CVE-2024-38820",
"product_status": {
"known_affected": [
"T041721"
]
},
"release_date": "2025-03-10T23:00:00.000+00:00",
"title": "CVE-2024-38820"
},
{
"cve": "CVE-2024-39592",
"product_status": {
"known_affected": [
"T041721"
]
},
"release_date": "2025-03-10T23:00:00.000+00:00",
"title": "CVE-2024-39592"
},
{
"cve": "CVE-2024-41736",
"product_status": {
"known_affected": [
"T041721"
]
},
"release_date": "2025-03-10T23:00:00.000+00:00",
"title": "CVE-2024-41736"
},
{
"cve": "CVE-2024-52316",
"product_status": {
"known_affected": [
"T041721"
]
},
"release_date": "2025-03-10T23:00:00.000+00:00",
"title": "CVE-2024-52316"
},
{
"cve": "CVE-2025-0062",
"product_status": {
"known_affected": [
"T041721"
]
},
"release_date": "2025-03-10T23:00:00.000+00:00",
"title": "CVE-2025-0062"
},
{
"cve": "CVE-2025-0071",
"product_status": {
"known_affected": [
"T041721"
]
},
"release_date": "2025-03-10T23:00:00.000+00:00",
"title": "CVE-2025-0071"
},
{
"cve": "CVE-2025-23185",
"product_status": {
"known_affected": [
"T041721"
]
},
"release_date": "2025-03-10T23:00:00.000+00:00",
"title": "CVE-2025-23185"
},
{
"cve": "CVE-2025-23188",
"product_status": {
"known_affected": [
"T041721"
]
},
"release_date": "2025-03-10T23:00:00.000+00:00",
"title": "CVE-2025-23188"
},
{
"cve": "CVE-2025-23194",
"product_status": {
"known_affected": [
"T041721"
]
},
"release_date": "2025-03-10T23:00:00.000+00:00",
"title": "CVE-2025-23194"
},
{
"cve": "CVE-2025-24876",
"product_status": {
"known_affected": [
"T041721"
]
},
"release_date": "2025-03-10T23:00:00.000+00:00",
"title": "CVE-2025-24876"
},
{
"cve": "CVE-2025-25242",
"product_status": {
"known_affected": [
"T041721"
]
},
"release_date": "2025-03-10T23:00:00.000+00:00",
"title": "CVE-2025-25242"
},
{
"cve": "CVE-2025-25244",
"product_status": {
"known_affected": [
"T041721"
]
},
"release_date": "2025-03-10T23:00:00.000+00:00",
"title": "CVE-2025-25244"
},
{
"cve": "CVE-2025-25245",
"product_status": {
"known_affected": [
"T041721"
]
},
"release_date": "2025-03-10T23:00:00.000+00:00",
"title": "CVE-2025-25245"
},
{
"cve": "CVE-2025-26655",
"product_status": {
"known_affected": [
"T041721"
]
},
"release_date": "2025-03-10T23:00:00.000+00:00",
"title": "CVE-2025-26655"
},
{
"cve": "CVE-2025-26656",
"product_status": {
"known_affected": [
"T041721"
]
},
"release_date": "2025-03-10T23:00:00.000+00:00",
"title": "CVE-2025-26656"
},
{
"cve": "CVE-2025-26658",
"product_status": {
"known_affected": [
"T041721"
]
},
"release_date": "2025-03-10T23:00:00.000+00:00",
"title": "CVE-2025-26658"
},
{
"cve": "CVE-2025-26659",
"product_status": {
"known_affected": [
"T041721"
]
},
"release_date": "2025-03-10T23:00:00.000+00:00",
"title": "CVE-2025-26659"
},
{
"cve": "CVE-2025-26660",
"product_status": {
"known_affected": [
"T041721"
]
},
"release_date": "2025-03-10T23:00:00.000+00:00",
"title": "CVE-2025-26660"
},
{
"cve": "CVE-2025-26661",
"product_status": {
"known_affected": [
"T041721"
]
},
"release_date": "2025-03-10T23:00:00.000+00:00",
"title": "CVE-2025-26661"
},
{
"cve": "CVE-2025-27430",
"product_status": {
"known_affected": [
"T041721"
]
},
"release_date": "2025-03-10T23:00:00.000+00:00",
"title": "CVE-2025-27430"
},
{
"cve": "CVE-2025-27431",
"product_status": {
"known_affected": [
"T041721"
]
},
"release_date": "2025-03-10T23:00:00.000+00:00",
"title": "CVE-2025-27431"
},
{
"cve": "CVE-2025-27432",
"product_status": {
"known_affected": [
"T041721"
]
},
"release_date": "2025-03-10T23:00:00.000+00:00",
"title": "CVE-2025-27432"
},
{
"cve": "CVE-2025-27433",
"product_status": {
"known_affected": [
"T041721"
]
},
"release_date": "2025-03-10T23:00:00.000+00:00",
"title": "CVE-2025-27433"
},
{
"cve": "CVE-2025-27434",
"product_status": {
"known_affected": [
"T041721"
]
},
"release_date": "2025-03-10T23:00:00.000+00:00",
"title": "CVE-2025-27434"
},
{
"cve": "CVE-2025-27436",
"product_status": {
"known_affected": [
"T041721"
]
},
"release_date": "2025-03-10T23:00:00.000+00:00",
"title": "CVE-2025-27436"
}
]
}
WID-SEC-W-2025-0819
Vulnerability from csaf_certbund - Published: 2025-04-15 22:00 - Updated: 2025-04-15 22:00Summary
Oracle Financial Services Applications: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Oracle Financial Services ist eine Zusammenstellung von Anwendungen für den Finanzsektor und eine Technologiebasis zur Erfüllung von IT- und Geschäftsanforderungen.
Angriff: Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Financial Services Applications ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme: - Linux
- UNIX
- Windows
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0
|
2.9.0.0.0-7.0.0.0.0 | |
|
Oracle Financial Services Applications 6.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:6.1.0.0.0
|
6.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.7.0
|
8.1.2.7.0 | |
|
Oracle Financial Services Applications 8.1.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.4
|
8.1.1.4 | |
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
8.0.8 | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
8.0.8.1 | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
8.1.2.5 | |
|
Oracle Financial Services Applications 5.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:5.1.0.0.0
|
5.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.9
|
8.1.2.9 | |
|
Oracle Financial Services Applications 8.1.2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.8
|
8.1.2.8 | |
|
Oracle Financial Services Applications 14.7.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.7.0
|
14.7.0.7.0 | |
|
Oracle Financial Services Applications 14.5.0.0.0-14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
14.5.0.0.0-14.7.0.0.0 | |
|
Oracle Financial Services Applications 22.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2.0.0.0
|
22.2.0.0.0 | |
|
Oracle Financial Services Applications 8.0.8.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.6
|
8.0.8.6 | |
|
Oracle Financial Services Applications 8.0.7.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8
|
8.0.7.8 | |
|
Oracle Financial Services Applications 21.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1.0.0.0
|
21.1.0.0.0 | |
|
Oracle Financial Services Applications 7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:7.0.0.0.0
|
7.0.0.0.0 | |
|
Oracle Financial Services Applications 22.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1.0.0.0
|
22.1.0.0.0 |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0
|
2.9.0.0.0-7.0.0.0.0 | |
|
Oracle Financial Services Applications 6.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:6.1.0.0.0
|
6.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.7.0
|
8.1.2.7.0 | |
|
Oracle Financial Services Applications 8.1.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.4
|
8.1.1.4 | |
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
8.0.8 | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
8.0.8.1 | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
8.1.2.5 | |
|
Oracle Financial Services Applications 5.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:5.1.0.0.0
|
5.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.9
|
8.1.2.9 | |
|
Oracle Financial Services Applications 8.1.2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.8
|
8.1.2.8 | |
|
Oracle Financial Services Applications 14.7.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.7.0
|
14.7.0.7.0 | |
|
Oracle Financial Services Applications 14.5.0.0.0-14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
14.5.0.0.0-14.7.0.0.0 | |
|
Oracle Financial Services Applications 22.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2.0.0.0
|
22.2.0.0.0 | |
|
Oracle Financial Services Applications 8.0.8.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.6
|
8.0.8.6 | |
|
Oracle Financial Services Applications 8.0.7.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8
|
8.0.7.8 | |
|
Oracle Financial Services Applications 21.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1.0.0.0
|
21.1.0.0.0 | |
|
Oracle Financial Services Applications 7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:7.0.0.0.0
|
7.0.0.0.0 | |
|
Oracle Financial Services Applications 22.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1.0.0.0
|
22.1.0.0.0 |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0
|
2.9.0.0.0-7.0.0.0.0 | |
|
Oracle Financial Services Applications 6.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:6.1.0.0.0
|
6.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.7.0
|
8.1.2.7.0 | |
|
Oracle Financial Services Applications 8.1.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.4
|
8.1.1.4 | |
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
8.0.8 | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
8.0.8.1 | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
8.1.2.5 | |
|
Oracle Financial Services Applications 5.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:5.1.0.0.0
|
5.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.9
|
8.1.2.9 | |
|
Oracle Financial Services Applications 8.1.2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.8
|
8.1.2.8 | |
|
Oracle Financial Services Applications 14.7.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.7.0
|
14.7.0.7.0 | |
|
Oracle Financial Services Applications 14.5.0.0.0-14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
14.5.0.0.0-14.7.0.0.0 | |
|
Oracle Financial Services Applications 22.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2.0.0.0
|
22.2.0.0.0 | |
|
Oracle Financial Services Applications 8.0.8.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.6
|
8.0.8.6 | |
|
Oracle Financial Services Applications 8.0.7.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8
|
8.0.7.8 | |
|
Oracle Financial Services Applications 21.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1.0.0.0
|
21.1.0.0.0 | |
|
Oracle Financial Services Applications 7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:7.0.0.0.0
|
7.0.0.0.0 | |
|
Oracle Financial Services Applications 22.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1.0.0.0
|
22.1.0.0.0 |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0
|
2.9.0.0.0-7.0.0.0.0 | |
|
Oracle Financial Services Applications 6.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:6.1.0.0.0
|
6.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.7.0
|
8.1.2.7.0 | |
|
Oracle Financial Services Applications 8.1.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.4
|
8.1.1.4 | |
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
8.0.8 | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
8.0.8.1 | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
8.1.2.5 | |
|
Oracle Financial Services Applications 5.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:5.1.0.0.0
|
5.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.9
|
8.1.2.9 | |
|
Oracle Financial Services Applications 8.1.2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.8
|
8.1.2.8 | |
|
Oracle Financial Services Applications 14.7.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.7.0
|
14.7.0.7.0 | |
|
Oracle Financial Services Applications 14.5.0.0.0-14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
14.5.0.0.0-14.7.0.0.0 | |
|
Oracle Financial Services Applications 22.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2.0.0.0
|
22.2.0.0.0 | |
|
Oracle Financial Services Applications 8.0.8.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.6
|
8.0.8.6 | |
|
Oracle Financial Services Applications 8.0.7.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8
|
8.0.7.8 | |
|
Oracle Financial Services Applications 21.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1.0.0.0
|
21.1.0.0.0 | |
|
Oracle Financial Services Applications 7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:7.0.0.0.0
|
7.0.0.0.0 | |
|
Oracle Financial Services Applications 22.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1.0.0.0
|
22.1.0.0.0 |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0
|
2.9.0.0.0-7.0.0.0.0 | |
|
Oracle Financial Services Applications 6.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:6.1.0.0.0
|
6.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.7.0
|
8.1.2.7.0 | |
|
Oracle Financial Services Applications 8.1.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.4
|
8.1.1.4 | |
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
8.0.8 | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
8.0.8.1 | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
8.1.2.5 | |
|
Oracle Financial Services Applications 5.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:5.1.0.0.0
|
5.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.9
|
8.1.2.9 | |
|
Oracle Financial Services Applications 8.1.2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.8
|
8.1.2.8 | |
|
Oracle Financial Services Applications 14.7.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.7.0
|
14.7.0.7.0 | |
|
Oracle Financial Services Applications 14.5.0.0.0-14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
14.5.0.0.0-14.7.0.0.0 | |
|
Oracle Financial Services Applications 22.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2.0.0.0
|
22.2.0.0.0 | |
|
Oracle Financial Services Applications 8.0.8.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.6
|
8.0.8.6 | |
|
Oracle Financial Services Applications 8.0.7.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8
|
8.0.7.8 | |
|
Oracle Financial Services Applications 21.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1.0.0.0
|
21.1.0.0.0 | |
|
Oracle Financial Services Applications 7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:7.0.0.0.0
|
7.0.0.0.0 | |
|
Oracle Financial Services Applications 22.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1.0.0.0
|
22.1.0.0.0 |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0
|
2.9.0.0.0-7.0.0.0.0 | |
|
Oracle Financial Services Applications 6.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:6.1.0.0.0
|
6.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.7.0
|
8.1.2.7.0 | |
|
Oracle Financial Services Applications 8.1.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.4
|
8.1.1.4 | |
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
8.0.8 | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
8.0.8.1 | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
8.1.2.5 | |
|
Oracle Financial Services Applications 5.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:5.1.0.0.0
|
5.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.9
|
8.1.2.9 | |
|
Oracle Financial Services Applications 8.1.2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.8
|
8.1.2.8 | |
|
Oracle Financial Services Applications 14.7.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.7.0
|
14.7.0.7.0 | |
|
Oracle Financial Services Applications 14.5.0.0.0-14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
14.5.0.0.0-14.7.0.0.0 | |
|
Oracle Financial Services Applications 22.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2.0.0.0
|
22.2.0.0.0 | |
|
Oracle Financial Services Applications 8.0.8.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.6
|
8.0.8.6 | |
|
Oracle Financial Services Applications 8.0.7.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8
|
8.0.7.8 | |
|
Oracle Financial Services Applications 21.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1.0.0.0
|
21.1.0.0.0 | |
|
Oracle Financial Services Applications 7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:7.0.0.0.0
|
7.0.0.0.0 | |
|
Oracle Financial Services Applications 22.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1.0.0.0
|
22.1.0.0.0 |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0
|
2.9.0.0.0-7.0.0.0.0 | |
|
Oracle Financial Services Applications 6.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:6.1.0.0.0
|
6.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.7.0
|
8.1.2.7.0 | |
|
Oracle Financial Services Applications 8.1.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.4
|
8.1.1.4 | |
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
8.0.8 | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
8.0.8.1 | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
8.1.2.5 | |
|
Oracle Financial Services Applications 5.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:5.1.0.0.0
|
5.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.9
|
8.1.2.9 | |
|
Oracle Financial Services Applications 8.1.2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.8
|
8.1.2.8 | |
|
Oracle Financial Services Applications 14.7.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.7.0
|
14.7.0.7.0 | |
|
Oracle Financial Services Applications 14.5.0.0.0-14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
14.5.0.0.0-14.7.0.0.0 | |
|
Oracle Financial Services Applications 22.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2.0.0.0
|
22.2.0.0.0 | |
|
Oracle Financial Services Applications 8.0.8.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.6
|
8.0.8.6 | |
|
Oracle Financial Services Applications 8.0.7.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8
|
8.0.7.8 | |
|
Oracle Financial Services Applications 21.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1.0.0.0
|
21.1.0.0.0 | |
|
Oracle Financial Services Applications 7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:7.0.0.0.0
|
7.0.0.0.0 | |
|
Oracle Financial Services Applications 22.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1.0.0.0
|
22.1.0.0.0 |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0
|
2.9.0.0.0-7.0.0.0.0 | |
|
Oracle Financial Services Applications 6.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:6.1.0.0.0
|
6.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.7.0
|
8.1.2.7.0 | |
|
Oracle Financial Services Applications 8.1.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.4
|
8.1.1.4 | |
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
8.0.8 | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
8.0.8.1 | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
8.1.2.5 | |
|
Oracle Financial Services Applications 5.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:5.1.0.0.0
|
5.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.9
|
8.1.2.9 | |
|
Oracle Financial Services Applications 8.1.2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.8
|
8.1.2.8 | |
|
Oracle Financial Services Applications 14.7.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.7.0
|
14.7.0.7.0 | |
|
Oracle Financial Services Applications 14.5.0.0.0-14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
14.5.0.0.0-14.7.0.0.0 | |
|
Oracle Financial Services Applications 22.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2.0.0.0
|
22.2.0.0.0 | |
|
Oracle Financial Services Applications 8.0.8.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.6
|
8.0.8.6 | |
|
Oracle Financial Services Applications 8.0.7.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8
|
8.0.7.8 | |
|
Oracle Financial Services Applications 21.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1.0.0.0
|
21.1.0.0.0 | |
|
Oracle Financial Services Applications 7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:7.0.0.0.0
|
7.0.0.0.0 | |
|
Oracle Financial Services Applications 22.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1.0.0.0
|
22.1.0.0.0 |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0
|
2.9.0.0.0-7.0.0.0.0 | |
|
Oracle Financial Services Applications 6.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:6.1.0.0.0
|
6.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.7.0
|
8.1.2.7.0 | |
|
Oracle Financial Services Applications 8.1.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.4
|
8.1.1.4 | |
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
8.0.8 | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
8.0.8.1 | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
8.1.2.5 | |
|
Oracle Financial Services Applications 5.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:5.1.0.0.0
|
5.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.9
|
8.1.2.9 | |
|
Oracle Financial Services Applications 8.1.2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.8
|
8.1.2.8 | |
|
Oracle Financial Services Applications 14.7.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.7.0
|
14.7.0.7.0 | |
|
Oracle Financial Services Applications 14.5.0.0.0-14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
14.5.0.0.0-14.7.0.0.0 | |
|
Oracle Financial Services Applications 22.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2.0.0.0
|
22.2.0.0.0 | |
|
Oracle Financial Services Applications 8.0.8.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.6
|
8.0.8.6 | |
|
Oracle Financial Services Applications 8.0.7.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8
|
8.0.7.8 | |
|
Oracle Financial Services Applications 21.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1.0.0.0
|
21.1.0.0.0 | |
|
Oracle Financial Services Applications 7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:7.0.0.0.0
|
7.0.0.0.0 | |
|
Oracle Financial Services Applications 22.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1.0.0.0
|
22.1.0.0.0 |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0
|
2.9.0.0.0-7.0.0.0.0 | |
|
Oracle Financial Services Applications 6.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:6.1.0.0.0
|
6.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.7.0
|
8.1.2.7.0 | |
|
Oracle Financial Services Applications 8.1.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.4
|
8.1.1.4 | |
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
8.0.8 | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
8.0.8.1 | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
8.1.2.5 | |
|
Oracle Financial Services Applications 5.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:5.1.0.0.0
|
5.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.9
|
8.1.2.9 | |
|
Oracle Financial Services Applications 8.1.2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.8
|
8.1.2.8 | |
|
Oracle Financial Services Applications 14.7.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.7.0
|
14.7.0.7.0 | |
|
Oracle Financial Services Applications 14.5.0.0.0-14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
14.5.0.0.0-14.7.0.0.0 | |
|
Oracle Financial Services Applications 22.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2.0.0.0
|
22.2.0.0.0 | |
|
Oracle Financial Services Applications 8.0.8.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.6
|
8.0.8.6 | |
|
Oracle Financial Services Applications 8.0.7.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8
|
8.0.7.8 | |
|
Oracle Financial Services Applications 21.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1.0.0.0
|
21.1.0.0.0 | |
|
Oracle Financial Services Applications 7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:7.0.0.0.0
|
7.0.0.0.0 | |
|
Oracle Financial Services Applications 22.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1.0.0.0
|
22.1.0.0.0 |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0
|
2.9.0.0.0-7.0.0.0.0 | |
|
Oracle Financial Services Applications 6.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:6.1.0.0.0
|
6.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.7.0
|
8.1.2.7.0 | |
|
Oracle Financial Services Applications 8.1.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.4
|
8.1.1.4 | |
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
8.0.8 | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
8.0.8.1 | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
8.1.2.5 | |
|
Oracle Financial Services Applications 5.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:5.1.0.0.0
|
5.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.9
|
8.1.2.9 | |
|
Oracle Financial Services Applications 8.1.2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.8
|
8.1.2.8 | |
|
Oracle Financial Services Applications 14.7.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.7.0
|
14.7.0.7.0 | |
|
Oracle Financial Services Applications 14.5.0.0.0-14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
14.5.0.0.0-14.7.0.0.0 | |
|
Oracle Financial Services Applications 22.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2.0.0.0
|
22.2.0.0.0 | |
|
Oracle Financial Services Applications 8.0.8.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.6
|
8.0.8.6 | |
|
Oracle Financial Services Applications 8.0.7.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8
|
8.0.7.8 | |
|
Oracle Financial Services Applications 21.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1.0.0.0
|
21.1.0.0.0 | |
|
Oracle Financial Services Applications 7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:7.0.0.0.0
|
7.0.0.0.0 | |
|
Oracle Financial Services Applications 22.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1.0.0.0
|
22.1.0.0.0 |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0
|
2.9.0.0.0-7.0.0.0.0 | |
|
Oracle Financial Services Applications 6.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:6.1.0.0.0
|
6.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.7.0
|
8.1.2.7.0 | |
|
Oracle Financial Services Applications 8.1.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.4
|
8.1.1.4 | |
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
8.0.8 | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
8.0.8.1 | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
8.1.2.5 | |
|
Oracle Financial Services Applications 5.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:5.1.0.0.0
|
5.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.9
|
8.1.2.9 | |
|
Oracle Financial Services Applications 8.1.2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.8
|
8.1.2.8 | |
|
Oracle Financial Services Applications 14.7.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.7.0
|
14.7.0.7.0 | |
|
Oracle Financial Services Applications 14.5.0.0.0-14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
14.5.0.0.0-14.7.0.0.0 | |
|
Oracle Financial Services Applications 22.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2.0.0.0
|
22.2.0.0.0 | |
|
Oracle Financial Services Applications 8.0.8.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.6
|
8.0.8.6 | |
|
Oracle Financial Services Applications 8.0.7.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8
|
8.0.7.8 | |
|
Oracle Financial Services Applications 21.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1.0.0.0
|
21.1.0.0.0 | |
|
Oracle Financial Services Applications 7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:7.0.0.0.0
|
7.0.0.0.0 | |
|
Oracle Financial Services Applications 22.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1.0.0.0
|
22.1.0.0.0 |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0
|
2.9.0.0.0-7.0.0.0.0 | |
|
Oracle Financial Services Applications 6.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:6.1.0.0.0
|
6.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.7.0
|
8.1.2.7.0 | |
|
Oracle Financial Services Applications 8.1.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.4
|
8.1.1.4 | |
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
8.0.8 | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
8.0.8.1 | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
8.1.2.5 | |
|
Oracle Financial Services Applications 5.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:5.1.0.0.0
|
5.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.9
|
8.1.2.9 | |
|
Oracle Financial Services Applications 8.1.2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.8
|
8.1.2.8 | |
|
Oracle Financial Services Applications 14.7.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.7.0
|
14.7.0.7.0 | |
|
Oracle Financial Services Applications 14.5.0.0.0-14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
14.5.0.0.0-14.7.0.0.0 | |
|
Oracle Financial Services Applications 22.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2.0.0.0
|
22.2.0.0.0 | |
|
Oracle Financial Services Applications 8.0.8.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.6
|
8.0.8.6 | |
|
Oracle Financial Services Applications 8.0.7.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8
|
8.0.7.8 | |
|
Oracle Financial Services Applications 21.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1.0.0.0
|
21.1.0.0.0 | |
|
Oracle Financial Services Applications 7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:7.0.0.0.0
|
7.0.0.0.0 | |
|
Oracle Financial Services Applications 22.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1.0.0.0
|
22.1.0.0.0 |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0
|
2.9.0.0.0-7.0.0.0.0 | |
|
Oracle Financial Services Applications 6.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:6.1.0.0.0
|
6.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.7.0
|
8.1.2.7.0 | |
|
Oracle Financial Services Applications 8.1.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.4
|
8.1.1.4 | |
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
8.0.8 | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
8.0.8.1 | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
8.1.2.5 | |
|
Oracle Financial Services Applications 5.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:5.1.0.0.0
|
5.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.9
|
8.1.2.9 | |
|
Oracle Financial Services Applications 8.1.2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.8
|
8.1.2.8 | |
|
Oracle Financial Services Applications 14.7.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.7.0
|
14.7.0.7.0 | |
|
Oracle Financial Services Applications 14.5.0.0.0-14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
14.5.0.0.0-14.7.0.0.0 | |
|
Oracle Financial Services Applications 22.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2.0.0.0
|
22.2.0.0.0 | |
|
Oracle Financial Services Applications 8.0.8.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.6
|
8.0.8.6 | |
|
Oracle Financial Services Applications 8.0.7.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8
|
8.0.7.8 | |
|
Oracle Financial Services Applications 21.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1.0.0.0
|
21.1.0.0.0 | |
|
Oracle Financial Services Applications 7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:7.0.0.0.0
|
7.0.0.0.0 | |
|
Oracle Financial Services Applications 22.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1.0.0.0
|
22.1.0.0.0 |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0
|
2.9.0.0.0-7.0.0.0.0 | |
|
Oracle Financial Services Applications 6.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:6.1.0.0.0
|
6.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.7.0
|
8.1.2.7.0 | |
|
Oracle Financial Services Applications 8.1.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.4
|
8.1.1.4 | |
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
8.0.8 | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
8.0.8.1 | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
8.1.2.5 | |
|
Oracle Financial Services Applications 5.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:5.1.0.0.0
|
5.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.9
|
8.1.2.9 | |
|
Oracle Financial Services Applications 8.1.2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.8
|
8.1.2.8 | |
|
Oracle Financial Services Applications 14.7.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.7.0
|
14.7.0.7.0 | |
|
Oracle Financial Services Applications 14.5.0.0.0-14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
14.5.0.0.0-14.7.0.0.0 | |
|
Oracle Financial Services Applications 22.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2.0.0.0
|
22.2.0.0.0 | |
|
Oracle Financial Services Applications 8.0.8.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.6
|
8.0.8.6 | |
|
Oracle Financial Services Applications 8.0.7.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8
|
8.0.7.8 | |
|
Oracle Financial Services Applications 21.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1.0.0.0
|
21.1.0.0.0 | |
|
Oracle Financial Services Applications 7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:7.0.0.0.0
|
7.0.0.0.0 | |
|
Oracle Financial Services Applications 22.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1.0.0.0
|
22.1.0.0.0 |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0
|
2.9.0.0.0-7.0.0.0.0 | |
|
Oracle Financial Services Applications 6.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:6.1.0.0.0
|
6.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.7.0
|
8.1.2.7.0 | |
|
Oracle Financial Services Applications 8.1.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.4
|
8.1.1.4 | |
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
8.0.8 | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
8.0.8.1 | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
8.1.2.5 | |
|
Oracle Financial Services Applications 5.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:5.1.0.0.0
|
5.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.9
|
8.1.2.9 | |
|
Oracle Financial Services Applications 8.1.2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.8
|
8.1.2.8 | |
|
Oracle Financial Services Applications 14.7.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.7.0
|
14.7.0.7.0 | |
|
Oracle Financial Services Applications 14.5.0.0.0-14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
14.5.0.0.0-14.7.0.0.0 | |
|
Oracle Financial Services Applications 22.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2.0.0.0
|
22.2.0.0.0 | |
|
Oracle Financial Services Applications 8.0.8.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.6
|
8.0.8.6 | |
|
Oracle Financial Services Applications 8.0.7.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8
|
8.0.7.8 | |
|
Oracle Financial Services Applications 21.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1.0.0.0
|
21.1.0.0.0 | |
|
Oracle Financial Services Applications 7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:7.0.0.0.0
|
7.0.0.0.0 | |
|
Oracle Financial Services Applications 22.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1.0.0.0
|
22.1.0.0.0 |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0
|
2.9.0.0.0-7.0.0.0.0 | |
|
Oracle Financial Services Applications 6.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:6.1.0.0.0
|
6.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.7.0
|
8.1.2.7.0 | |
|
Oracle Financial Services Applications 8.1.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.4
|
8.1.1.4 | |
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
8.0.8 | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
8.0.8.1 | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
8.1.2.5 | |
|
Oracle Financial Services Applications 5.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:5.1.0.0.0
|
5.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.9
|
8.1.2.9 | |
|
Oracle Financial Services Applications 8.1.2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.8
|
8.1.2.8 | |
|
Oracle Financial Services Applications 14.7.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.7.0
|
14.7.0.7.0 | |
|
Oracle Financial Services Applications 14.5.0.0.0-14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
14.5.0.0.0-14.7.0.0.0 | |
|
Oracle Financial Services Applications 22.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2.0.0.0
|
22.2.0.0.0 | |
|
Oracle Financial Services Applications 8.0.8.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.6
|
8.0.8.6 | |
|
Oracle Financial Services Applications 8.0.7.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8
|
8.0.7.8 | |
|
Oracle Financial Services Applications 21.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1.0.0.0
|
21.1.0.0.0 | |
|
Oracle Financial Services Applications 7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:7.0.0.0.0
|
7.0.0.0.0 | |
|
Oracle Financial Services Applications 22.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1.0.0.0
|
22.1.0.0.0 |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0
|
2.9.0.0.0-7.0.0.0.0 | |
|
Oracle Financial Services Applications 6.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:6.1.0.0.0
|
6.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.7.0
|
8.1.2.7.0 | |
|
Oracle Financial Services Applications 8.1.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.4
|
8.1.1.4 | |
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
8.0.8 | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
8.0.8.1 | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
8.1.2.5 | |
|
Oracle Financial Services Applications 5.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:5.1.0.0.0
|
5.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.9
|
8.1.2.9 | |
|
Oracle Financial Services Applications 8.1.2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.8
|
8.1.2.8 | |
|
Oracle Financial Services Applications 14.7.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.7.0
|
14.7.0.7.0 | |
|
Oracle Financial Services Applications 14.5.0.0.0-14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
14.5.0.0.0-14.7.0.0.0 | |
|
Oracle Financial Services Applications 22.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2.0.0.0
|
22.2.0.0.0 | |
|
Oracle Financial Services Applications 8.0.8.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.6
|
8.0.8.6 | |
|
Oracle Financial Services Applications 8.0.7.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8
|
8.0.7.8 | |
|
Oracle Financial Services Applications 21.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1.0.0.0
|
21.1.0.0.0 | |
|
Oracle Financial Services Applications 7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:7.0.0.0.0
|
7.0.0.0.0 | |
|
Oracle Financial Services Applications 22.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1.0.0.0
|
22.1.0.0.0 |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0
|
2.9.0.0.0-7.0.0.0.0 | |
|
Oracle Financial Services Applications 6.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:6.1.0.0.0
|
6.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.7.0
|
8.1.2.7.0 | |
|
Oracle Financial Services Applications 8.1.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.4
|
8.1.1.4 | |
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
8.0.8 | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
8.0.8.1 | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
8.1.2.5 | |
|
Oracle Financial Services Applications 5.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:5.1.0.0.0
|
5.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.9
|
8.1.2.9 | |
|
Oracle Financial Services Applications 8.1.2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.8
|
8.1.2.8 | |
|
Oracle Financial Services Applications 14.7.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.7.0
|
14.7.0.7.0 | |
|
Oracle Financial Services Applications 14.5.0.0.0-14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
14.5.0.0.0-14.7.0.0.0 | |
|
Oracle Financial Services Applications 22.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2.0.0.0
|
22.2.0.0.0 | |
|
Oracle Financial Services Applications 8.0.8.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.6
|
8.0.8.6 | |
|
Oracle Financial Services Applications 8.0.7.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8
|
8.0.7.8 | |
|
Oracle Financial Services Applications 21.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1.0.0.0
|
21.1.0.0.0 | |
|
Oracle Financial Services Applications 7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:7.0.0.0.0
|
7.0.0.0.0 | |
|
Oracle Financial Services Applications 22.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1.0.0.0
|
22.1.0.0.0 |
References
3 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Oracle Financial Services ist eine Zusammenstellung von Anwendungen f\u00fcr den Finanzsektor und eine Technologiebasis zur Erf\u00fcllung von IT- und Gesch\u00e4ftsanforderungen.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Financial Services Applications ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-0819 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0819.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-0819 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0819"
},
{
"category": "external",
"summary": "Oracle Critical Patch Update Advisory - April 2025 - Appendix Oracle Financial Services Applications vom 2025-04-15",
"url": "https://www.oracle.com/security-alerts/cpuapr2025.html#AppendixIFLX"
}
],
"source_lang": "en-US",
"title": "Oracle Financial Services Applications: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-04-15T22:00:00.000+00:00",
"generator": {
"date": "2025-04-16T09:16:23.001+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.12"
}
},
"id": "WID-SEC-W-2025-0819",
"initial_release_date": "2025-04-15T22:00:00.000+00:00",
"revision_history": [
{
"date": "2025-04-15T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "8.0.8",
"product": {
"name": "Oracle Financial Services Applications 8.0.8",
"product_id": "T021677",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.0.8"
}
}
},
{
"category": "product_version",
"name": "8.0.8.1",
"product": {
"name": "Oracle Financial Services Applications 8.0.8.1",
"product_id": "T022844",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.0.8.1"
}
}
},
{
"category": "product_version",
"name": "21.1.0.0.0",
"product": {
"name": "Oracle Financial Services Applications 21.1.0.0.0",
"product_id": "T028695",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:21.1.0.0.0"
}
}
},
{
"category": "product_version",
"name": "22.1.0.0.0",
"product": {
"name": "Oracle Financial Services Applications 22.1.0.0.0",
"product_id": "T028696",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:22.1.0.0.0"
}
}
},
{
"category": "product_version",
"name": "22.2.0.0.0",
"product": {
"name": "Oracle Financial Services Applications 22.2.0.0.0",
"product_id": "T028697",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:22.2.0.0.0"
}
}
},
{
"category": "product_version",
"name": "14.5.0.0.0-14.7.0.0.0",
"product": {
"name": "Oracle Financial Services Applications 14.5.0.0.0-14.7.0.0.0",
"product_id": "T028702",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:14.7.0.0.0"
}
}
},
{
"category": "product_version",
"name": "8.1.2.5",
"product": {
"name": "Oracle Financial Services Applications 8.1.2.5",
"product_id": "T028706",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.1.2.5"
}
}
},
{
"category": "product_version",
"name": "6.1.0.0.0",
"product": {
"name": "Oracle Financial Services Applications 6.1.0.0.0",
"product_id": "T036223",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:6.1.0.0.0"
}
}
},
{
"category": "product_version",
"name": "8.1.2.8",
"product": {
"name": "Oracle Financial Services Applications 8.1.2.8",
"product_id": "T038392",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.1.2.8"
}
}
},
{
"category": "product_version",
"name": "7.0.0.0.0",
"product": {
"name": "Oracle Financial Services Applications 7.0.0.0.0",
"product_id": "T040463",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:7.0.0.0.0"
}
}
},
{
"category": "product_version",
"name": "8.0.7.8",
"product": {
"name": "Oracle Financial Services Applications 8.0.7.8",
"product_id": "T040464",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.0.7.8"
}
}
},
{
"category": "product_version",
"name": "8.0.8.6",
"product": {
"name": "Oracle Financial Services Applications 8.0.8.6",
"product_id": "T040465",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.0.8.6"
}
}
},
{
"category": "product_version",
"name": "2.9.0.0.0-7.0.0.0.0",
"product": {
"name": "Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0",
"product_id": "T040516",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0"
}
}
},
{
"category": "product_version",
"name": "8.1.2.7.0",
"product": {
"name": "Oracle Financial Services Applications 8.1.2.7.0",
"product_id": "T042808",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.1.2.7.0"
}
}
},
{
"category": "product_version",
"name": "8.1.1.4",
"product": {
"name": "Oracle Financial Services Applications 8.1.1.4",
"product_id": "T042809",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.1.1.4"
}
}
},
{
"category": "product_version",
"name": "5.1.0.0.0",
"product": {
"name": "Oracle Financial Services Applications 5.1.0.0.0",
"product_id": "T042810",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:5.1.0.0.0"
}
}
},
{
"category": "product_version",
"name": "8.1.2.9",
"product": {
"name": "Oracle Financial Services Applications 8.1.2.9",
"product_id": "T042811",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.1.2.9"
}
}
},
{
"category": "product_version",
"name": "14.7.0.7.0",
"product": {
"name": "Oracle Financial Services Applications 14.7.0.7.0",
"product_id": "T042812",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:14.7.0.7.0"
}
}
}
],
"category": "product_name",
"name": "Financial Services Applications"
}
],
"category": "vendor",
"name": "Oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-28170",
"product_status": {
"known_affected": [
"T040516",
"T036223",
"T042808",
"T042809",
"T021677",
"T022844",
"T028706",
"T042810",
"T042811",
"T038392",
"T042812",
"T028702",
"T028697",
"T040465",
"T040464",
"T028695",
"T040463",
"T028696"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2021-28170"
},
{
"cve": "CVE-2023-39410",
"product_status": {
"known_affected": [
"T040516",
"T036223",
"T042808",
"T042809",
"T021677",
"T022844",
"T028706",
"T042810",
"T042811",
"T038392",
"T042812",
"T028702",
"T028697",
"T040465",
"T040464",
"T028695",
"T040463",
"T028696"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2023-39410"
},
{
"cve": "CVE-2023-49582",
"product_status": {
"known_affected": [
"T040516",
"T036223",
"T042808",
"T042809",
"T021677",
"T022844",
"T028706",
"T042810",
"T042811",
"T038392",
"T042812",
"T028702",
"T028697",
"T040465",
"T040464",
"T028695",
"T040463",
"T028696"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2023-49582"
},
{
"cve": "CVE-2024-28168",
"product_status": {
"known_affected": [
"T040516",
"T036223",
"T042808",
"T042809",
"T021677",
"T022844",
"T028706",
"T042810",
"T042811",
"T038392",
"T042812",
"T028702",
"T028697",
"T040465",
"T040464",
"T028695",
"T040463",
"T028696"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2024-28168"
},
{
"cve": "CVE-2024-28219",
"product_status": {
"known_affected": [
"T040516",
"T036223",
"T042808",
"T042809",
"T021677",
"T022844",
"T028706",
"T042810",
"T042811",
"T038392",
"T042812",
"T028702",
"T028697",
"T040465",
"T040464",
"T028695",
"T040463",
"T028696"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2024-28219"
},
{
"cve": "CVE-2024-35195",
"product_status": {
"known_affected": [
"T040516",
"T036223",
"T042808",
"T042809",
"T021677",
"T022844",
"T028706",
"T042810",
"T042811",
"T038392",
"T042812",
"T028702",
"T028697",
"T040465",
"T040464",
"T028695",
"T040463",
"T028696"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2024-35195"
},
{
"cve": "CVE-2024-37891",
"product_status": {
"known_affected": [
"T040516",
"T036223",
"T042808",
"T042809",
"T021677",
"T022844",
"T028706",
"T042810",
"T042811",
"T038392",
"T042812",
"T028702",
"T028697",
"T040465",
"T040464",
"T028695",
"T040463",
"T028696"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2024-37891"
},
{
"cve": "CVE-2024-38819",
"product_status": {
"known_affected": [
"T040516",
"T036223",
"T042808",
"T042809",
"T021677",
"T022844",
"T028706",
"T042810",
"T042811",
"T038392",
"T042812",
"T028702",
"T028697",
"T040465",
"T040464",
"T028695",
"T040463",
"T028696"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2024-38819"
},
{
"cve": "CVE-2024-38820",
"product_status": {
"known_affected": [
"T040516",
"T036223",
"T042808",
"T042809",
"T021677",
"T022844",
"T028706",
"T042810",
"T042811",
"T038392",
"T042812",
"T028702",
"T028697",
"T040465",
"T040464",
"T028695",
"T040463",
"T028696"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2024-38820"
},
{
"cve": "CVE-2024-38827",
"product_status": {
"known_affected": [
"T040516",
"T036223",
"T042808",
"T042809",
"T021677",
"T022844",
"T028706",
"T042810",
"T042811",
"T038392",
"T042812",
"T028702",
"T028697",
"T040465",
"T040464",
"T028695",
"T040463",
"T028696"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2024-38827"
},
{
"cve": "CVE-2024-47072",
"product_status": {
"known_affected": [
"T040516",
"T036223",
"T042808",
"T042809",
"T021677",
"T022844",
"T028706",
"T042810",
"T042811",
"T038392",
"T042812",
"T028702",
"T028697",
"T040465",
"T040464",
"T028695",
"T040463",
"T028696"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2024-47072"
},
{
"cve": "CVE-2024-47554",
"product_status": {
"known_affected": [
"T040516",
"T036223",
"T042808",
"T042809",
"T021677",
"T022844",
"T028706",
"T042810",
"T042811",
"T038392",
"T042812",
"T028702",
"T028697",
"T040465",
"T040464",
"T028695",
"T040463",
"T028696"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2024-47554"
},
{
"cve": "CVE-2024-5206",
"product_status": {
"known_affected": [
"T040516",
"T036223",
"T042808",
"T042809",
"T021677",
"T022844",
"T028706",
"T042810",
"T042811",
"T038392",
"T042812",
"T028702",
"T028697",
"T040465",
"T040464",
"T028695",
"T040463",
"T028696"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2024-5206"
},
{
"cve": "CVE-2024-56128",
"product_status": {
"known_affected": [
"T040516",
"T036223",
"T042808",
"T042809",
"T021677",
"T022844",
"T028706",
"T042810",
"T042811",
"T038392",
"T042812",
"T028702",
"T028697",
"T040465",
"T040464",
"T028695",
"T040463",
"T028696"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2024-56128"
},
{
"cve": "CVE-2024-56337",
"product_status": {
"known_affected": [
"T040516",
"T036223",
"T042808",
"T042809",
"T021677",
"T022844",
"T028706",
"T042810",
"T042811",
"T038392",
"T042812",
"T028702",
"T028697",
"T040465",
"T040464",
"T028695",
"T040463",
"T028696"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2024-56337"
},
{
"cve": "CVE-2024-57699",
"product_status": {
"known_affected": [
"T040516",
"T036223",
"T042808",
"T042809",
"T021677",
"T022844",
"T028706",
"T042810",
"T042811",
"T038392",
"T042812",
"T028702",
"T028697",
"T040465",
"T040464",
"T028695",
"T040463",
"T028696"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2024-57699"
},
{
"cve": "CVE-2025-21573",
"product_status": {
"known_affected": [
"T040516",
"T036223",
"T042808",
"T042809",
"T021677",
"T022844",
"T028706",
"T042810",
"T042811",
"T038392",
"T042812",
"T028702",
"T028697",
"T040465",
"T040464",
"T028695",
"T040463",
"T028696"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2025-21573"
},
{
"cve": "CVE-2025-23184",
"product_status": {
"known_affected": [
"T040516",
"T036223",
"T042808",
"T042809",
"T021677",
"T022844",
"T028706",
"T042810",
"T042811",
"T038392",
"T042812",
"T028702",
"T028697",
"T040465",
"T040464",
"T028695",
"T040463",
"T028696"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2025-23184"
},
{
"cve": "CVE-2025-24970",
"product_status": {
"known_affected": [
"T040516",
"T036223",
"T042808",
"T042809",
"T021677",
"T022844",
"T028706",
"T042810",
"T042811",
"T038392",
"T042812",
"T028702",
"T028697",
"T040465",
"T040464",
"T028695",
"T040463",
"T028696"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2025-24970"
}
]
}
WID-SEC-W-2026-0559
Vulnerability from csaf_certbund - Published: 2026-03-01 23:00 - Updated: 2026-03-01 23:00Summary
IBM Rational Build Forge: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: IBM Rational Build Forge ist ein Framework zur Automatisierung und Standardisierung des Softwareerstellungsprozesses
Angriff: Ein Angreifer kann mehrere Schwachstellen in IBM Rational Build Forge ausnutzen, um Sicherheitsvorkehrungen zu umgehen, um beliebigen Programmcode auszuführen, um einen Denial of Service Angriff durchzuführen, um Informationen offenzulegen, und um Dateien zu manipulieren.
Betroffene Betriebssysteme: - Linux
- UNIX
- Windows
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Rational Build Forge <8.0.0.29
IBM / Rational Build Forge
|
<8.0.0.29 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Rational Build Forge <8.0.0.29
IBM / Rational Build Forge
|
<8.0.0.29 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Rational Build Forge <8.0.0.29
IBM / Rational Build Forge
|
<8.0.0.29 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Rational Build Forge <8.0.0.29
IBM / Rational Build Forge
|
<8.0.0.29 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Rational Build Forge <8.0.0.29
IBM / Rational Build Forge
|
<8.0.0.29 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Rational Build Forge <8.0.0.29
IBM / Rational Build Forge
|
<8.0.0.29 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Rational Build Forge <8.0.0.29
IBM / Rational Build Forge
|
<8.0.0.29 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Rational Build Forge <8.0.0.29
IBM / Rational Build Forge
|
<8.0.0.29 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Rational Build Forge <8.0.0.29
IBM / Rational Build Forge
|
<8.0.0.29 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Rational Build Forge <8.0.0.29
IBM / Rational Build Forge
|
<8.0.0.29 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Rational Build Forge <8.0.0.29
IBM / Rational Build Forge
|
<8.0.0.29 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Rational Build Forge <8.0.0.29
IBM / Rational Build Forge
|
<8.0.0.29 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Rational Build Forge <8.0.0.29
IBM / Rational Build Forge
|
<8.0.0.29 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Rational Build Forge <8.0.0.29
IBM / Rational Build Forge
|
<8.0.0.29 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Rational Build Forge <8.0.0.29
IBM / Rational Build Forge
|
<8.0.0.29 |
References
3 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "IBM Rational Build Forge ist ein Framework zur Automatisierung und Standardisierung des Softwareerstellungsprozesses",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in IBM Rational Build Forge ausnutzen, um Sicherheitsvorkehrungen zu umgehen, um beliebigen Programmcode auszuf\u00fchren, um einen Denial of Service Angriff durchzuf\u00fchren, um Informationen offenzulegen, und um Dateien zu manipulieren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2026-0559 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0559.json"
},
{
"category": "self",
"summary": "WID-SEC-2026-0559 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0559"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7262249 vom 2026-03-01",
"url": "https://www.ibm.com/support/pages/node/7262249"
}
],
"source_lang": "en-US",
"title": "IBM Rational Build Forge: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-03-01T23:00:00.000+00:00",
"generator": {
"date": "2026-03-02T11:27:19.791+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2026-0559",
"initial_release_date": "2026-03-01T23:00:00.000+00:00",
"revision_history": [
{
"date": "2026-03-01T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c8.0.0.29",
"product": {
"name": "IBM Rational Build Forge \u003c8.0.0.29",
"product_id": "T051329"
}
},
{
"category": "product_version",
"name": "8.0.0.29",
"product": {
"name": "IBM Rational Build Forge 8.0.0.29",
"product_id": "T051329-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:rational_build_forge:8.0.0.29"
}
}
}
],
"category": "product_name",
"name": "Rational Build Forge"
}
],
"category": "vendor",
"name": "IBM"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-25031",
"product_status": {
"known_affected": [
"T051329"
]
},
"release_date": "2026-03-01T23:00:00.000+00:00",
"title": "CVE-2018-25031"
},
{
"cve": "CVE-2019-17495",
"product_status": {
"known_affected": [
"T051329"
]
},
"release_date": "2026-03-01T23:00:00.000+00:00",
"title": "CVE-2019-17495"
},
{
"cve": "CVE-2021-22060",
"product_status": {
"known_affected": [
"T051329"
]
},
"release_date": "2026-03-01T23:00:00.000+00:00",
"title": "CVE-2021-22060"
},
{
"cve": "CVE-2021-22096",
"product_status": {
"known_affected": [
"T051329"
]
},
"release_date": "2026-03-01T23:00:00.000+00:00",
"title": "CVE-2021-22096"
},
{
"cve": "CVE-2022-22968",
"product_status": {
"known_affected": [
"T051329"
]
},
"release_date": "2026-03-01T23:00:00.000+00:00",
"title": "CVE-2022-22968"
},
{
"cve": "CVE-2022-22970",
"product_status": {
"known_affected": [
"T051329"
]
},
"release_date": "2026-03-01T23:00:00.000+00:00",
"title": "CVE-2022-22970"
},
{
"cve": "CVE-2024-38820",
"product_status": {
"known_affected": [
"T051329"
]
},
"release_date": "2026-03-01T23:00:00.000+00:00",
"title": "CVE-2024-38820"
},
{
"cve": "CVE-2024-38828",
"product_status": {
"known_affected": [
"T051329"
]
},
"release_date": "2026-03-01T23:00:00.000+00:00",
"title": "CVE-2024-38828"
},
{
"cve": "CVE-2025-41248",
"product_status": {
"known_affected": [
"T051329"
]
},
"release_date": "2026-03-01T23:00:00.000+00:00",
"title": "CVE-2025-41248"
},
{
"cve": "CVE-2025-41249",
"product_status": {
"known_affected": [
"T051329"
]
},
"release_date": "2026-03-01T23:00:00.000+00:00",
"title": "CVE-2025-41249"
},
{
"cve": "CVE-2025-48734",
"product_status": {
"known_affected": [
"T051329"
]
},
"release_date": "2026-03-01T23:00:00.000+00:00",
"title": "CVE-2025-48734"
},
{
"cve": "CVE-2025-53057",
"product_status": {
"known_affected": [
"T051329"
]
},
"release_date": "2026-03-01T23:00:00.000+00:00",
"title": "CVE-2025-53057"
},
{
"cve": "CVE-2025-53066",
"product_status": {
"known_affected": [
"T051329"
]
},
"release_date": "2026-03-01T23:00:00.000+00:00",
"title": "CVE-2025-53066"
},
{
"cve": "CVE-2025-58754",
"product_status": {
"known_affected": [
"T051329"
]
},
"release_date": "2026-03-01T23:00:00.000+00:00",
"title": "CVE-2025-58754"
},
{
"cve": "CVE-2025-7783",
"product_status": {
"known_affected": [
"T051329"
]
},
"release_date": "2026-03-01T23:00:00.000+00:00",
"title": "CVE-2025-7783"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…