Vulnerability-Lookup

CVE-2022-34169 (GCVE-0-2022-34169)

Vulnerability from cvelistv5 – Published: 2022-07-19 00:00 – Updated: 2026-05-27 12:51

Title

Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets

Summary

The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.

Severity

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

SSVC

Exploitation: none Automatable: yes Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

integer truncation
CWE-681 - Incorrect Conversion between Numeric Types

Assigner

apache

References

24 references

URL	Tags
https://lists.apache.org/thread/2qvl7r43wb4t8p9dd…
https://lists.apache.org/thread/12pxy4phsry6c34x2…
http://www.openwall.com/lists/oss-security/2022/07/19/5	mailing-list
https://www.oracle.com/security-alerts/cpujul2022.html
http://www.openwall.com/lists/oss-security/2022/07/19/6	mailing-list
http://www.openwall.com/lists/oss-security/2022/07/20/2	mailing-list
http://www.openwall.com/lists/oss-security/2022/07/20/3	mailing-list
https://www.debian.org/security/2022/dsa-5188	vendor-advisory
https://www.debian.org/security/2022/dsa-5192	vendor-advisory
https://security.netapp.com/advisory/ntap-2022072…
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
http://packetstormsecurity.com/files/168186/Xalan…
http://www.openwall.com/lists/oss-security/2022/10/18/2	mailing-list
https://lists.debian.org/debian-lts-announce/2022…	mailing-list
https://www.debian.org/security/2022/dsa-5256	vendor-advisory
http://www.openwall.com/lists/oss-security/2022/11/04/8	mailing-list
http://www.openwall.com/lists/oss-security/2022/11/07/2	mailing-list
https://security.gentoo.org/glsa/202401-25
https://security.netapp.com/advisory/ntap-2024062…

Impacted products

1 product

Vendor	Product	Version
Apache Software Foundation	Apache Xalan-J	Affected: Xalan-J , ≤ 2.7.2 (custom)

Credits

Reported by Felix Wilhelm, Google Project Zero

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T08:16:17.277Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread/2qvl7r43wb4t8p9dd9om1bnkssk07sn8"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread/12pxy4phsry6c34x2ol4fft6xlho4kyw"
          },
          {
            "name": "[oss-security] 20220719 CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2022/07/19/5"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
          },
          {
            "name": "[oss-security] 20220719 Re: CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2022/07/19/6"
          },
          {
            "name": "[oss-security] 20220719 Re: CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2022/07/20/2"
          },
          {
            "name": "[oss-security] 20220720 Re: CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2022/07/20/3"
          },
          {
            "name": "DSA-5188",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2022/dsa-5188"
          },
          {
            "name": "DSA-5192",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2022/dsa-5192"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20220729-0009/"
          },
          {
            "name": "FEDORA-2022-19b6f21746",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO/"
          },
          {
            "name": "FEDORA-2022-ae563934f7",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2/"
          },
          {
            "name": "FEDORA-2022-e573851f56",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB/"
          },
          {
            "name": "FEDORA-2022-d26586b419",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM/"
          },
          {
            "name": "FEDORA-2022-80afe2304a",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ/"
          },
          {
            "name": "FEDORA-2022-b76ab52e73",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/168186/Xalan-J-XSLTC-Integer-Truncation.html"
          },
          {
            "name": "[oss-security] 20221017 Re: CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2022/10/18/2"
          },
          {
            "name": "[debian-lts-announce] 20221018 [SECURITY] [DLA 3155-1] bcel security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00024.html"
          },
          {
            "name": "DSA-5256",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2022/dsa-5256"
          },
          {
            "name": "[oss-security] 20221104 Re: CVE-2022-42920: Apache Commons BCEL prior to 6.6.0 allows producing arbitrary bytecode via out-of-bounds writing",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2022/11/04/8"
          },
          {
            "name": "[oss-security] 20221107 Re: CVE-2022-42920: Apache Commons BCEL prior to 6.6.0 allows producing arbitrary bytecode via out-of-bounds writing",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2022/11/07/2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202401-25"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20240621-0006/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "NONE",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2022-34169",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-20T16:24:49.067251Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-681",
                "description": "CWE-681 Incorrect Conversion between Numeric Types",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-27T12:51:15.955Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Apache Xalan-J",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThanOrEqual": "2.7.2",
              "status": "affected",
              "version": "Xalan-J",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Reported by Felix Wilhelm, Google Project Zero"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "integer truncation",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-06-21T19:07:47.103Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "url": "https://lists.apache.org/thread/2qvl7r43wb4t8p9dd9om1bnkssk07sn8"
        },
        {
          "url": "https://lists.apache.org/thread/12pxy4phsry6c34x2ol4fft6xlho4kyw"
        },
        {
          "name": "[oss-security] 20220719 CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2022/07/19/5"
        },
        {
          "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
        },
        {
          "name": "[oss-security] 20220719 Re: CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2022/07/19/6"
        },
        {
          "name": "[oss-security] 20220719 Re: CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2022/07/20/2"
        },
        {
          "name": "[oss-security] 20220720 Re: CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2022/07/20/3"
        },
        {
          "name": "DSA-5188",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.debian.org/security/2022/dsa-5188"
        },
        {
          "name": "DSA-5192",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.debian.org/security/2022/dsa-5192"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20220729-0009/"
        },
        {
          "name": "FEDORA-2022-19b6f21746",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO/"
        },
        {
          "name": "FEDORA-2022-ae563934f7",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2/"
        },
        {
          "name": "FEDORA-2022-e573851f56",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB/"
        },
        {
          "name": "FEDORA-2022-d26586b419",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM/"
        },
        {
          "name": "FEDORA-2022-80afe2304a",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ/"
        },
        {
          "name": "FEDORA-2022-b76ab52e73",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L/"
        },
        {
          "url": "http://packetstormsecurity.com/files/168186/Xalan-J-XSLTC-Integer-Truncation.html"
        },
        {
          "name": "[oss-security] 20221017 Re: CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2022/10/18/2"
        },
        {
          "name": "[debian-lts-announce] 20221018 [SECURITY] [DLA 3155-1] bcel security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00024.html"
        },
        {
          "name": "DSA-5256",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.debian.org/security/2022/dsa-5256"
        },
        {
          "name": "[oss-security] 20221104 Re: CVE-2022-42920: Apache Commons BCEL prior to 6.6.0 allows producing arbitrary bytecode via out-of-bounds writing",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2022/11/04/8"
        },
        {
          "name": "[oss-security] 20221107 Re: CVE-2022-42920: Apache Commons BCEL prior to 6.6.0 allows producing arbitrary bytecode via out-of-bounds writing",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2022/11/07/2"
        },
        {
          "url": "https://security.gentoo.org/glsa/202401-25"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20240621-0006/"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2022-34169",
    "datePublished": "2022-07-19T00:00:00.000Z",
    "dateReserved": "2022-06-21T00:00:00.000Z",
    "dateUpdated": "2026-05-27T12:51:15.955Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2022-34169",
      "date": "2026-06-06",
      "epss": "0.10953",
      "percentile": "0.93558"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2022-34169\",\"sourceIdentifier\":\"security@apache.org\",\"published\":\"2022-07-19T18:15:11.740\",\"lastModified\":\"2026-05-27T14:16:39.110\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.\"},{\"lang\":\"es\",\"value\":\"La biblioteca Apache Xalan Java XSLT es vulnerable a un problema de truncamiento de enteros cuando procesa hojas de estilo XSLT maliciosas. Esto puede usarse para corromper los archivos de clase Java generados por el compilador interno XSLTC y ejecutar c\u00f3digo de bytes Java arbitrario. El proyecto Apache Xalan Java est\u00e1 inactivo y en proceso de ser retirado. No son esperadas futuras versiones de Apache Xalan Java que abordan este problema. Nota: Los tiempos de ejecuci\u00f3n de Java (como OpenJDK) incluyen copias reempaquetadas de Xalan.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-681\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-681\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:xalan-java:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.7.2\",\"matchCriteriaId\":\"E406791B-F9FD-4E3F-831C-296D8F8FF9BE\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA6FEEC2-9F11-4643-8827-749718254FED\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:graalvm:20.3.6:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"7D961E24-EA18-4217-B5F5-F847726D84E3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:graalvm:21.3.2:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"601D92C4-F71F-47E2-9041-5C286D2137F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:graalvm:22.1.0:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"B18FE85D-C53D-44E9-8992-715820D1264B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.7.0:update343:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E3C0BA3-FCD3-4CB8-B8C7-F931090A7DBE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.8.0:update333:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB2A5440-7FA7-4A86-AA19-E2ABBD809B19\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:11.0.15.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C0485FC-E4B2-464E-8228-1387AC5F353B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:17.0.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7AF3539B-0434-4310-AE88-F46864C7C20F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:18.0.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F5CC9398-71B6-4480-95ED-EDCE838D157E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.7.0:update343:*:*:*:*:*:*\",\"matchCriteriaId\":\"60614E43-090E-44D7-94AD-FFAE38FF111F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.8.0:update333:*:*:*:*:*:*\",\"matchCriteriaId\":\"131E1C9E-721C-4176-B78B-69C01F90A9A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:11.0.15.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD4BFA12-588A-4D8D-B45F-648A55EC674C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:17.0.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0DF70EEA-EC9D-4FFC-B7BE-76F50C34D999\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:18.0.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4EF9CFB1-CEC9-483E-BECF-618190C03944\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11\",\"versionEndIncluding\":\"11.0.15\",\"matchCriteriaId\":\"DD2ADA66-DCD0-4D28-80B2-77A0265CE7B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13\",\"versionEndIncluding\":\"13.0.11\",\"matchCriteriaId\":\"8CA6BC07-2BDA-4913-AF2B-FD2146B0E539\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15\",\"versionEndIncluding\":\"15.0.7\",\"matchCriteriaId\":\"5A2E366B-549D-48C5-B3FB-AD0E8C75AE08\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"17\",\"versionEndIncluding\":\"17.0.3\",\"matchCriteriaId\":\"15FD6A0B-BB1A-4875-926C-AB1B6EC1A053\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"E78B7C5A-FA51-41E4-AAB0-C6DED2EFCF4C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update1:*:*:*:*:*:*\",\"matchCriteriaId\":\"02011EDC-20A7-4A16-A592-7C76E0037997\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update10:*:*:*:*:*:*\",\"matchCriteriaId\":\"AC6D4652-1226-4C60-BEDF-01EBF8AC0849\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update101:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C1F9ED7-7D93-41F4-9130-15BA734420AC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update11:*:*:*:*:*:*\",\"matchCriteriaId\":\"1CF9CDF1-95D3-4125-A73F-396D2280FC4E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update111:*:*:*:*:*:*\",\"matchCriteriaId\":\"A13266DC-F8D9-4F30-987F-65BBEAF8D3A8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update121:*:*:*:*:*:*\",\"matchCriteriaId\":\"C28388AB-CFC9-4749-A90F-383F5B905EA9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update13:*:*:*:*:*:*\",\"matchCriteriaId\":\"DA1B00F9-A81C-48B7-8DAA-F394DDF323F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update131:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA7AD457-6CE6-4925-8D94-A907B40233D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update141:*:*:*:*:*:*\",\"matchCriteriaId\":\"A6F3FDD1-7CAC-4B84-ABB7-64E9D3FBD708\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update15:*:*:*:*:*:*\",\"matchCriteriaId\":\"5480E5AD-DB46-474A-9B57-84ED088A75FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update151:*:*:*:*:*:*\",\"matchCriteriaId\":\"881A4AE9-6012-4E91-98BE-0A352CC20703\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update161:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E1E1079-57D9-473B-A017-964F4745F329\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update17:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8D6446E-2915-4F12-87BE-E7420BC2626E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update171:*:*:*:*:*:*\",\"matchCriteriaId\":\"564EDCE3-16E6-401D-8A43-032D1F8875E1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update181:*:*:*:*:*:*\",\"matchCriteriaId\":\"08278802-D31B-488A-BA6A-EBC816DF883A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update191:*:*:*:*:*:*\",\"matchCriteriaId\":\"72BDA05A-C8BD-472E-8465-EE1F3E5D8CF6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update2:*:*:*:*:*:*\",\"matchCriteriaId\":\"7BBB0969-565E-43E2-B067-A10AAA5F1958\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update201:*:*:*:*:*:*\",\"matchCriteriaId\":\"D78BE95D-6270-469A-8035-FCDDB398F952\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update21:*:*:*:*:*:*\",\"matchCriteriaId\":\"88C24F40-3150-4584-93D9-8307DE04EEE9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update211:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0FC5A03-FF11-4787-BBF1-3ACF93A21F2D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update221:*:*:*:*:*:*\",\"matchCriteriaId\":\"19626B36-62FC-4497-A2E1-7D6CD9839B19\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update231:*:*:*:*:*:*\",\"matchCriteriaId\":\"5713AEBD-35F6-44E8-A0CC-A42830D7AE20\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update241:*:*:*:*:*:*\",\"matchCriteriaId\":\"8BE0C04B-440E-4B35-ACC8-6264514F764C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update25:*:*:*:*:*:*\",\"matchCriteriaId\":\"555EC2A6-0475-48ED-AE0C-B306714A9333\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update251:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC1CF2AD-3F7A-4EF3-BD41-117A21553A9F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update261:*:*:*:*:*:*\",\"matchCriteriaId\":\"02C55E2E-AEDE-455C-B128-168C918B5D97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update271:*:*:*:*:*:*\",\"matchCriteriaId\":\"81831D37-6597-441B-87DE-38F7191BEA42\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update281:*:*:*:*:*:*\",\"matchCriteriaId\":\"EEA1594D-0AB5-436D-9E60-C26EE2175753\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update291:*:*:*:*:*:*\",\"matchCriteriaId\":\"B868FA41-C71B-491C-880B-484740B30C72\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update3:*:*:*:*:*:*\",\"matchCriteriaId\":\"C242D3BE-9114-4A9E-BB78-45754C7CC450\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update301:*:*:*:*:*:*\",\"matchCriteriaId\":\"95954182-9541-4181-9647-B17FA5A79F9F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update311:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F6F0137-F91F-4028-BED2-C29640D52C23\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update321:*:*:*:*:*:*\",\"matchCriteriaId\":\"EAFB6B15-4AE6-47FC-8847-9DFADB7AE253\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update4:*:*:*:*:*:*\",\"matchCriteriaId\":\"D61068FE-18EE-4ADB-BC69-A3ECE8724575\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update40:*:*:*:*:*:*\",\"matchCriteriaId\":\"EFB59E80-4EC4-4399-BF40-6733E4E475A9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update45:*:*:*:*:*:*\",\"matchCriteriaId\":\"84E31265-22E1-4E91-BFCB-D2AFF445926A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update5:*:*:*:*:*:*\",\"matchCriteriaId\":\"AB3A58C3-94BB-4120-BE1D-AAF8BBF7F22B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update51:*:*:*:*:*:*\",\"matchCriteriaId\":\"50319E52-8739-47C5-B61E-3CA9B6A9A48F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update55:*:*:*:*:*:*\",\"matchCriteriaId\":\"7ED515B9-DC74-4DC5-B98A-08D87D85E11E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update6:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D1D4868-1F9F-43F7-968C-6469B67D3F1B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update60:*:*:*:*:*:*\",\"matchCriteriaId\":\"568F1AC4-B0D7-4438-82E5-0E61500F2240\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update65:*:*:*:*:*:*\",\"matchCriteriaId\":\"F5E99B4A-EDAD-4471-81C4-7E9C775C9D9F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update67:*:*:*:*:*:*\",\"matchCriteriaId\":\"14E9133E-9FF3-40DB-9A11-7469EF5FD265\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update7:*:*:*:*:*:*\",\"matchCriteriaId\":\"94834710-3FA9-49D9-8600-B514CBCA4270\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update72:*:*:*:*:*:*\",\"matchCriteriaId\":\"4228D9E1-7D82-4B49-9669-9CDAD7187432\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update76:*:*:*:*:*:*\",\"matchCriteriaId\":\"F6231F48-2936-4F7D-96D5-4BA11F78EBE8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update80:*:*:*:*:*:*\",\"matchCriteriaId\":\"D96D5061-4A81-497E-9AD6-A8381B3B454C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update85:*:*:*:*:*:*\",\"matchCriteriaId\":\"5345C21E-A01B-43B9-9A20-F2783D921C60\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update9:*:*:*:*:*:*\",\"matchCriteriaId\":\"B219F360-83BD-4111-AB59-C9D4F55AF4C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update91:*:*:*:*:*:*\",\"matchCriteriaId\":\"D25377EA-8E8F-4C76-8EA9-3BBDFB352815\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update95:*:*:*:*:*:*\",\"matchCriteriaId\":\"59FEFE05-269A-4EAF-A80F-E4C2107B1197\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update97:*:*:*:*:*:*\",\"matchCriteriaId\":\"E7E2AA7C-F602-4DB7-9EC1-0708C46C253C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update99:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB70E154-A304-429E-80F5-8D87B00E32D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"70892D06-6E75-4425-BBF0-4B684EC62A1C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:milestone1:*:*:*:*:*:*\",\"matchCriteriaId\":\"7A165D71-71CC-4E6A-AA4F-FF8DB5B9A5AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:milestone2:*:*:*:*:*:*\",\"matchCriteriaId\":\"7417B2BB-9AC2-4AF4-A828-C89A0735AD92\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:milestone3:*:*:*:*:*:*\",\"matchCriteriaId\":\"6A0A57B5-6F88-4288-9CDE-F6613FE068D2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:milestone4:*:*:*:*:*:*\",\"matchCriteriaId\":\"67ED8559-C348-4932-B7CE-CB96976A30EC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:milestone5:*:*:*:*:*:*\",\"matchCriteriaId\":\"40AC3D91-263F-4345-9FAA-0E573EA64590\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:milestone6:*:*:*:*:*:*\",\"matchCriteriaId\":\"DD92AFA9-81F8-48D4-B79A-E7F066F69A99\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:milestone7:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C4B2F24-A730-4818-90C8-A2D90C081F03\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:milestone8:*:*:*:*:*:*\",\"matchCriteriaId\":\"464087F2-C285-4574-957E-CE0663F07DE0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:milestone9:*:*:*:*:*:*\",\"matchCriteriaId\":\"3E9BB880-A4F6-4887-8BB9-47AA298753D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update101:*:*:*:*:*:*\",\"matchCriteriaId\":\"18DCFF53-B298-4534-AB5C-8A5EF59C616F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update102:*:*:*:*:*:*\",\"matchCriteriaId\":\"083419F8-FDDF-4E36-88F8-857DB317C1D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update11:*:*:*:*:*:*\",\"matchCriteriaId\":\"D7A74F65-57E8-4C9A-BA96-5EF401504F13\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update111:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D0B90FC-57B6-4315-9B29-3C36E58B2CF5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update112:*:*:*:*:*:*\",\"matchCriteriaId\":\"07812576-3C35-404C-A7D7-9BE9E3D76E00\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update121:*:*:*:*:*:*\",\"matchCriteriaId\":\"00C52B1C-5447-4282-9667-9EBE0720B423\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update131:*:*:*:*:*:*\",\"matchCriteriaId\":\"92BB9EB0-0C12-4E77-89EE-FB77097841B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update141:*:*:*:*:*:*\",\"matchCriteriaId\":\"FF9D5DCE-2E8F-42B9-9038-AEA7E8C8CFFD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update151:*:*:*:*:*:*\",\"matchCriteriaId\":\"ABC0E7BB-F8B7-4369-9910-71240E4073A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update152:*:*:*:*:*:*\",\"matchCriteriaId\":\"551B2640-8CEC-4C24-AF8B-7A7CEF864D9D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update161:*:*:*:*:*:*\",\"matchCriteriaId\":\"0AE30779-48FB-451E-8CE1-F469F93B8772\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update162:*:*:*:*:*:*\",\"matchCriteriaId\":\"60590FDE-7156-4314-A012-AA38BD2ADDC9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update171:*:*:*:*:*:*\",\"matchCriteriaId\":\"BE51AD3A-8331-4E8F-9DB1-7A0051731DFB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update172:*:*:*:*:*:*\",\"matchCriteriaId\":\"F24F6122-2256-41B6-9033-794C6424ED99\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update181:*:*:*:*:*:*\",\"matchCriteriaId\":\"0EAFA79E-8C7A-48CF-8868-11378FE4B26F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update191:*:*:*:*:*:*\",\"matchCriteriaId\":\"D1D6F19F-59B5-4BB6-AD35-013384025970\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update192:*:*:*:*:*:*\",\"matchCriteriaId\":\"E7BA97BC-3ADA-465A-835B-6C3C5F416B56\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update20:*:*:*:*:*:*\",\"matchCriteriaId\":\"B71F77A4-B7EB-47A1-AAFD-431A7D040B86\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update201:*:*:*:*:*:*\",\"matchCriteriaId\":\"91D6BEA9-5943-44A4-946D-CEAA9BA99376\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update202:*:*:*:*:*:*\",\"matchCriteriaId\":\"C079A3E0-44EB-4B9C-B4FC-B7621D165C3B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update211:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CB74086-14B8-4237-8357-E0C6B5BB8313\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update212:*:*:*:*:*:*\",\"matchCriteriaId\":\"3ABED20A-7C34-4E86-9AFB-F4DC9ECBB3A9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update221:*:*:*:*:*:*\",\"matchCriteriaId\":\"00C2B9C9-1177-4DA6-96CE-55F37F383F99\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update222:*:*:*:*:*:*\",\"matchCriteriaId\":\"435CF189-0BD8-40DF-A0DC-99862CDEAF8A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update231:*:*:*:*:*:*\",\"matchCriteriaId\":\"12A3F367-33AD-47C3-BFDC-871A17E72C94\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update232:*:*:*:*:*:*\",\"matchCriteriaId\":\"A18F994F-72CA-4AF5-A7D1-9F5AEA286D85\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update241:*:*:*:*:*:*\",\"matchCriteriaId\":\"78261932-7373-4F16-91E0-1A72ADBEBC3E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update242:*:*:*:*:*:*\",\"matchCriteriaId\":\"9BD90D3D-9B3A-4101-9A8A-5090F0A9719F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update25:*:*:*:*:*:*\",\"matchCriteriaId\":\"B38C0276-0EBD-4E0B-BFCF-4DDECACE04E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update252:*:*:*:*:*:*\",\"matchCriteriaId\":\"F5A40B8A-D428-4008-9F21-AF21394C51D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update262:*:*:*:*:*:*\",\"matchCriteriaId\":\"FEC5B777-01E1-45EE-AF95-C3BD1F098B2F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update271:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B504718-5DCE-43B4-B19A-C6B6E7444BD3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update281:*:*:*:*:*:*\",\"matchCriteriaId\":\"3102AA10-99A8-49A9-867E-7EEC56865680\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update282:*:*:*:*:*:*\",\"matchCriteriaId\":\"5A55CBC7-A7B2-4B89-8AB5-ED30DBE6814E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update291:*:*:*:*:*:*\",\"matchCriteriaId\":\"15BA8A26-2CDA-442B-A549-6BE92DCCD205\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update301:*:*:*:*:*:*\",\"matchCriteriaId\":\"56F2883B-6A1B-4081-8877-07AF3A73F6CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update302:*:*:*:*:*:*\",\"matchCriteriaId\":\"98C0742E-ACDD-4DB4-8A4C-B96702C8976C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update31:*:*:*:*:*:*\",\"matchCriteriaId\":\"F8483034-DD5A-445D-892F-CDE90A7D58EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update312:*:*:*:*:*:*\",\"matchCriteriaId\":\"1716A5CD-1C32-4F19-9DDE-F9C7CCB6B420\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update322:*:*:*:*:*:*\",\"matchCriteriaId\":\"DAB4F663-BCAF-43DB-BCC3-24C060B0CBAB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update332:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8EF5BB8-7DAF-49B0-A11E-14E89EF7377A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update40:*:*:*:*:*:*\",\"matchCriteriaId\":\"8279718F-878F-4868-8859-1728D13CD0D8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update45:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C024E1A-FD2C-42E8-B227-C2AFD3040436\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update5:*:*:*:*:*:*\",\"matchCriteriaId\":\"4F24389D-DDD0-4204-AA24-31C920A4F47E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update51:*:*:*:*:*:*\",\"matchCriteriaId\":\"966979BE-1F21-4729-B6B8-610F74648344\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update60:*:*:*:*:*:*\",\"matchCriteriaId\":\"F8534265-33BF-460D-BF74-5F55FDE50F29\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update65:*:*:*:*:*:*\",\"matchCriteriaId\":\"F77AFC25-1466-4E56-9D5F-6988F3288E16\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update66:*:*:*:*:*:*\",\"matchCriteriaId\":\"A650BEB8-E56F-4E42-9361-8D2DB083F0F8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update71:*:*:*:*:*:*\",\"matchCriteriaId\":\"799FFECD-E80A-44B3-953D-CDB5E195F3AA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update72:*:*:*:*:*:*\",\"matchCriteriaId\":\"A7047507-7CAF-4A14-AA9A-5CEF806EDE98\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update73:*:*:*:*:*:*\",\"matchCriteriaId\":\"CFC7B179-95D3-4F94-84F6-73F1034A1AF2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update74:*:*:*:*:*:*\",\"matchCriteriaId\":\"9FB28526-9385-44CA-AF08-1899E6C3AE4D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update77:*:*:*:*:*:*\",\"matchCriteriaId\":\"E26B69E4-0B43-415F-A82B-52FDCB262B3E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update91:*:*:*:*:*:*\",\"matchCriteriaId\":\"27BC4150-70EC-462B-8FC5-20B3442CBB31\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update92:*:*:*:*:*:*\",\"matchCriteriaId\":\"02646989-ECD9-40AE-A83E-EFF4080C69B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"56CBFC1F-C120-44F2-877A-C1C880AA89C4\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80E516C0-98A4-4ADE-B69F-66A772E2BAAA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:7-mode_transition_tool:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7EF6650C-558D-45C8-AE7D-136EE70CB6D7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*\",\"matchCriteriaId\":\"3A756737-1CC4-42C2-A4DF-E1C893B4E2D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*\",\"matchCriteriaId\":\"B55E8D50-99B4-47EC-86F9-699B67D473CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:cloud_insights_acquisition_unit:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CCAA4004-9319-478C-9D55-0E8307F872F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:cloud_secure_agent:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F0F202E8-97E6-4BBB-A0B6-4CA3F5803C08\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A3C19813-E823-456A-B1CE-EC0684CE1953\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1BE6C1F-2565-4E97-92AA-16563E5660A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A6E9EF0C-AFA8-4F7B-9FDC-1E0F7C26E737\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD7447BC-F315-4298-A822-549942FC118B\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:azul:zulu:6.47:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E4633C4-E552-439D-8FE4-139E3A7956CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:azul:zulu:7.54:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"50C77346-8893-44F0-B0D1-5D4D30A9CA3B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:azul:zulu:8.62:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"63E58DE0-A96A-452E-986F-3BD2FEA7C723\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:azul:zulu:11.56:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3FB1BF4-3FCF-4007-A9E3-97C35483D6A9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:azul:zulu:13.48:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD7A33EC-DE03-424F-9796-E5EA071FF6CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:azul:zulu:15.40:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CCDAFFA9-0AA4-4C70-9154-8DA4BB255FD2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:azul:zulu:17.34:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B6302149-28AA-481E-BC6C-87D05E73768A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:azul:zulu:18.30:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"20DFD9D8-8648-40F7-81B8-04F852A337FA\"}]}]}],\"references\":[{\"url\":\"http://packetstormsecurity.com/files/168186/Xalan-J-XSLTC-Integer-Truncation.html\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2022/07/19/5\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2022/07/19/6\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2022/07/20/2\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2022/07/20/3\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2022/10/18/2\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2022/11/04/8\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2022/11/07/2\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread/12pxy4phsry6c34x2ol4fft6xlho4kyw\",\"source\":\"security@apache.org\",\"tags\":[\"Issue Tracking\",\"Mailing List\",\"Vendor Advisory\"]},{\"url\":\"https://lists.apache.org/thread/2qvl7r43wb4t8p9dd9om1bnkssk07sn8\",\"source\":\"security@apache.org\",\"tags\":[\"Issue Tracking\",\"Mailing List\",\"Vendor Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2022/10/msg00024.html\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L/\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM/\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2/\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO/\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ/\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB/\",\"source\":\"security@apache.org\"},{\"url\":\"https://security.gentoo.org/glsa/202401-25\",\"source\":\"security@apache.org\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20220729-0009/\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20240621-0006/\",\"source\":\"security@apache.org\"},{\"url\":\"https://www.debian.org/security/2022/dsa-5188\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2022/dsa-5192\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2022/dsa-5256\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujul2022.html\",\"source\":\"security@apache.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://packetstormsecurity.com/files/168186/Xalan-J-XSLTC-Integer-Truncation.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2022/07/19/5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2022/07/19/6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2022/07/20/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2022/07/20/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2022/10/18/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2022/11/04/8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2022/11/07/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread/12pxy4phsry6c34x2ol4fft6xlho4kyw\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Mailing List\",\"Vendor Advisory\"]},{\"url\":\"https://lists.apache.org/thread/2qvl7r43wb4t8p9dd9om1bnkssk07sn8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Mailing List\",\"Vendor Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2022/10/msg00024.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.gentoo.org/glsa/202401-25\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20220729-0009/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20240621-0006/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.debian.org/security/2022/dsa-5188\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2022/dsa-5192\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2022/dsa-5256\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujul2022.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://lists.apache.org/thread/2qvl7r43wb4t8p9dd9om1bnkssk07sn8\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.apache.org/thread/12pxy4phsry6c34x2ol4fft6xlho4kyw\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2022/07/19/5\", \"name\": \"[oss-security] 20220719 CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujul2022.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2022/07/19/6\", \"name\": \"[oss-security] 20220719 Re: CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2022/07/20/2\", \"name\": \"[oss-security] 20220719 Re: CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2022/07/20/3\", \"name\": \"[oss-security] 20220720 Re: CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2022/dsa-5188\", \"name\": \"DSA-5188\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2022/dsa-5192\", \"name\": \"DSA-5192\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20220729-0009/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO/\", \"name\": \"FEDORA-2022-19b6f21746\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2/\", \"name\": \"FEDORA-2022-ae563934f7\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB/\", \"name\": \"FEDORA-2022-e573851f56\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM/\", \"name\": \"FEDORA-2022-d26586b419\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ/\", \"name\": \"FEDORA-2022-80afe2304a\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L/\", \"name\": \"FEDORA-2022-b76ab52e73\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/168186/Xalan-J-XSLTC-Integer-Truncation.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2022/10/18/2\", \"name\": \"[oss-security] 20221017 Re: CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2022/10/msg00024.html\", \"name\": \"[debian-lts-announce] 20221018 [SECURITY] [DLA 3155-1] bcel security update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2022/dsa-5256\", \"name\": \"DSA-5256\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2022/11/04/8\", \"name\": \"[oss-security] 20221104 Re: CVE-2022-42920: Apache Commons BCEL prior to 6.6.0 allows producing arbitrary bytecode via out-of-bounds writing\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2022/11/07/2\", \"name\": \"[oss-security] 20221107 Re: CVE-2022-42920: Apache Commons BCEL prior to 6.6.0 allows producing arbitrary bytecode via out-of-bounds writing\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://security.gentoo.org/glsa/202401-25\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240621-0006/\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T08:16:17.277Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2022-34169\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-05-20T16:24:49.067251Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-681\", \"description\": \"CWE-681 Incorrect Conversion between Numeric Types\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-05-20T16:24:47.647Z\"}}], \"cna\": {\"title\": \"Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"value\": \"Reported by Felix Wilhelm, Google Project Zero\"}], \"affected\": [{\"vendor\": \"Apache Software Foundation\", \"product\": \"Apache Xalan-J\", \"versions\": [{\"status\": \"affected\", \"version\": \"Xalan-J\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"2.7.2\"}]}], \"references\": [{\"url\": \"https://lists.apache.org/thread/2qvl7r43wb4t8p9dd9om1bnkssk07sn8\"}, {\"url\": \"https://lists.apache.org/thread/12pxy4phsry6c34x2ol4fft6xlho4kyw\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2022/07/19/5\", \"name\": \"[oss-security] 20220719 CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujul2022.html\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2022/07/19/6\", \"name\": \"[oss-security] 20220719 Re: CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2022/07/20/2\", \"name\": \"[oss-security] 20220719 Re: CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2022/07/20/3\", \"name\": \"[oss-security] 20220720 Re: CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://www.debian.org/security/2022/dsa-5188\", \"name\": \"DSA-5188\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://www.debian.org/security/2022/dsa-5192\", \"name\": \"DSA-5192\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20220729-0009/\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO/\", \"name\": \"FEDORA-2022-19b6f21746\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2/\", \"name\": \"FEDORA-2022-ae563934f7\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB/\", \"name\": \"FEDORA-2022-e573851f56\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM/\", \"name\": \"FEDORA-2022-d26586b419\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ/\", \"name\": \"FEDORA-2022-80afe2304a\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L/\", \"name\": \"FEDORA-2022-b76ab52e73\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"http://packetstormsecurity.com/files/168186/Xalan-J-XSLTC-Integer-Truncation.html\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2022/10/18/2\", \"name\": \"[oss-security] 20221017 Re: CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2022/10/msg00024.html\", \"name\": \"[debian-lts-announce] 20221018 [SECURITY] [DLA 3155-1] bcel security update\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://www.debian.org/security/2022/dsa-5256\", \"name\": \"DSA-5256\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2022/11/04/8\", \"name\": \"[oss-security] 20221104 Re: CVE-2022-42920: Apache Commons BCEL prior to 6.6.0 allows producing arbitrary bytecode via out-of-bounds writing\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2022/11/07/2\", \"name\": \"[oss-security] 20221107 Re: CVE-2022-42920: Apache Commons BCEL prior to 6.6.0 allows producing arbitrary bytecode via out-of-bounds writing\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://security.gentoo.org/glsa/202401-25\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240621-0006/\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.0.9\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"integer truncation\"}]}], \"providerMetadata\": {\"orgId\": \"f0158376-9dc2-43b6-827c-5f631a4d8d09\", \"shortName\": \"apache\", \"dateUpdated\": \"2024-06-21T19:07:47.103Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2022-34169\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-05-27T12:51:15.955Z\", \"dateReserved\": \"2022-06-21T00:00:00.000Z\", \"assignerOrgId\": \"f0158376-9dc2-43b6-827c-5f631a4d8d09\", \"datePublished\": \"2022-07-19T00:00:00.000Z\", \"assignerShortName\": \"apache\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

WID-SEC-W-2024-0899

Vulnerability from csaf_certbund - Published: 2024-04-16 22:00 - Updated: 2025-06-09 22:00

Summary

Oracle Fusion Middleware: Mehrere Schwachstellen

Severity

Hoch

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: Oracle Fusion Middleware bündelt mehrere Produkte zur Erstellung, Betrieb und Management von intelligenten Business Anwendungen.

Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Oracle Fusion Middleware ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.

Betroffene Betriebssysteme: - Linux - UNIX - Windows

CVE-2019-0231

Affected products

Known affected 5 products

Product	Identifier	Version
Oracle Fusion Middleware 8.5.6 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.6`	8.5.6
Oracle Fusion Middleware 12.2.1.3.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.3.0`	12.2.1.3.0
Oracle Fusion Middleware 12.2.1.4.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.4.0`	12.2.1.4.0
Oracle Fusion Middleware 8.5.7 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.7`	8.5.7
Oracle Fusion Middleware 14.1.1.0.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:14.1.1.0.0`	14.1.1.0.0

CVE-2019-10172

Affected products

Known affected 5 products

Product	Identifier	Version
Oracle Fusion Middleware 8.5.6 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.6`	8.5.6
Oracle Fusion Middleware 12.2.1.3.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.3.0`	12.2.1.3.0
Oracle Fusion Middleware 12.2.1.4.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.4.0`	12.2.1.4.0
Oracle Fusion Middleware 8.5.7 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.7`	8.5.7
Oracle Fusion Middleware 14.1.1.0.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:14.1.1.0.0`	14.1.1.0.0

CVE-2019-13990

Affected products

Known affected 5 products

Product	Identifier	Version
Oracle Fusion Middleware 8.5.6 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.6`	8.5.6
Oracle Fusion Middleware 12.2.1.3.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.3.0`	12.2.1.3.0
Oracle Fusion Middleware 12.2.1.4.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.4.0`	12.2.1.4.0
Oracle Fusion Middleware 8.5.7 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.7`	8.5.7
Oracle Fusion Middleware 14.1.1.0.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:14.1.1.0.0`	14.1.1.0.0

CVE-2021-23369

Affected products

Known affected 5 products

Product	Identifier	Version
Oracle Fusion Middleware 8.5.6 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.6`	8.5.6
Oracle Fusion Middleware 12.2.1.3.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.3.0`	12.2.1.3.0
Oracle Fusion Middleware 12.2.1.4.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.4.0`	12.2.1.4.0
Oracle Fusion Middleware 8.5.7 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.7`	8.5.7
Oracle Fusion Middleware 14.1.1.0.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:14.1.1.0.0`	14.1.1.0.0

CVE-2022-1471

Affected products

Known affected 5 products

Product	Identifier	Version
Oracle Fusion Middleware 8.5.6 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.6`	8.5.6
Oracle Fusion Middleware 12.2.1.3.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.3.0`	12.2.1.3.0
Oracle Fusion Middleware 12.2.1.4.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.4.0`	12.2.1.4.0
Oracle Fusion Middleware 8.5.7 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.7`	8.5.7
Oracle Fusion Middleware 14.1.1.0.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:14.1.1.0.0`	14.1.1.0.0

CVE-2022-24329

Affected products

Known affected 5 products

Product	Identifier	Version
Oracle Fusion Middleware 8.5.6 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.6`	8.5.6
Oracle Fusion Middleware 12.2.1.3.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.3.0`	12.2.1.3.0
Oracle Fusion Middleware 12.2.1.4.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.4.0`	12.2.1.4.0
Oracle Fusion Middleware 8.5.7 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.7`	8.5.7
Oracle Fusion Middleware 14.1.1.0.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:14.1.1.0.0`	14.1.1.0.0

CVE-2022-25147

Affected products

Known affected 5 products

Product	Identifier	Version
Oracle Fusion Middleware 8.5.6 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.6`	8.5.6
Oracle Fusion Middleware 12.2.1.3.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.3.0`	12.2.1.3.0
Oracle Fusion Middleware 12.2.1.4.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.4.0`	12.2.1.4.0
Oracle Fusion Middleware 8.5.7 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.7`	8.5.7
Oracle Fusion Middleware 14.1.1.0.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:14.1.1.0.0`	14.1.1.0.0

CVE-2022-34169

Affected products

Known affected 5 products

Product	Identifier	Version
Oracle Fusion Middleware 8.5.6 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.6`	8.5.6
Oracle Fusion Middleware 12.2.1.3.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.3.0`	12.2.1.3.0
Oracle Fusion Middleware 12.2.1.4.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.4.0`	12.2.1.4.0
Oracle Fusion Middleware 8.5.7 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.7`	8.5.7
Oracle Fusion Middleware 14.1.1.0.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:14.1.1.0.0`	14.1.1.0.0

CVE-2022-34381

Affected products

Known affected 5 products

Product	Identifier	Version
Oracle Fusion Middleware 8.5.6 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.6`	8.5.6
Oracle Fusion Middleware 12.2.1.3.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.3.0`	12.2.1.3.0
Oracle Fusion Middleware 12.2.1.4.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.4.0`	12.2.1.4.0
Oracle Fusion Middleware 8.5.7 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.7`	8.5.7
Oracle Fusion Middleware 14.1.1.0.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:14.1.1.0.0`	14.1.1.0.0

CVE-2022-42003

Affected products

Known affected 5 products

Product	Identifier	Version
Oracle Fusion Middleware 8.5.6 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.6`	8.5.6
Oracle Fusion Middleware 12.2.1.3.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.3.0`	12.2.1.3.0
Oracle Fusion Middleware 12.2.1.4.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.4.0`	12.2.1.4.0
Oracle Fusion Middleware 8.5.7 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.7`	8.5.7
Oracle Fusion Middleware 14.1.1.0.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:14.1.1.0.0`	14.1.1.0.0

CVE-2022-45378

Affected products

Known affected 5 products

Product	Identifier	Version
Oracle Fusion Middleware 8.5.6 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.6`	8.5.6
Oracle Fusion Middleware 12.2.1.3.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.3.0`	12.2.1.3.0
Oracle Fusion Middleware 12.2.1.4.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.4.0`	12.2.1.4.0
Oracle Fusion Middleware 8.5.7 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.7`	8.5.7
Oracle Fusion Middleware 14.1.1.0.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:14.1.1.0.0`	14.1.1.0.0

CVE-2022-46337

Affected products

Known affected 5 products

Product	Identifier	Version
Oracle Fusion Middleware 8.5.6 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.6`	8.5.6
Oracle Fusion Middleware 12.2.1.3.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.3.0`	12.2.1.3.0
Oracle Fusion Middleware 12.2.1.4.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.4.0`	12.2.1.4.0
Oracle Fusion Middleware 8.5.7 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.7`	8.5.7
Oracle Fusion Middleware 14.1.1.0.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:14.1.1.0.0`	14.1.1.0.0

CVE-2022-48579

Affected products

Known affected 5 products

Product	Identifier	Version
Oracle Fusion Middleware 8.5.6 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.6`	8.5.6
Oracle Fusion Middleware 12.2.1.3.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.3.0`	12.2.1.3.0
Oracle Fusion Middleware 12.2.1.4.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.4.0`	12.2.1.4.0
Oracle Fusion Middleware 8.5.7 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.7`	8.5.7
Oracle Fusion Middleware 14.1.1.0.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:14.1.1.0.0`	14.1.1.0.0

CVE-2023-24021

Affected products

Known affected 5 products

Product	Identifier	Version
Oracle Fusion Middleware 8.5.6 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.6`	8.5.6
Oracle Fusion Middleware 12.2.1.3.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.3.0`	12.2.1.3.0
Oracle Fusion Middleware 12.2.1.4.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.4.0`	12.2.1.4.0
Oracle Fusion Middleware 8.5.7 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.7`	8.5.7
Oracle Fusion Middleware 14.1.1.0.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:14.1.1.0.0`	14.1.1.0.0

CVE-2023-2976

Affected products

Known affected 5 products

Product	Identifier	Version
Oracle Fusion Middleware 8.5.6 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.6`	8.5.6
Oracle Fusion Middleware 12.2.1.3.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.3.0`	12.2.1.3.0
Oracle Fusion Middleware 12.2.1.4.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.4.0`	12.2.1.4.0
Oracle Fusion Middleware 8.5.7 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.7`	8.5.7
Oracle Fusion Middleware 14.1.1.0.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:14.1.1.0.0`	14.1.1.0.0

CVE-2023-31122

Affected products

Known affected 5 products

Product	Identifier	Version
Oracle Fusion Middleware 8.5.6 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.6`	8.5.6
Oracle Fusion Middleware 12.2.1.3.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.3.0`	12.2.1.3.0
Oracle Fusion Middleware 12.2.1.4.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.4.0`	12.2.1.4.0
Oracle Fusion Middleware 8.5.7 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.7`	8.5.7
Oracle Fusion Middleware 14.1.1.0.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:14.1.1.0.0`	14.1.1.0.0

CVE-2023-33201

Affected products

Known affected 5 products

Product	Identifier	Version
Oracle Fusion Middleware 8.5.6 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.6`	8.5.6
Oracle Fusion Middleware 12.2.1.3.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.3.0`	12.2.1.3.0
Oracle Fusion Middleware 12.2.1.4.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.4.0`	12.2.1.4.0
Oracle Fusion Middleware 8.5.7 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.7`	8.5.7
Oracle Fusion Middleware 14.1.1.0.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:14.1.1.0.0`	14.1.1.0.0

CVE-2023-35116

Affected products

Known affected 5 products

Product	Identifier	Version
Oracle Fusion Middleware 8.5.6 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.6`	8.5.6
Oracle Fusion Middleware 12.2.1.3.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.3.0`	12.2.1.3.0
Oracle Fusion Middleware 12.2.1.4.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.4.0`	12.2.1.4.0
Oracle Fusion Middleware 8.5.7 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.7`	8.5.7
Oracle Fusion Middleware 14.1.1.0.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:14.1.1.0.0`	14.1.1.0.0

CVE-2023-35887

Affected products

Known affected 5 products

Product	Identifier	Version
Oracle Fusion Middleware 8.5.6 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.6`	8.5.6
Oracle Fusion Middleware 12.2.1.3.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.3.0`	12.2.1.3.0
Oracle Fusion Middleware 12.2.1.4.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.4.0`	12.2.1.4.0
Oracle Fusion Middleware 8.5.7 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.7`	8.5.7
Oracle Fusion Middleware 14.1.1.0.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:14.1.1.0.0`	14.1.1.0.0

CVE-2023-3635

Affected products

Known affected 5 products

Product	Identifier	Version
Oracle Fusion Middleware 8.5.6 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.6`	8.5.6
Oracle Fusion Middleware 12.2.1.3.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.3.0`	12.2.1.3.0
Oracle Fusion Middleware 12.2.1.4.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.4.0`	12.2.1.4.0
Oracle Fusion Middleware 8.5.7 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.7`	8.5.7
Oracle Fusion Middleware 14.1.1.0.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:14.1.1.0.0`	14.1.1.0.0

CVE-2023-37536

Affected products

Known affected 5 products

Product	Identifier	Version
Oracle Fusion Middleware 8.5.6 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.6`	8.5.6
Oracle Fusion Middleware 12.2.1.3.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.3.0`	12.2.1.3.0
Oracle Fusion Middleware 12.2.1.4.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.4.0`	12.2.1.4.0
Oracle Fusion Middleware 8.5.7 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.7`	8.5.7
Oracle Fusion Middleware 14.1.1.0.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:14.1.1.0.0`	14.1.1.0.0

CVE-2023-44487

Affected products

Known affected 5 products

Product	Identifier	Version
Oracle Fusion Middleware 8.5.6 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.6`	8.5.6
Oracle Fusion Middleware 12.2.1.3.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.3.0`	12.2.1.3.0
Oracle Fusion Middleware 12.2.1.4.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.4.0`	12.2.1.4.0
Oracle Fusion Middleware 8.5.7 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.7`	8.5.7
Oracle Fusion Middleware 14.1.1.0.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:14.1.1.0.0`	14.1.1.0.0

CVE-2023-46218

Affected products

Known affected 5 products

Product	Identifier	Version
Oracle Fusion Middleware 8.5.6 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.6`	8.5.6
Oracle Fusion Middleware 12.2.1.3.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.3.0`	12.2.1.3.0
Oracle Fusion Middleware 12.2.1.4.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.4.0`	12.2.1.4.0
Oracle Fusion Middleware 8.5.7 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.7`	8.5.7
Oracle Fusion Middleware 14.1.1.0.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:14.1.1.0.0`	14.1.1.0.0

CVE-2023-46589

Affected products

Known affected 5 products

Product	Identifier	Version
Oracle Fusion Middleware 8.5.6 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.6`	8.5.6
Oracle Fusion Middleware 12.2.1.3.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.3.0`	12.2.1.3.0
Oracle Fusion Middleware 12.2.1.4.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.4.0`	12.2.1.4.0
Oracle Fusion Middleware 8.5.7 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.7`	8.5.7
Oracle Fusion Middleware 14.1.1.0.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:14.1.1.0.0`	14.1.1.0.0

CVE-2023-48795

Affected products

Known affected 5 products

Product	Identifier	Version
Oracle Fusion Middleware 8.5.6 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.6`	8.5.6
Oracle Fusion Middleware 12.2.1.3.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.3.0`	12.2.1.3.0
Oracle Fusion Middleware 12.2.1.4.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.4.0`	12.2.1.4.0
Oracle Fusion Middleware 8.5.7 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.7`	8.5.7
Oracle Fusion Middleware 14.1.1.0.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:14.1.1.0.0`	14.1.1.0.0

CVE-2023-5072

Affected products

Known affected 5 products

Product	Identifier	Version
Oracle Fusion Middleware 8.5.6 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.6`	8.5.6
Oracle Fusion Middleware 12.2.1.3.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.3.0`	12.2.1.3.0
Oracle Fusion Middleware 12.2.1.4.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.4.0`	12.2.1.4.0
Oracle Fusion Middleware 8.5.7 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.7`	8.5.7
Oracle Fusion Middleware 14.1.1.0.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:14.1.1.0.0`	14.1.1.0.0

CVE-2023-52428

Affected products

Known affected 5 products

Product	Identifier	Version
Oracle Fusion Middleware 8.5.6 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.6`	8.5.6
Oracle Fusion Middleware 12.2.1.3.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.3.0`	12.2.1.3.0
Oracle Fusion Middleware 12.2.1.4.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.4.0`	12.2.1.4.0
Oracle Fusion Middleware 8.5.7 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.7`	8.5.7
Oracle Fusion Middleware 14.1.1.0.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:14.1.1.0.0`	14.1.1.0.0

CVE-2024-1597

Affected products

Known affected 5 products

Product	Identifier	Version
Oracle Fusion Middleware 8.5.6 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.6`	8.5.6
Oracle Fusion Middleware 12.2.1.3.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.3.0`	12.2.1.3.0
Oracle Fusion Middleware 12.2.1.4.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.4.0`	12.2.1.4.0
Oracle Fusion Middleware 8.5.7 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.7`	8.5.7
Oracle Fusion Middleware 14.1.1.0.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:14.1.1.0.0`	14.1.1.0.0

CVE-2024-20991

Affected products

Known affected 5 products

Product	Identifier	Version
Oracle Fusion Middleware 8.5.6 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.6`	8.5.6
Oracle Fusion Middleware 12.2.1.3.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.3.0`	12.2.1.3.0
Oracle Fusion Middleware 12.2.1.4.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.4.0`	12.2.1.4.0
Oracle Fusion Middleware 8.5.7 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.7`	8.5.7
Oracle Fusion Middleware 14.1.1.0.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:14.1.1.0.0`	14.1.1.0.0

CVE-2024-20992

Affected products

Known affected 5 products

Product	Identifier	Version
Oracle Fusion Middleware 8.5.6 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.6`	8.5.6
Oracle Fusion Middleware 12.2.1.3.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.3.0`	12.2.1.3.0
Oracle Fusion Middleware 12.2.1.4.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.4.0`	12.2.1.4.0
Oracle Fusion Middleware 8.5.7 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.7`	8.5.7
Oracle Fusion Middleware 14.1.1.0.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:14.1.1.0.0`	14.1.1.0.0

CVE-2024-21006

Affected products

Known affected 5 products

Product	Identifier	Version
Oracle Fusion Middleware 8.5.6 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.6`	8.5.6
Oracle Fusion Middleware 12.2.1.3.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.3.0`	12.2.1.3.0
Oracle Fusion Middleware 12.2.1.4.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.4.0`	12.2.1.4.0
Oracle Fusion Middleware 8.5.7 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.7`	8.5.7
Oracle Fusion Middleware 14.1.1.0.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:14.1.1.0.0`	14.1.1.0.0

CVE-2024-21007

Affected products

Known affected 5 products

Product	Identifier	Version
Oracle Fusion Middleware 8.5.6 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.6`	8.5.6
Oracle Fusion Middleware 12.2.1.3.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.3.0`	12.2.1.3.0
Oracle Fusion Middleware 12.2.1.4.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.4.0`	12.2.1.4.0
Oracle Fusion Middleware 8.5.7 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.7`	8.5.7
Oracle Fusion Middleware 14.1.1.0.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:14.1.1.0.0`	14.1.1.0.0

CVE-2024-21117

Affected products

Known affected 5 products

Product	Identifier	Version
Oracle Fusion Middleware 8.5.6 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.6`	8.5.6
Oracle Fusion Middleware 12.2.1.3.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.3.0`	12.2.1.3.0
Oracle Fusion Middleware 12.2.1.4.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.4.0`	12.2.1.4.0
Oracle Fusion Middleware 8.5.7 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.7`	8.5.7
Oracle Fusion Middleware 14.1.1.0.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:14.1.1.0.0`	14.1.1.0.0

CVE-2024-21118

Affected products

Known affected 5 products

Product	Identifier	Version
Oracle Fusion Middleware 8.5.6 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.6`	8.5.6
Oracle Fusion Middleware 12.2.1.3.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.3.0`	12.2.1.3.0
Oracle Fusion Middleware 12.2.1.4.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.4.0`	12.2.1.4.0
Oracle Fusion Middleware 8.5.7 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.7`	8.5.7
Oracle Fusion Middleware 14.1.1.0.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:14.1.1.0.0`	14.1.1.0.0

CVE-2024-21119

Affected products

Known affected 5 products

Product	Identifier	Version
Oracle Fusion Middleware 8.5.6 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.6`	8.5.6
Oracle Fusion Middleware 12.2.1.3.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.3.0`	12.2.1.3.0
Oracle Fusion Middleware 12.2.1.4.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.4.0`	12.2.1.4.0
Oracle Fusion Middleware 8.5.7 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.7`	8.5.7
Oracle Fusion Middleware 14.1.1.0.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:14.1.1.0.0`	14.1.1.0.0

CVE-2024-21120

Affected products

Known affected 5 products

Product	Identifier	Version
Oracle Fusion Middleware 8.5.6 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.6`	8.5.6
Oracle Fusion Middleware 12.2.1.3.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.3.0`	12.2.1.3.0
Oracle Fusion Middleware 12.2.1.4.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.4.0`	12.2.1.4.0
Oracle Fusion Middleware 8.5.7 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.7`	8.5.7
Oracle Fusion Middleware 14.1.1.0.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:14.1.1.0.0`	14.1.1.0.0

CVE-2024-23635

Affected products

Known affected 5 products

Product	Identifier	Version
Oracle Fusion Middleware 8.5.6 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.6`	8.5.6
Oracle Fusion Middleware 12.2.1.3.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.3.0`	12.2.1.3.0
Oracle Fusion Middleware 12.2.1.4.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.4.0`	12.2.1.4.0
Oracle Fusion Middleware 8.5.7 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.7`	8.5.7
Oracle Fusion Middleware 14.1.1.0.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:14.1.1.0.0`	14.1.1.0.0

CVE-2024-26308

Affected products

Known affected 5 products

Product	Identifier	Version
Oracle Fusion Middleware 8.5.6 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.6`	8.5.6
Oracle Fusion Middleware 12.2.1.3.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.3.0`	12.2.1.3.0
Oracle Fusion Middleware 12.2.1.4.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:12.2.1.4.0`	12.2.1.4.0
Oracle Fusion Middleware 8.5.7 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:8.5.7`	8.5.7
Oracle Fusion Middleware 14.1.1.0.0 Oracle / Fusion Middleware	`cpe:/a:oracle:fusion_middleware:14.1.1.0.0`	14.1.1.0.0

References

4 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://www.oracle.com/security-alerts/cpuapr2024…	external
https://github.com/d3fudd/CVE-2024-21006_POC	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Oracle Fusion Middleware b\u00fcndelt mehrere Produkte zur Erstellung, Betrieb und Management von intelligenten Business Anwendungen.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Oracle Fusion Middleware ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux\n- UNIX\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-0899 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0899.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-0899 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0899"
      },
      {
        "category": "external",
        "summary": "Oracle Critical Patch Update Advisory - April 2024 - Appendix Oracle Fusion Middleware vom 2024-04-16",
        "url": "https://www.oracle.com/security-alerts/cpuapr2024.html#AppendixFMW"
      },
      {
        "category": "external",
        "summary": "PoC CVE-2024-21006 vom 2025-06-09",
        "url": "https://github.com/d3fudd/CVE-2024-21006_POC"
      }
    ],
    "source_lang": "en-US",
    "title": "Oracle Fusion Middleware: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2025-06-09T22:00:00.000+00:00",
      "generator": {
        "date": "2025-06-10T06:12:15.168+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.12"
        }
      },
      "id": "WID-SEC-W-2024-0899",
      "initial_release_date": "2024-04-16T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-04-16T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2025-06-09T22:00:00.000+00:00",
          "number": "2",
          "summary": "PoC f\u00fcr CVE-2024-21006 aufgenommen"
        }
      ],
      "status": "final",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "12.2.1.3.0",
                "product": {
                  "name": "Oracle Fusion Middleware 12.2.1.3.0",
                  "product_id": "618028",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:fusion_middleware:12.2.1.3.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "12.2.1.4.0",
                "product": {
                  "name": "Oracle Fusion Middleware 12.2.1.4.0",
                  "product_id": "751674",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:fusion_middleware:12.2.1.4.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "14.1.1.0.0",
                "product": {
                  "name": "Oracle Fusion Middleware 14.1.1.0.0",
                  "product_id": "829576",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:fusion_middleware:14.1.1.0.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.5.6",
                "product": {
                  "name": "Oracle Fusion Middleware 8.5.6",
                  "product_id": "T024993",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:fusion_middleware:8.5.6"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.5.7",
                "product": {
                  "name": "Oracle Fusion Middleware 8.5.7",
                  "product_id": "T034057",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:fusion_middleware:8.5.7"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Fusion Middleware"
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2019-0231",
      "product_status": {
        "known_affected": [
          "T024993",
          "618028",
          "751674",
          "T034057",
          "829576"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2019-0231"
    },
    {
      "cve": "CVE-2019-10172",
      "product_status": {
        "known_affected": [
          "T024993",
          "618028",
          "751674",
          "T034057",
          "829576"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2019-10172"
    },
    {
      "cve": "CVE-2019-13990",
      "product_status": {
        "known_affected": [
          "T024993",
          "618028",
          "751674",
          "T034057",
          "829576"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2019-13990"
    },
    {
      "cve": "CVE-2021-23369",
      "product_status": {
        "known_affected": [
          "T024993",
          "618028",
          "751674",
          "T034057",
          "829576"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2021-23369"
    },
    {
      "cve": "CVE-2022-1471",
      "product_status": {
        "known_affected": [
          "T024993",
          "618028",
          "751674",
          "T034057",
          "829576"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2022-1471"
    },
    {
      "cve": "CVE-2022-24329",
      "product_status": {
        "known_affected": [
          "T024993",
          "618028",
          "751674",
          "T034057",
          "829576"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2022-24329"
    },
    {
      "cve": "CVE-2022-25147",
      "product_status": {
        "known_affected": [
          "T024993",
          "618028",
          "751674",
          "T034057",
          "829576"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2022-25147"
    },
    {
      "cve": "CVE-2022-34169",
      "product_status": {
        "known_affected": [
          "T024993",
          "618028",
          "751674",
          "T034057",
          "829576"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2022-34169"
    },
    {
      "cve": "CVE-2022-34381",
      "product_status": {
        "known_affected": [
          "T024993",
          "618028",
          "751674",
          "T034057",
          "829576"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2022-34381"
    },
    {
      "cve": "CVE-2022-42003",
      "product_status": {
        "known_affected": [
          "T024993",
          "618028",
          "751674",
          "T034057",
          "829576"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2022-42003"
    },
    {
      "cve": "CVE-2022-45378",
      "product_status": {
        "known_affected": [
          "T024993",
          "618028",
          "751674",
          "T034057",
          "829576"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2022-45378"
    },
    {
      "cve": "CVE-2022-46337",
      "product_status": {
        "known_affected": [
          "T024993",
          "618028",
          "751674",
          "T034057",
          "829576"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2022-46337"
    },
    {
      "cve": "CVE-2022-48579",
      "product_status": {
        "known_affected": [
          "T024993",
          "618028",
          "751674",
          "T034057",
          "829576"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2022-48579"
    },
    {
      "cve": "CVE-2023-24021",
      "product_status": {
        "known_affected": [
          "T024993",
          "618028",
          "751674",
          "T034057",
          "829576"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2023-24021"
    },
    {
      "cve": "CVE-2023-2976",
      "product_status": {
        "known_affected": [
          "T024993",
          "618028",
          "751674",
          "T034057",
          "829576"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2023-2976"
    },
    {
      "cve": "CVE-2023-31122",
      "product_status": {
        "known_affected": [
          "T024993",
          "618028",
          "751674",
          "T034057",
          "829576"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2023-31122"
    },
    {
      "cve": "CVE-2023-33201",
      "product_status": {
        "known_affected": [
          "T024993",
          "618028",
          "751674",
          "T034057",
          "829576"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2023-33201"
    },
    {
      "cve": "CVE-2023-35116",
      "product_status": {
        "known_affected": [
          "T024993",
          "618028",
          "751674",
          "T034057",
          "829576"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2023-35116"
    },
    {
      "cve": "CVE-2023-35887",
      "product_status": {
        "known_affected": [
          "T024993",
          "618028",
          "751674",
          "T034057",
          "829576"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2023-35887"
    },
    {
      "cve": "CVE-2023-3635",
      "product_status": {
        "known_affected": [
          "T024993",
          "618028",
          "751674",
          "T034057",
          "829576"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2023-3635"
    },
    {
      "cve": "CVE-2023-37536",
      "product_status": {
        "known_affected": [
          "T024993",
          "618028",
          "751674",
          "T034057",
          "829576"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2023-37536"
    },
    {
      "cve": "CVE-2023-44487",
      "product_status": {
        "known_affected": [
          "T024993",
          "618028",
          "751674",
          "T034057",
          "829576"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2023-44487"
    },
    {
      "cve": "CVE-2023-46218",
      "product_status": {
        "known_affected": [
          "T024993",
          "618028",
          "751674",
          "T034057",
          "829576"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2023-46218"
    },
    {
      "cve": "CVE-2023-46589",
      "product_status": {
        "known_affected": [
          "T024993",
          "618028",
          "751674",
          "T034057",
          "829576"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2023-46589"
    },
    {
      "cve": "CVE-2023-48795",
      "product_status": {
        "known_affected": [
          "T024993",
          "618028",
          "751674",
          "T034057",
          "829576"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2023-48795"
    },
    {
      "cve": "CVE-2023-5072",
      "product_status": {
        "known_affected": [
          "T024993",
          "618028",
          "751674",
          "T034057",
          "829576"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2023-5072"
    },
    {
      "cve": "CVE-2023-52428",
      "product_status": {
        "known_affected": [
          "T024993",
          "618028",
          "751674",
          "T034057",
          "829576"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2023-52428"
    },
    {
      "cve": "CVE-2024-1597",
      "product_status": {
        "known_affected": [
          "T024993",
          "618028",
          "751674",
          "T034057",
          "829576"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2024-1597"
    },
    {
      "cve": "CVE-2024-20991",
      "product_status": {
        "known_affected": [
          "T024993",
          "618028",
          "751674",
          "T034057",
          "829576"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2024-20991"
    },
    {
      "cve": "CVE-2024-20992",
      "product_status": {
        "known_affected": [
          "T024993",
          "618028",
          "751674",
          "T034057",
          "829576"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2024-20992"
    },
    {
      "cve": "CVE-2024-21006",
      "product_status": {
        "known_affected": [
          "T024993",
          "618028",
          "751674",
          "T034057",
          "829576"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2024-21006"
    },
    {
      "cve": "CVE-2024-21007",
      "product_status": {
        "known_affected": [
          "T024993",
          "618028",
          "751674",
          "T034057",
          "829576"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2024-21007"
    },
    {
      "cve": "CVE-2024-21117",
      "product_status": {
        "known_affected": [
          "T024993",
          "618028",
          "751674",
          "T034057",
          "829576"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2024-21117"
    },
    {
      "cve": "CVE-2024-21118",
      "product_status": {
        "known_affected": [
          "T024993",
          "618028",
          "751674",
          "T034057",
          "829576"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2024-21118"
    },
    {
      "cve": "CVE-2024-21119",
      "product_status": {
        "known_affected": [
          "T024993",
          "618028",
          "751674",
          "T034057",
          "829576"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2024-21119"
    },
    {
      "cve": "CVE-2024-21120",
      "product_status": {
        "known_affected": [
          "T024993",
          "618028",
          "751674",
          "T034057",
          "829576"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2024-21120"
    },
    {
      "cve": "CVE-2024-23635",
      "product_status": {
        "known_affected": [
          "T024993",
          "618028",
          "751674",
          "T034057",
          "829576"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2024-23635"
    },
    {
      "cve": "CVE-2024-26308",
      "product_status": {
        "known_affected": [
          "T024993",
          "618028",
          "751674",
          "T034057",
          "829576"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2024-26308"
    }
  ]
}

WID-SEC-W-2024-1622

Vulnerability from csaf_certbund - Published: 2024-07-16 22:00 - Updated: 2024-07-16 22:00

Summary

Oracle Commerce: Mehrere Schwachstellen

Severity

Hoch

Notes

Produktbeschreibung: Oracle Commerce ist eine elektronische Handelsplattform.

Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Oracle Commerce ausnutzen, um die Vertraulichkeit und Integrität zu gefährden.

Betroffene Betriebssysteme: - UNIX - Windows

CVE-2022-34169

In Oracle Commerce existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.

Affected products

Known affected 3 products

Product	Identifier	Version
Oracle Commerce 11.3.0 Oracle / Commerce	`cpe:/a:oracle:commerce:11.3.0`	11.3.0
Oracle Commerce 11.3.1 Oracle / Commerce	`cpe:/a:oracle:commerce:11.3.1`	11.3.1
Oracle Commerce 11.3.2 Oracle / Commerce	`cpe:/a:oracle:commerce:11.3.2`	11.3.2

CVE-2023-24998

Affected products

Known affected 3 products

Product	Identifier	Version
Oracle Commerce 11.3.0 Oracle / Commerce	`cpe:/a:oracle:commerce:11.3.0`	11.3.0
Oracle Commerce 11.3.1 Oracle / Commerce	`cpe:/a:oracle:commerce:11.3.1`	11.3.1
Oracle Commerce 11.3.2 Oracle / Commerce	`cpe:/a:oracle:commerce:11.3.2`	11.3.2

CVE-2024-22262

Affected products

Known affected 3 products

Product	Identifier	Version
Oracle Commerce 11.3.0 Oracle / Commerce	`cpe:/a:oracle:commerce:11.3.0`	11.3.0
Oracle Commerce 11.3.1 Oracle / Commerce	`cpe:/a:oracle:commerce:11.3.1`	11.3.1
Oracle Commerce 11.3.2 Oracle / Commerce	`cpe:/a:oracle:commerce:11.3.2`	11.3.2

CVE-2024-24549

Affected products

Known affected 3 products

Product	Identifier	Version
Oracle Commerce 11.3.0 Oracle / Commerce	`cpe:/a:oracle:commerce:11.3.0`	11.3.0
Oracle Commerce 11.3.1 Oracle / Commerce	`cpe:/a:oracle:commerce:11.3.1`	11.3.1
Oracle Commerce 11.3.2 Oracle / Commerce	`cpe:/a:oracle:commerce:11.3.2`	11.3.2

CVE-2024-28752

Affected products

Known affected 3 products

Product	Identifier	Version
Oracle Commerce 11.3.0 Oracle / Commerce	`cpe:/a:oracle:commerce:11.3.0`	11.3.0
Oracle Commerce 11.3.1 Oracle / Commerce	`cpe:/a:oracle:commerce:11.3.1`	11.3.1
Oracle Commerce 11.3.2 Oracle / Commerce	`cpe:/a:oracle:commerce:11.3.2`	11.3.2

CVE-2024-29025

Affected products

Known affected 3 products

Product	Identifier	Version
Oracle Commerce 11.3.0 Oracle / Commerce	`cpe:/a:oracle:commerce:11.3.0`	11.3.0
Oracle Commerce 11.3.1 Oracle / Commerce	`cpe:/a:oracle:commerce:11.3.1`	11.3.1
Oracle Commerce 11.3.2 Oracle / Commerce	`cpe:/a:oracle:commerce:11.3.2`	11.3.2

References

3 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://www.oracle.com/security-alerts/cpujul2024…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Oracle Commerce ist eine elektronische Handelsplattform.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Oracle Commerce ausnutzen, um die Vertraulichkeit und Integrit\u00e4t zu gef\u00e4hrden.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- UNIX\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-1622 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1622.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-1622 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1622"
      },
      {
        "category": "external",
        "summary": "Oracle Critical Patch Update Advisory - July 2024 - Appendix Oracle Commerce vom 2024-07-16",
        "url": "https://www.oracle.com/security-alerts/cpujul2024.html#AppendixOCOM"
      }
    ],
    "source_lang": "en-US",
    "title": "Oracle Commerce: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2024-07-16T22:00:00.000+00:00",
      "generator": {
        "date": "2024-08-15T18:11:21.987+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.5"
        }
      },
      "id": "WID-SEC-W-2024-1622",
      "initial_release_date": "2024-07-16T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-07-16T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "11.3.0",
                "product": {
                  "name": "Oracle Commerce 11.3.0",
                  "product_id": "T018931",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:commerce:11.3.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "11.3.1",
                "product": {
                  "name": "Oracle Commerce 11.3.1",
                  "product_id": "T018932",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:commerce:11.3.1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "11.3.2",
                "product": {
                  "name": "Oracle Commerce 11.3.2",
                  "product_id": "T018933",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:commerce:11.3.2"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Commerce"
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-34169",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Commerce existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T018931",
          "T018932",
          "T018933"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2022-34169"
    },
    {
      "cve": "CVE-2023-24998",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Commerce existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T018931",
          "T018932",
          "T018933"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2023-24998"
    },
    {
      "cve": "CVE-2024-22262",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Commerce existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T018931",
          "T018932",
          "T018933"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-22262"
    },
    {
      "cve": "CVE-2024-24549",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Commerce existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T018931",
          "T018932",
          "T018933"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-24549"
    },
    {
      "cve": "CVE-2024-28752",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Commerce existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T018931",
          "T018932",
          "T018933"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-28752"
    },
    {
      "cve": "CVE-2024-29025",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Commerce existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T018931",
          "T018932",
          "T018933"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-29025"
    }
  ]
}

WID-SEC-W-2024-1642

Vulnerability from csaf_certbund - Published: 2024-07-16 22:00 - Updated: 2024-11-20 23:00

Summary

Oracle Communications: Mehrere Schwachstellen

Severity

Hoch

Notes

Produktbeschreibung: Oracle Communications umfasst branchenspezifische Lösungen für die Telekommunikationsbranche.

Angriff: Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Communications ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.

Betroffene Betriebssysteme: - Sonstiges - UNIX - Windows

CVE-2019-10086

In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.

Affected products

Known affected 21 products

Product	Identifier	Version
Oracle Communications 12.11.0 Oracle / Communications	`cpe:/a:oracle:communications:12.11.0`	12.11.0
Oracle Communications 4.1.0 Oracle / Communications	`cpe:/a:oracle:communications:4.1.0`	4.1.0
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Oracle Communications 4.2.0 Oracle / Communications	`cpe:/a:oracle:communications:4.2.0`	4.2.0
Oracle Communications 9.2.0 Oracle / Communications	`cpe:/a:oracle:communications:9.2.0`	9.2.0
Oracle Communications 9.3.0 Oracle / Communications	`cpe:/a:oracle:communications:9.3.0`	9.3.0
Oracle Communications 23.4.1 Oracle / Communications	`cpe:/a:oracle:communications:23.4.1`	23.4.1
Oracle Communications 12.11.3 Oracle / Communications	`cpe:/a:oracle:communications:12.11.3`	12.11.3
Oracle Communications 12.11.4 Oracle / Communications	`cpe:/a:oracle:communications:12.11.4`	12.11.4
Oracle Communications 10.5 Oracle / Communications	`cpe:/a:oracle:communications:10.5`	10.5
Oracle Communications 24.2.0 Oracle / Communications	`cpe:/a:oracle:communications:24.2.0`	24.2.0
Oracle Communications 5.2 Oracle / Communications	`cpe:/a:oracle:communications:5.2`	5.2
Oracle Communications 24.1.0 Oracle / Communications	`cpe:/a:oracle:communications:24.1.0`	24.1.0
Oracle Communications 46.6.4 Oracle / Communications	`cpe:/a:oracle:communications:46.6.4`	46.6.4
Oracle Communications 23.4.2 Oracle / Communications	`cpe:/a:oracle:communications:23.4.2`	23.4.2
Oracle Communications 46.6.5 Oracle / Communications	`cpe:/a:oracle:communications:46.6.5`	46.6.5
Oracle Communications 15.0.0.0.0 Oracle / Communications	`cpe:/a:oracle:communications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications 23.4.0 Oracle / Communications	`cpe:/a:oracle:communications:23.4.0`	23.4.0
Oracle Communications 23.1.0 Oracle / Communications	`cpe:/a:oracle:communications:23.1.0`	23.1.0
Oracle Communications 12.6.1.0.0 Oracle / Communications	`cpe:/a:oracle:communications:12.6.1.0.0`	12.6.1.0.0
Oracle Communications 5.1 Oracle / Communications	`cpe:/a:oracle:communications:5.1`	5.1

Last affected 5 products

Product	Identifier	Version	Remediation
Oracle Communications <=23.4.3 Oracle / Communications		<=23.4.3
Oracle Communications <=23.4.4 Oracle / Communications		<=23.4.4
Oracle Communications <=8.6.0.6 Oracle / Communications		<=8.6.0.6
Oracle Communications <=8.6.0.8 Oracle / Communications		<=8.6.0.8
Oracle Communications <=9.0.3 Oracle / Communications		<=9.0.3

CVE-2021-29425

Affected products

Known affected 21 products

Product	Identifier	Version
Oracle Communications 12.11.0 Oracle / Communications	`cpe:/a:oracle:communications:12.11.0`	12.11.0
Oracle Communications 4.1.0 Oracle / Communications	`cpe:/a:oracle:communications:4.1.0`	4.1.0
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Oracle Communications 4.2.0 Oracle / Communications	`cpe:/a:oracle:communications:4.2.0`	4.2.0
Oracle Communications 9.2.0 Oracle / Communications	`cpe:/a:oracle:communications:9.2.0`	9.2.0
Oracle Communications 9.3.0 Oracle / Communications	`cpe:/a:oracle:communications:9.3.0`	9.3.0
Oracle Communications 23.4.1 Oracle / Communications	`cpe:/a:oracle:communications:23.4.1`	23.4.1
Oracle Communications 12.11.3 Oracle / Communications	`cpe:/a:oracle:communications:12.11.3`	12.11.3
Oracle Communications 12.11.4 Oracle / Communications	`cpe:/a:oracle:communications:12.11.4`	12.11.4
Oracle Communications 10.5 Oracle / Communications	`cpe:/a:oracle:communications:10.5`	10.5
Oracle Communications 24.2.0 Oracle / Communications	`cpe:/a:oracle:communications:24.2.0`	24.2.0
Oracle Communications 5.2 Oracle / Communications	`cpe:/a:oracle:communications:5.2`	5.2
Oracle Communications 24.1.0 Oracle / Communications	`cpe:/a:oracle:communications:24.1.0`	24.1.0
Oracle Communications 46.6.4 Oracle / Communications	`cpe:/a:oracle:communications:46.6.4`	46.6.4
Oracle Communications 23.4.2 Oracle / Communications	`cpe:/a:oracle:communications:23.4.2`	23.4.2
Oracle Communications 46.6.5 Oracle / Communications	`cpe:/a:oracle:communications:46.6.5`	46.6.5
Oracle Communications 15.0.0.0.0 Oracle / Communications	`cpe:/a:oracle:communications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications 23.4.0 Oracle / Communications	`cpe:/a:oracle:communications:23.4.0`	23.4.0
Oracle Communications 23.1.0 Oracle / Communications	`cpe:/a:oracle:communications:23.1.0`	23.1.0
Oracle Communications 12.6.1.0.0 Oracle / Communications	`cpe:/a:oracle:communications:12.6.1.0.0`	12.6.1.0.0
Oracle Communications 5.1 Oracle / Communications	`cpe:/a:oracle:communications:5.1`	5.1

Last affected 5 products

Product	Identifier	Version	Remediation
Oracle Communications <=23.4.3 Oracle / Communications		<=23.4.3
Oracle Communications <=23.4.4 Oracle / Communications		<=23.4.4
Oracle Communications <=8.6.0.6 Oracle / Communications		<=8.6.0.6
Oracle Communications <=8.6.0.8 Oracle / Communications		<=8.6.0.8
Oracle Communications <=9.0.3 Oracle / Communications		<=9.0.3

CVE-2021-37533

Affected products

Known affected 21 products

Product	Identifier	Version
Oracle Communications 12.11.0 Oracle / Communications	`cpe:/a:oracle:communications:12.11.0`	12.11.0
Oracle Communications 4.1.0 Oracle / Communications	`cpe:/a:oracle:communications:4.1.0`	4.1.0
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Oracle Communications 4.2.0 Oracle / Communications	`cpe:/a:oracle:communications:4.2.0`	4.2.0
Oracle Communications 9.2.0 Oracle / Communications	`cpe:/a:oracle:communications:9.2.0`	9.2.0
Oracle Communications 9.3.0 Oracle / Communications	`cpe:/a:oracle:communications:9.3.0`	9.3.0
Oracle Communications 23.4.1 Oracle / Communications	`cpe:/a:oracle:communications:23.4.1`	23.4.1
Oracle Communications 12.11.3 Oracle / Communications	`cpe:/a:oracle:communications:12.11.3`	12.11.3
Oracle Communications 12.11.4 Oracle / Communications	`cpe:/a:oracle:communications:12.11.4`	12.11.4
Oracle Communications 10.5 Oracle / Communications	`cpe:/a:oracle:communications:10.5`	10.5
Oracle Communications 24.2.0 Oracle / Communications	`cpe:/a:oracle:communications:24.2.0`	24.2.0
Oracle Communications 5.2 Oracle / Communications	`cpe:/a:oracle:communications:5.2`	5.2
Oracle Communications 24.1.0 Oracle / Communications	`cpe:/a:oracle:communications:24.1.0`	24.1.0
Oracle Communications 46.6.4 Oracle / Communications	`cpe:/a:oracle:communications:46.6.4`	46.6.4
Oracle Communications 23.4.2 Oracle / Communications	`cpe:/a:oracle:communications:23.4.2`	23.4.2
Oracle Communications 46.6.5 Oracle / Communications	`cpe:/a:oracle:communications:46.6.5`	46.6.5
Oracle Communications 15.0.0.0.0 Oracle / Communications	`cpe:/a:oracle:communications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications 23.4.0 Oracle / Communications	`cpe:/a:oracle:communications:23.4.0`	23.4.0
Oracle Communications 23.1.0 Oracle / Communications	`cpe:/a:oracle:communications:23.1.0`	23.1.0
Oracle Communications 12.6.1.0.0 Oracle / Communications	`cpe:/a:oracle:communications:12.6.1.0.0`	12.6.1.0.0
Oracle Communications 5.1 Oracle / Communications	`cpe:/a:oracle:communications:5.1`	5.1

Last affected 5 products

Product	Identifier	Version	Remediation
Oracle Communications <=23.4.3 Oracle / Communications		<=23.4.3
Oracle Communications <=23.4.4 Oracle / Communications		<=23.4.4
Oracle Communications <=8.6.0.6 Oracle / Communications		<=8.6.0.6
Oracle Communications <=8.6.0.8 Oracle / Communications		<=8.6.0.8
Oracle Communications <=9.0.3 Oracle / Communications		<=9.0.3

CVE-2021-41184

Affected products

Known affected 21 products

Product	Identifier	Version
Oracle Communications 12.11.0 Oracle / Communications	`cpe:/a:oracle:communications:12.11.0`	12.11.0
Oracle Communications 4.1.0 Oracle / Communications	`cpe:/a:oracle:communications:4.1.0`	4.1.0
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Oracle Communications 4.2.0 Oracle / Communications	`cpe:/a:oracle:communications:4.2.0`	4.2.0
Oracle Communications 9.2.0 Oracle / Communications	`cpe:/a:oracle:communications:9.2.0`	9.2.0
Oracle Communications 9.3.0 Oracle / Communications	`cpe:/a:oracle:communications:9.3.0`	9.3.0
Oracle Communications 23.4.1 Oracle / Communications	`cpe:/a:oracle:communications:23.4.1`	23.4.1
Oracle Communications 12.11.3 Oracle / Communications	`cpe:/a:oracle:communications:12.11.3`	12.11.3
Oracle Communications 12.11.4 Oracle / Communications	`cpe:/a:oracle:communications:12.11.4`	12.11.4
Oracle Communications 10.5 Oracle / Communications	`cpe:/a:oracle:communications:10.5`	10.5
Oracle Communications 24.2.0 Oracle / Communications	`cpe:/a:oracle:communications:24.2.0`	24.2.0
Oracle Communications 5.2 Oracle / Communications	`cpe:/a:oracle:communications:5.2`	5.2
Oracle Communications 24.1.0 Oracle / Communications	`cpe:/a:oracle:communications:24.1.0`	24.1.0
Oracle Communications 46.6.4 Oracle / Communications	`cpe:/a:oracle:communications:46.6.4`	46.6.4
Oracle Communications 23.4.2 Oracle / Communications	`cpe:/a:oracle:communications:23.4.2`	23.4.2
Oracle Communications 46.6.5 Oracle / Communications	`cpe:/a:oracle:communications:46.6.5`	46.6.5
Oracle Communications 15.0.0.0.0 Oracle / Communications	`cpe:/a:oracle:communications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications 23.4.0 Oracle / Communications	`cpe:/a:oracle:communications:23.4.0`	23.4.0
Oracle Communications 23.1.0 Oracle / Communications	`cpe:/a:oracle:communications:23.1.0`	23.1.0
Oracle Communications 12.6.1.0.0 Oracle / Communications	`cpe:/a:oracle:communications:12.6.1.0.0`	12.6.1.0.0
Oracle Communications 5.1 Oracle / Communications	`cpe:/a:oracle:communications:5.1`	5.1

Last affected 5 products

Product	Identifier	Version	Remediation
Oracle Communications <=23.4.3 Oracle / Communications		<=23.4.3
Oracle Communications <=23.4.4 Oracle / Communications		<=23.4.4
Oracle Communications <=8.6.0.6 Oracle / Communications		<=8.6.0.6
Oracle Communications <=8.6.0.8 Oracle / Communications		<=8.6.0.8
Oracle Communications <=9.0.3 Oracle / Communications		<=9.0.3

CVE-2022-34169

Affected products

Known affected 21 products

Product	Identifier	Version
Oracle Communications 12.11.0 Oracle / Communications	`cpe:/a:oracle:communications:12.11.0`	12.11.0
Oracle Communications 4.1.0 Oracle / Communications	`cpe:/a:oracle:communications:4.1.0`	4.1.0
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Oracle Communications 4.2.0 Oracle / Communications	`cpe:/a:oracle:communications:4.2.0`	4.2.0
Oracle Communications 9.2.0 Oracle / Communications	`cpe:/a:oracle:communications:9.2.0`	9.2.0
Oracle Communications 9.3.0 Oracle / Communications	`cpe:/a:oracle:communications:9.3.0`	9.3.0
Oracle Communications 23.4.1 Oracle / Communications	`cpe:/a:oracle:communications:23.4.1`	23.4.1
Oracle Communications 12.11.3 Oracle / Communications	`cpe:/a:oracle:communications:12.11.3`	12.11.3
Oracle Communications 12.11.4 Oracle / Communications	`cpe:/a:oracle:communications:12.11.4`	12.11.4
Oracle Communications 10.5 Oracle / Communications	`cpe:/a:oracle:communications:10.5`	10.5
Oracle Communications 24.2.0 Oracle / Communications	`cpe:/a:oracle:communications:24.2.0`	24.2.0
Oracle Communications 5.2 Oracle / Communications	`cpe:/a:oracle:communications:5.2`	5.2
Oracle Communications 24.1.0 Oracle / Communications	`cpe:/a:oracle:communications:24.1.0`	24.1.0
Oracle Communications 46.6.4 Oracle / Communications	`cpe:/a:oracle:communications:46.6.4`	46.6.4
Oracle Communications 23.4.2 Oracle / Communications	`cpe:/a:oracle:communications:23.4.2`	23.4.2
Oracle Communications 46.6.5 Oracle / Communications	`cpe:/a:oracle:communications:46.6.5`	46.6.5
Oracle Communications 15.0.0.0.0 Oracle / Communications	`cpe:/a:oracle:communications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications 23.4.0 Oracle / Communications	`cpe:/a:oracle:communications:23.4.0`	23.4.0
Oracle Communications 23.1.0 Oracle / Communications	`cpe:/a:oracle:communications:23.1.0`	23.1.0
Oracle Communications 12.6.1.0.0 Oracle / Communications	`cpe:/a:oracle:communications:12.6.1.0.0`	12.6.1.0.0
Oracle Communications 5.1 Oracle / Communications	`cpe:/a:oracle:communications:5.1`	5.1

Last affected 5 products

Product	Identifier	Version	Remediation
Oracle Communications <=23.4.3 Oracle / Communications		<=23.4.3
Oracle Communications <=23.4.4 Oracle / Communications		<=23.4.4
Oracle Communications <=8.6.0.6 Oracle / Communications		<=8.6.0.6
Oracle Communications <=8.6.0.8 Oracle / Communications		<=8.6.0.8
Oracle Communications <=9.0.3 Oracle / Communications		<=9.0.3

CVE-2022-36033

Affected products

Known affected 21 products

Product	Identifier	Version
Oracle Communications 12.11.0 Oracle / Communications	`cpe:/a:oracle:communications:12.11.0`	12.11.0
Oracle Communications 4.1.0 Oracle / Communications	`cpe:/a:oracle:communications:4.1.0`	4.1.0
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Oracle Communications 4.2.0 Oracle / Communications	`cpe:/a:oracle:communications:4.2.0`	4.2.0
Oracle Communications 9.2.0 Oracle / Communications	`cpe:/a:oracle:communications:9.2.0`	9.2.0
Oracle Communications 9.3.0 Oracle / Communications	`cpe:/a:oracle:communications:9.3.0`	9.3.0
Oracle Communications 23.4.1 Oracle / Communications	`cpe:/a:oracle:communications:23.4.1`	23.4.1
Oracle Communications 12.11.3 Oracle / Communications	`cpe:/a:oracle:communications:12.11.3`	12.11.3
Oracle Communications 12.11.4 Oracle / Communications	`cpe:/a:oracle:communications:12.11.4`	12.11.4
Oracle Communications 10.5 Oracle / Communications	`cpe:/a:oracle:communications:10.5`	10.5
Oracle Communications 24.2.0 Oracle / Communications	`cpe:/a:oracle:communications:24.2.0`	24.2.0
Oracle Communications 5.2 Oracle / Communications	`cpe:/a:oracle:communications:5.2`	5.2
Oracle Communications 24.1.0 Oracle / Communications	`cpe:/a:oracle:communications:24.1.0`	24.1.0
Oracle Communications 46.6.4 Oracle / Communications	`cpe:/a:oracle:communications:46.6.4`	46.6.4
Oracle Communications 23.4.2 Oracle / Communications	`cpe:/a:oracle:communications:23.4.2`	23.4.2
Oracle Communications 46.6.5 Oracle / Communications	`cpe:/a:oracle:communications:46.6.5`	46.6.5
Oracle Communications 15.0.0.0.0 Oracle / Communications	`cpe:/a:oracle:communications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications 23.4.0 Oracle / Communications	`cpe:/a:oracle:communications:23.4.0`	23.4.0
Oracle Communications 23.1.0 Oracle / Communications	`cpe:/a:oracle:communications:23.1.0`	23.1.0
Oracle Communications 12.6.1.0.0 Oracle / Communications	`cpe:/a:oracle:communications:12.6.1.0.0`	12.6.1.0.0
Oracle Communications 5.1 Oracle / Communications	`cpe:/a:oracle:communications:5.1`	5.1

Last affected 5 products

Product	Identifier	Version	Remediation
Oracle Communications <=23.4.3 Oracle / Communications		<=23.4.3
Oracle Communications <=23.4.4 Oracle / Communications		<=23.4.4
Oracle Communications <=8.6.0.6 Oracle / Communications		<=8.6.0.6
Oracle Communications <=8.6.0.8 Oracle / Communications		<=8.6.0.8
Oracle Communications <=9.0.3 Oracle / Communications		<=9.0.3

CVE-2022-42890

Affected products

Known affected 21 products

Product	Identifier	Version
Oracle Communications 12.11.0 Oracle / Communications	`cpe:/a:oracle:communications:12.11.0`	12.11.0
Oracle Communications 4.1.0 Oracle / Communications	`cpe:/a:oracle:communications:4.1.0`	4.1.0
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Oracle Communications 4.2.0 Oracle / Communications	`cpe:/a:oracle:communications:4.2.0`	4.2.0
Oracle Communications 9.2.0 Oracle / Communications	`cpe:/a:oracle:communications:9.2.0`	9.2.0
Oracle Communications 9.3.0 Oracle / Communications	`cpe:/a:oracle:communications:9.3.0`	9.3.0
Oracle Communications 23.4.1 Oracle / Communications	`cpe:/a:oracle:communications:23.4.1`	23.4.1
Oracle Communications 12.11.3 Oracle / Communications	`cpe:/a:oracle:communications:12.11.3`	12.11.3
Oracle Communications 12.11.4 Oracle / Communications	`cpe:/a:oracle:communications:12.11.4`	12.11.4
Oracle Communications 10.5 Oracle / Communications	`cpe:/a:oracle:communications:10.5`	10.5
Oracle Communications 24.2.0 Oracle / Communications	`cpe:/a:oracle:communications:24.2.0`	24.2.0
Oracle Communications 5.2 Oracle / Communications	`cpe:/a:oracle:communications:5.2`	5.2
Oracle Communications 24.1.0 Oracle / Communications	`cpe:/a:oracle:communications:24.1.0`	24.1.0
Oracle Communications 46.6.4 Oracle / Communications	`cpe:/a:oracle:communications:46.6.4`	46.6.4
Oracle Communications 23.4.2 Oracle / Communications	`cpe:/a:oracle:communications:23.4.2`	23.4.2
Oracle Communications 46.6.5 Oracle / Communications	`cpe:/a:oracle:communications:46.6.5`	46.6.5
Oracle Communications 15.0.0.0.0 Oracle / Communications	`cpe:/a:oracle:communications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications 23.4.0 Oracle / Communications	`cpe:/a:oracle:communications:23.4.0`	23.4.0
Oracle Communications 23.1.0 Oracle / Communications	`cpe:/a:oracle:communications:23.1.0`	23.1.0
Oracle Communications 12.6.1.0.0 Oracle / Communications	`cpe:/a:oracle:communications:12.6.1.0.0`	12.6.1.0.0
Oracle Communications 5.1 Oracle / Communications	`cpe:/a:oracle:communications:5.1`	5.1

Last affected 5 products

Product	Identifier	Version	Remediation
Oracle Communications <=23.4.3 Oracle / Communications		<=23.4.3
Oracle Communications <=23.4.4 Oracle / Communications		<=23.4.4
Oracle Communications <=8.6.0.6 Oracle / Communications		<=8.6.0.6
Oracle Communications <=8.6.0.8 Oracle / Communications		<=8.6.0.8
Oracle Communications <=9.0.3 Oracle / Communications		<=9.0.3

CVE-2022-48174

Affected products

Known affected 21 products

Product	Identifier	Version
Oracle Communications 12.11.0 Oracle / Communications	`cpe:/a:oracle:communications:12.11.0`	12.11.0
Oracle Communications 4.1.0 Oracle / Communications	`cpe:/a:oracle:communications:4.1.0`	4.1.0
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Oracle Communications 4.2.0 Oracle / Communications	`cpe:/a:oracle:communications:4.2.0`	4.2.0
Oracle Communications 9.2.0 Oracle / Communications	`cpe:/a:oracle:communications:9.2.0`	9.2.0
Oracle Communications 9.3.0 Oracle / Communications	`cpe:/a:oracle:communications:9.3.0`	9.3.0
Oracle Communications 23.4.1 Oracle / Communications	`cpe:/a:oracle:communications:23.4.1`	23.4.1
Oracle Communications 12.11.3 Oracle / Communications	`cpe:/a:oracle:communications:12.11.3`	12.11.3
Oracle Communications 12.11.4 Oracle / Communications	`cpe:/a:oracle:communications:12.11.4`	12.11.4
Oracle Communications 10.5 Oracle / Communications	`cpe:/a:oracle:communications:10.5`	10.5
Oracle Communications 24.2.0 Oracle / Communications	`cpe:/a:oracle:communications:24.2.0`	24.2.0
Oracle Communications 5.2 Oracle / Communications	`cpe:/a:oracle:communications:5.2`	5.2
Oracle Communications 24.1.0 Oracle / Communications	`cpe:/a:oracle:communications:24.1.0`	24.1.0
Oracle Communications 46.6.4 Oracle / Communications	`cpe:/a:oracle:communications:46.6.4`	46.6.4
Oracle Communications 23.4.2 Oracle / Communications	`cpe:/a:oracle:communications:23.4.2`	23.4.2
Oracle Communications 46.6.5 Oracle / Communications	`cpe:/a:oracle:communications:46.6.5`	46.6.5
Oracle Communications 15.0.0.0.0 Oracle / Communications	`cpe:/a:oracle:communications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications 23.4.0 Oracle / Communications	`cpe:/a:oracle:communications:23.4.0`	23.4.0
Oracle Communications 23.1.0 Oracle / Communications	`cpe:/a:oracle:communications:23.1.0`	23.1.0
Oracle Communications 12.6.1.0.0 Oracle / Communications	`cpe:/a:oracle:communications:12.6.1.0.0`	12.6.1.0.0
Oracle Communications 5.1 Oracle / Communications	`cpe:/a:oracle:communications:5.1`	5.1

Last affected 5 products

Product	Identifier	Version	Remediation
Oracle Communications <=23.4.3 Oracle / Communications		<=23.4.3
Oracle Communications <=23.4.4 Oracle / Communications		<=23.4.4
Oracle Communications <=8.6.0.6 Oracle / Communications		<=8.6.0.6
Oracle Communications <=8.6.0.8 Oracle / Communications		<=8.6.0.8
Oracle Communications <=9.0.3 Oracle / Communications		<=9.0.3

CVE-2023-24998

Affected products

Known affected 21 products

Product	Identifier	Version
Oracle Communications 12.11.0 Oracle / Communications	`cpe:/a:oracle:communications:12.11.0`	12.11.0
Oracle Communications 4.1.0 Oracle / Communications	`cpe:/a:oracle:communications:4.1.0`	4.1.0
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Oracle Communications 4.2.0 Oracle / Communications	`cpe:/a:oracle:communications:4.2.0`	4.2.0
Oracle Communications 9.2.0 Oracle / Communications	`cpe:/a:oracle:communications:9.2.0`	9.2.0
Oracle Communications 9.3.0 Oracle / Communications	`cpe:/a:oracle:communications:9.3.0`	9.3.0
Oracle Communications 23.4.1 Oracle / Communications	`cpe:/a:oracle:communications:23.4.1`	23.4.1
Oracle Communications 12.11.3 Oracle / Communications	`cpe:/a:oracle:communications:12.11.3`	12.11.3
Oracle Communications 12.11.4 Oracle / Communications	`cpe:/a:oracle:communications:12.11.4`	12.11.4
Oracle Communications 10.5 Oracle / Communications	`cpe:/a:oracle:communications:10.5`	10.5
Oracle Communications 24.2.0 Oracle / Communications	`cpe:/a:oracle:communications:24.2.0`	24.2.0
Oracle Communications 5.2 Oracle / Communications	`cpe:/a:oracle:communications:5.2`	5.2
Oracle Communications 24.1.0 Oracle / Communications	`cpe:/a:oracle:communications:24.1.0`	24.1.0
Oracle Communications 46.6.4 Oracle / Communications	`cpe:/a:oracle:communications:46.6.4`	46.6.4
Oracle Communications 23.4.2 Oracle / Communications	`cpe:/a:oracle:communications:23.4.2`	23.4.2
Oracle Communications 46.6.5 Oracle / Communications	`cpe:/a:oracle:communications:46.6.5`	46.6.5
Oracle Communications 15.0.0.0.0 Oracle / Communications	`cpe:/a:oracle:communications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications 23.4.0 Oracle / Communications	`cpe:/a:oracle:communications:23.4.0`	23.4.0
Oracle Communications 23.1.0 Oracle / Communications	`cpe:/a:oracle:communications:23.1.0`	23.1.0
Oracle Communications 12.6.1.0.0 Oracle / Communications	`cpe:/a:oracle:communications:12.6.1.0.0`	12.6.1.0.0
Oracle Communications 5.1 Oracle / Communications	`cpe:/a:oracle:communications:5.1`	5.1

Last affected 5 products

Product	Identifier	Version	Remediation
Oracle Communications <=23.4.3 Oracle / Communications		<=23.4.3
Oracle Communications <=23.4.4 Oracle / Communications		<=23.4.4
Oracle Communications <=8.6.0.6 Oracle / Communications		<=8.6.0.6
Oracle Communications <=8.6.0.8 Oracle / Communications		<=8.6.0.8
Oracle Communications <=9.0.3 Oracle / Communications		<=9.0.3

CVE-2023-33201

Affected products

Known affected 21 products

Product	Identifier	Version
Oracle Communications 12.11.0 Oracle / Communications	`cpe:/a:oracle:communications:12.11.0`	12.11.0
Oracle Communications 4.1.0 Oracle / Communications	`cpe:/a:oracle:communications:4.1.0`	4.1.0
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Oracle Communications 4.2.0 Oracle / Communications	`cpe:/a:oracle:communications:4.2.0`	4.2.0
Oracle Communications 9.2.0 Oracle / Communications	`cpe:/a:oracle:communications:9.2.0`	9.2.0
Oracle Communications 9.3.0 Oracle / Communications	`cpe:/a:oracle:communications:9.3.0`	9.3.0
Oracle Communications 23.4.1 Oracle / Communications	`cpe:/a:oracle:communications:23.4.1`	23.4.1
Oracle Communications 12.11.3 Oracle / Communications	`cpe:/a:oracle:communications:12.11.3`	12.11.3
Oracle Communications 12.11.4 Oracle / Communications	`cpe:/a:oracle:communications:12.11.4`	12.11.4
Oracle Communications 10.5 Oracle / Communications	`cpe:/a:oracle:communications:10.5`	10.5
Oracle Communications 24.2.0 Oracle / Communications	`cpe:/a:oracle:communications:24.2.0`	24.2.0
Oracle Communications 5.2 Oracle / Communications	`cpe:/a:oracle:communications:5.2`	5.2
Oracle Communications 24.1.0 Oracle / Communications	`cpe:/a:oracle:communications:24.1.0`	24.1.0
Oracle Communications 46.6.4 Oracle / Communications	`cpe:/a:oracle:communications:46.6.4`	46.6.4
Oracle Communications 23.4.2 Oracle / Communications	`cpe:/a:oracle:communications:23.4.2`	23.4.2
Oracle Communications 46.6.5 Oracle / Communications	`cpe:/a:oracle:communications:46.6.5`	46.6.5
Oracle Communications 15.0.0.0.0 Oracle / Communications	`cpe:/a:oracle:communications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications 23.4.0 Oracle / Communications	`cpe:/a:oracle:communications:23.4.0`	23.4.0
Oracle Communications 23.1.0 Oracle / Communications	`cpe:/a:oracle:communications:23.1.0`	23.1.0
Oracle Communications 12.6.1.0.0 Oracle / Communications	`cpe:/a:oracle:communications:12.6.1.0.0`	12.6.1.0.0
Oracle Communications 5.1 Oracle / Communications	`cpe:/a:oracle:communications:5.1`	5.1

Last affected 5 products

Product	Identifier	Version	Remediation
Oracle Communications <=23.4.3 Oracle / Communications		<=23.4.3
Oracle Communications <=23.4.4 Oracle / Communications		<=23.4.4
Oracle Communications <=8.6.0.6 Oracle / Communications		<=8.6.0.6
Oracle Communications <=8.6.0.8 Oracle / Communications		<=8.6.0.8
Oracle Communications <=9.0.3 Oracle / Communications		<=9.0.3

CVE-2023-37920

Affected products

Known affected 21 products

Product	Identifier	Version
Oracle Communications 12.11.0 Oracle / Communications	`cpe:/a:oracle:communications:12.11.0`	12.11.0
Oracle Communications 4.1.0 Oracle / Communications	`cpe:/a:oracle:communications:4.1.0`	4.1.0
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Oracle Communications 4.2.0 Oracle / Communications	`cpe:/a:oracle:communications:4.2.0`	4.2.0
Oracle Communications 9.2.0 Oracle / Communications	`cpe:/a:oracle:communications:9.2.0`	9.2.0
Oracle Communications 9.3.0 Oracle / Communications	`cpe:/a:oracle:communications:9.3.0`	9.3.0
Oracle Communications 23.4.1 Oracle / Communications	`cpe:/a:oracle:communications:23.4.1`	23.4.1
Oracle Communications 12.11.3 Oracle / Communications	`cpe:/a:oracle:communications:12.11.3`	12.11.3
Oracle Communications 12.11.4 Oracle / Communications	`cpe:/a:oracle:communications:12.11.4`	12.11.4
Oracle Communications 10.5 Oracle / Communications	`cpe:/a:oracle:communications:10.5`	10.5
Oracle Communications 24.2.0 Oracle / Communications	`cpe:/a:oracle:communications:24.2.0`	24.2.0
Oracle Communications 5.2 Oracle / Communications	`cpe:/a:oracle:communications:5.2`	5.2
Oracle Communications 24.1.0 Oracle / Communications	`cpe:/a:oracle:communications:24.1.0`	24.1.0
Oracle Communications 46.6.4 Oracle / Communications	`cpe:/a:oracle:communications:46.6.4`	46.6.4
Oracle Communications 23.4.2 Oracle / Communications	`cpe:/a:oracle:communications:23.4.2`	23.4.2
Oracle Communications 46.6.5 Oracle / Communications	`cpe:/a:oracle:communications:46.6.5`	46.6.5
Oracle Communications 15.0.0.0.0 Oracle / Communications	`cpe:/a:oracle:communications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications 23.4.0 Oracle / Communications	`cpe:/a:oracle:communications:23.4.0`	23.4.0
Oracle Communications 23.1.0 Oracle / Communications	`cpe:/a:oracle:communications:23.1.0`	23.1.0
Oracle Communications 12.6.1.0.0 Oracle / Communications	`cpe:/a:oracle:communications:12.6.1.0.0`	12.6.1.0.0
Oracle Communications 5.1 Oracle / Communications	`cpe:/a:oracle:communications:5.1`	5.1

Last affected 5 products

Product	Identifier	Version	Remediation
Oracle Communications <=23.4.3 Oracle / Communications		<=23.4.3
Oracle Communications <=23.4.4 Oracle / Communications		<=23.4.4
Oracle Communications <=8.6.0.6 Oracle / Communications		<=8.6.0.6
Oracle Communications <=8.6.0.8 Oracle / Communications		<=8.6.0.8
Oracle Communications <=9.0.3 Oracle / Communications		<=9.0.3

CVE-2023-44487

Affected products

Known affected 21 products

Product	Identifier	Version
Oracle Communications 12.11.0 Oracle / Communications	`cpe:/a:oracle:communications:12.11.0`	12.11.0
Oracle Communications 4.1.0 Oracle / Communications	`cpe:/a:oracle:communications:4.1.0`	4.1.0
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Oracle Communications 4.2.0 Oracle / Communications	`cpe:/a:oracle:communications:4.2.0`	4.2.0
Oracle Communications 9.2.0 Oracle / Communications	`cpe:/a:oracle:communications:9.2.0`	9.2.0
Oracle Communications 9.3.0 Oracle / Communications	`cpe:/a:oracle:communications:9.3.0`	9.3.0
Oracle Communications 23.4.1 Oracle / Communications	`cpe:/a:oracle:communications:23.4.1`	23.4.1
Oracle Communications 12.11.3 Oracle / Communications	`cpe:/a:oracle:communications:12.11.3`	12.11.3
Oracle Communications 12.11.4 Oracle / Communications	`cpe:/a:oracle:communications:12.11.4`	12.11.4
Oracle Communications 10.5 Oracle / Communications	`cpe:/a:oracle:communications:10.5`	10.5
Oracle Communications 24.2.0 Oracle / Communications	`cpe:/a:oracle:communications:24.2.0`	24.2.0
Oracle Communications 5.2 Oracle / Communications	`cpe:/a:oracle:communications:5.2`	5.2
Oracle Communications 24.1.0 Oracle / Communications	`cpe:/a:oracle:communications:24.1.0`	24.1.0
Oracle Communications 46.6.4 Oracle / Communications	`cpe:/a:oracle:communications:46.6.4`	46.6.4
Oracle Communications 23.4.2 Oracle / Communications	`cpe:/a:oracle:communications:23.4.2`	23.4.2
Oracle Communications 46.6.5 Oracle / Communications	`cpe:/a:oracle:communications:46.6.5`	46.6.5
Oracle Communications 15.0.0.0.0 Oracle / Communications	`cpe:/a:oracle:communications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications 23.4.0 Oracle / Communications	`cpe:/a:oracle:communications:23.4.0`	23.4.0
Oracle Communications 23.1.0 Oracle / Communications	`cpe:/a:oracle:communications:23.1.0`	23.1.0
Oracle Communications 12.6.1.0.0 Oracle / Communications	`cpe:/a:oracle:communications:12.6.1.0.0`	12.6.1.0.0
Oracle Communications 5.1 Oracle / Communications	`cpe:/a:oracle:communications:5.1`	5.1

Last affected 5 products

Product	Identifier	Version	Remediation
Oracle Communications <=23.4.3 Oracle / Communications		<=23.4.3
Oracle Communications <=23.4.4 Oracle / Communications		<=23.4.4
Oracle Communications <=8.6.0.6 Oracle / Communications		<=8.6.0.6
Oracle Communications <=8.6.0.8 Oracle / Communications		<=8.6.0.8
Oracle Communications <=9.0.3 Oracle / Communications		<=9.0.3

CVE-2023-46589

Affected products

Known affected 21 products

Product	Identifier	Version
Oracle Communications 12.11.0 Oracle / Communications	`cpe:/a:oracle:communications:12.11.0`	12.11.0
Oracle Communications 4.1.0 Oracle / Communications	`cpe:/a:oracle:communications:4.1.0`	4.1.0
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Oracle Communications 4.2.0 Oracle / Communications	`cpe:/a:oracle:communications:4.2.0`	4.2.0
Oracle Communications 9.2.0 Oracle / Communications	`cpe:/a:oracle:communications:9.2.0`	9.2.0
Oracle Communications 9.3.0 Oracle / Communications	`cpe:/a:oracle:communications:9.3.0`	9.3.0
Oracle Communications 23.4.1 Oracle / Communications	`cpe:/a:oracle:communications:23.4.1`	23.4.1
Oracle Communications 12.11.3 Oracle / Communications	`cpe:/a:oracle:communications:12.11.3`	12.11.3
Oracle Communications 12.11.4 Oracle / Communications	`cpe:/a:oracle:communications:12.11.4`	12.11.4
Oracle Communications 10.5 Oracle / Communications	`cpe:/a:oracle:communications:10.5`	10.5
Oracle Communications 24.2.0 Oracle / Communications	`cpe:/a:oracle:communications:24.2.0`	24.2.0
Oracle Communications 5.2 Oracle / Communications	`cpe:/a:oracle:communications:5.2`	5.2
Oracle Communications 24.1.0 Oracle / Communications	`cpe:/a:oracle:communications:24.1.0`	24.1.0
Oracle Communications 46.6.4 Oracle / Communications	`cpe:/a:oracle:communications:46.6.4`	46.6.4
Oracle Communications 23.4.2 Oracle / Communications	`cpe:/a:oracle:communications:23.4.2`	23.4.2
Oracle Communications 46.6.5 Oracle / Communications	`cpe:/a:oracle:communications:46.6.5`	46.6.5
Oracle Communications 15.0.0.0.0 Oracle / Communications	`cpe:/a:oracle:communications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications 23.4.0 Oracle / Communications	`cpe:/a:oracle:communications:23.4.0`	23.4.0
Oracle Communications 23.1.0 Oracle / Communications	`cpe:/a:oracle:communications:23.1.0`	23.1.0
Oracle Communications 12.6.1.0.0 Oracle / Communications	`cpe:/a:oracle:communications:12.6.1.0.0`	12.6.1.0.0
Oracle Communications 5.1 Oracle / Communications	`cpe:/a:oracle:communications:5.1`	5.1

Last affected 5 products

Product	Identifier	Version	Remediation
Oracle Communications <=23.4.3 Oracle / Communications		<=23.4.3
Oracle Communications <=23.4.4 Oracle / Communications		<=23.4.4
Oracle Communications <=8.6.0.6 Oracle / Communications		<=8.6.0.6
Oracle Communications <=8.6.0.8 Oracle / Communications		<=8.6.0.8
Oracle Communications <=9.0.3 Oracle / Communications		<=9.0.3

CVE-2023-48795

Affected products

Known affected 21 products

Product	Identifier	Version
Oracle Communications 12.11.0 Oracle / Communications	`cpe:/a:oracle:communications:12.11.0`	12.11.0
Oracle Communications 4.1.0 Oracle / Communications	`cpe:/a:oracle:communications:4.1.0`	4.1.0
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Oracle Communications 4.2.0 Oracle / Communications	`cpe:/a:oracle:communications:4.2.0`	4.2.0
Oracle Communications 9.2.0 Oracle / Communications	`cpe:/a:oracle:communications:9.2.0`	9.2.0
Oracle Communications 9.3.0 Oracle / Communications	`cpe:/a:oracle:communications:9.3.0`	9.3.0
Oracle Communications 23.4.1 Oracle / Communications	`cpe:/a:oracle:communications:23.4.1`	23.4.1
Oracle Communications 12.11.3 Oracle / Communications	`cpe:/a:oracle:communications:12.11.3`	12.11.3
Oracle Communications 12.11.4 Oracle / Communications	`cpe:/a:oracle:communications:12.11.4`	12.11.4
Oracle Communications 10.5 Oracle / Communications	`cpe:/a:oracle:communications:10.5`	10.5
Oracle Communications 24.2.0 Oracle / Communications	`cpe:/a:oracle:communications:24.2.0`	24.2.0
Oracle Communications 5.2 Oracle / Communications	`cpe:/a:oracle:communications:5.2`	5.2
Oracle Communications 24.1.0 Oracle / Communications	`cpe:/a:oracle:communications:24.1.0`	24.1.0
Oracle Communications 46.6.4 Oracle / Communications	`cpe:/a:oracle:communications:46.6.4`	46.6.4
Oracle Communications 23.4.2 Oracle / Communications	`cpe:/a:oracle:communications:23.4.2`	23.4.2
Oracle Communications 46.6.5 Oracle / Communications	`cpe:/a:oracle:communications:46.6.5`	46.6.5
Oracle Communications 15.0.0.0.0 Oracle / Communications	`cpe:/a:oracle:communications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications 23.4.0 Oracle / Communications	`cpe:/a:oracle:communications:23.4.0`	23.4.0
Oracle Communications 23.1.0 Oracle / Communications	`cpe:/a:oracle:communications:23.1.0`	23.1.0
Oracle Communications 12.6.1.0.0 Oracle / Communications	`cpe:/a:oracle:communications:12.6.1.0.0`	12.6.1.0.0
Oracle Communications 5.1 Oracle / Communications	`cpe:/a:oracle:communications:5.1`	5.1

Last affected 5 products

Product	Identifier	Version	Remediation
Oracle Communications <=23.4.3 Oracle / Communications		<=23.4.3
Oracle Communications <=23.4.4 Oracle / Communications		<=23.4.4
Oracle Communications <=8.6.0.6 Oracle / Communications		<=8.6.0.6
Oracle Communications <=8.6.0.8 Oracle / Communications		<=8.6.0.8
Oracle Communications <=9.0.3 Oracle / Communications		<=9.0.3

CVE-2023-51775

Affected products

Known affected 21 products

Product	Identifier	Version
Oracle Communications 12.11.0 Oracle / Communications	`cpe:/a:oracle:communications:12.11.0`	12.11.0
Oracle Communications 4.1.0 Oracle / Communications	`cpe:/a:oracle:communications:4.1.0`	4.1.0
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Oracle Communications 4.2.0 Oracle / Communications	`cpe:/a:oracle:communications:4.2.0`	4.2.0
Oracle Communications 9.2.0 Oracle / Communications	`cpe:/a:oracle:communications:9.2.0`	9.2.0
Oracle Communications 9.3.0 Oracle / Communications	`cpe:/a:oracle:communications:9.3.0`	9.3.0
Oracle Communications 23.4.1 Oracle / Communications	`cpe:/a:oracle:communications:23.4.1`	23.4.1
Oracle Communications 12.11.3 Oracle / Communications	`cpe:/a:oracle:communications:12.11.3`	12.11.3
Oracle Communications 12.11.4 Oracle / Communications	`cpe:/a:oracle:communications:12.11.4`	12.11.4
Oracle Communications 10.5 Oracle / Communications	`cpe:/a:oracle:communications:10.5`	10.5
Oracle Communications 24.2.0 Oracle / Communications	`cpe:/a:oracle:communications:24.2.0`	24.2.0
Oracle Communications 5.2 Oracle / Communications	`cpe:/a:oracle:communications:5.2`	5.2
Oracle Communications 24.1.0 Oracle / Communications	`cpe:/a:oracle:communications:24.1.0`	24.1.0
Oracle Communications 46.6.4 Oracle / Communications	`cpe:/a:oracle:communications:46.6.4`	46.6.4
Oracle Communications 23.4.2 Oracle / Communications	`cpe:/a:oracle:communications:23.4.2`	23.4.2
Oracle Communications 46.6.5 Oracle / Communications	`cpe:/a:oracle:communications:46.6.5`	46.6.5
Oracle Communications 15.0.0.0.0 Oracle / Communications	`cpe:/a:oracle:communications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications 23.4.0 Oracle / Communications	`cpe:/a:oracle:communications:23.4.0`	23.4.0
Oracle Communications 23.1.0 Oracle / Communications	`cpe:/a:oracle:communications:23.1.0`	23.1.0
Oracle Communications 12.6.1.0.0 Oracle / Communications	`cpe:/a:oracle:communications:12.6.1.0.0`	12.6.1.0.0
Oracle Communications 5.1 Oracle / Communications	`cpe:/a:oracle:communications:5.1`	5.1

Last affected 5 products

Product	Identifier	Version	Remediation
Oracle Communications <=23.4.3 Oracle / Communications		<=23.4.3
Oracle Communications <=23.4.4 Oracle / Communications		<=23.4.4
Oracle Communications <=8.6.0.6 Oracle / Communications		<=8.6.0.6
Oracle Communications <=8.6.0.8 Oracle / Communications		<=8.6.0.8
Oracle Communications <=9.0.3 Oracle / Communications		<=9.0.3

CVE-2023-52425

Affected products

Known affected 21 products

Product	Identifier	Version
Oracle Communications 12.11.0 Oracle / Communications	`cpe:/a:oracle:communications:12.11.0`	12.11.0
Oracle Communications 4.1.0 Oracle / Communications	`cpe:/a:oracle:communications:4.1.0`	4.1.0
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Oracle Communications 4.2.0 Oracle / Communications	`cpe:/a:oracle:communications:4.2.0`	4.2.0
Oracle Communications 9.2.0 Oracle / Communications	`cpe:/a:oracle:communications:9.2.0`	9.2.0
Oracle Communications 9.3.0 Oracle / Communications	`cpe:/a:oracle:communications:9.3.0`	9.3.0
Oracle Communications 23.4.1 Oracle / Communications	`cpe:/a:oracle:communications:23.4.1`	23.4.1
Oracle Communications 12.11.3 Oracle / Communications	`cpe:/a:oracle:communications:12.11.3`	12.11.3
Oracle Communications 12.11.4 Oracle / Communications	`cpe:/a:oracle:communications:12.11.4`	12.11.4
Oracle Communications 10.5 Oracle / Communications	`cpe:/a:oracle:communications:10.5`	10.5
Oracle Communications 24.2.0 Oracle / Communications	`cpe:/a:oracle:communications:24.2.0`	24.2.0
Oracle Communications 5.2 Oracle / Communications	`cpe:/a:oracle:communications:5.2`	5.2
Oracle Communications 24.1.0 Oracle / Communications	`cpe:/a:oracle:communications:24.1.0`	24.1.0
Oracle Communications 46.6.4 Oracle / Communications	`cpe:/a:oracle:communications:46.6.4`	46.6.4
Oracle Communications 23.4.2 Oracle / Communications	`cpe:/a:oracle:communications:23.4.2`	23.4.2
Oracle Communications 46.6.5 Oracle / Communications	`cpe:/a:oracle:communications:46.6.5`	46.6.5
Oracle Communications 15.0.0.0.0 Oracle / Communications	`cpe:/a:oracle:communications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications 23.4.0 Oracle / Communications	`cpe:/a:oracle:communications:23.4.0`	23.4.0
Oracle Communications 23.1.0 Oracle / Communications	`cpe:/a:oracle:communications:23.1.0`	23.1.0
Oracle Communications 12.6.1.0.0 Oracle / Communications	`cpe:/a:oracle:communications:12.6.1.0.0`	12.6.1.0.0
Oracle Communications 5.1 Oracle / Communications	`cpe:/a:oracle:communications:5.1`	5.1

Last affected 5 products

Product	Identifier	Version	Remediation
Oracle Communications <=23.4.3 Oracle / Communications		<=23.4.3
Oracle Communications <=23.4.4 Oracle / Communications		<=23.4.4
Oracle Communications <=8.6.0.6 Oracle / Communications		<=8.6.0.6
Oracle Communications <=8.6.0.8 Oracle / Communications		<=8.6.0.8
Oracle Communications <=9.0.3 Oracle / Communications		<=9.0.3

CVE-2023-5685

Affected products

Known affected 21 products

Product	Identifier	Version
Oracle Communications 12.11.0 Oracle / Communications	`cpe:/a:oracle:communications:12.11.0`	12.11.0
Oracle Communications 4.1.0 Oracle / Communications	`cpe:/a:oracle:communications:4.1.0`	4.1.0
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Oracle Communications 4.2.0 Oracle / Communications	`cpe:/a:oracle:communications:4.2.0`	4.2.0
Oracle Communications 9.2.0 Oracle / Communications	`cpe:/a:oracle:communications:9.2.0`	9.2.0
Oracle Communications 9.3.0 Oracle / Communications	`cpe:/a:oracle:communications:9.3.0`	9.3.0
Oracle Communications 23.4.1 Oracle / Communications	`cpe:/a:oracle:communications:23.4.1`	23.4.1
Oracle Communications 12.11.3 Oracle / Communications	`cpe:/a:oracle:communications:12.11.3`	12.11.3
Oracle Communications 12.11.4 Oracle / Communications	`cpe:/a:oracle:communications:12.11.4`	12.11.4
Oracle Communications 10.5 Oracle / Communications	`cpe:/a:oracle:communications:10.5`	10.5
Oracle Communications 24.2.0 Oracle / Communications	`cpe:/a:oracle:communications:24.2.0`	24.2.0
Oracle Communications 5.2 Oracle / Communications	`cpe:/a:oracle:communications:5.2`	5.2
Oracle Communications 24.1.0 Oracle / Communications	`cpe:/a:oracle:communications:24.1.0`	24.1.0
Oracle Communications 46.6.4 Oracle / Communications	`cpe:/a:oracle:communications:46.6.4`	46.6.4
Oracle Communications 23.4.2 Oracle / Communications	`cpe:/a:oracle:communications:23.4.2`	23.4.2
Oracle Communications 46.6.5 Oracle / Communications	`cpe:/a:oracle:communications:46.6.5`	46.6.5
Oracle Communications 15.0.0.0.0 Oracle / Communications	`cpe:/a:oracle:communications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications 23.4.0 Oracle / Communications	`cpe:/a:oracle:communications:23.4.0`	23.4.0
Oracle Communications 23.1.0 Oracle / Communications	`cpe:/a:oracle:communications:23.1.0`	23.1.0
Oracle Communications 12.6.1.0.0 Oracle / Communications	`cpe:/a:oracle:communications:12.6.1.0.0`	12.6.1.0.0
Oracle Communications 5.1 Oracle / Communications	`cpe:/a:oracle:communications:5.1`	5.1

Last affected 5 products

Product	Identifier	Version	Remediation
Oracle Communications <=23.4.3 Oracle / Communications		<=23.4.3
Oracle Communications <=23.4.4 Oracle / Communications		<=23.4.4
Oracle Communications <=8.6.0.6 Oracle / Communications		<=8.6.0.6
Oracle Communications <=8.6.0.8 Oracle / Communications		<=8.6.0.8
Oracle Communications <=9.0.3 Oracle / Communications		<=9.0.3

CVE-2024-0450

Affected products

Known affected 21 products

Product	Identifier	Version
Oracle Communications 12.11.0 Oracle / Communications	`cpe:/a:oracle:communications:12.11.0`	12.11.0
Oracle Communications 4.1.0 Oracle / Communications	`cpe:/a:oracle:communications:4.1.0`	4.1.0
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Oracle Communications 4.2.0 Oracle / Communications	`cpe:/a:oracle:communications:4.2.0`	4.2.0
Oracle Communications 9.2.0 Oracle / Communications	`cpe:/a:oracle:communications:9.2.0`	9.2.0
Oracle Communications 9.3.0 Oracle / Communications	`cpe:/a:oracle:communications:9.3.0`	9.3.0
Oracle Communications 23.4.1 Oracle / Communications	`cpe:/a:oracle:communications:23.4.1`	23.4.1
Oracle Communications 12.11.3 Oracle / Communications	`cpe:/a:oracle:communications:12.11.3`	12.11.3
Oracle Communications 12.11.4 Oracle / Communications	`cpe:/a:oracle:communications:12.11.4`	12.11.4
Oracle Communications 10.5 Oracle / Communications	`cpe:/a:oracle:communications:10.5`	10.5
Oracle Communications 24.2.0 Oracle / Communications	`cpe:/a:oracle:communications:24.2.0`	24.2.0
Oracle Communications 5.2 Oracle / Communications	`cpe:/a:oracle:communications:5.2`	5.2
Oracle Communications 24.1.0 Oracle / Communications	`cpe:/a:oracle:communications:24.1.0`	24.1.0
Oracle Communications 46.6.4 Oracle / Communications	`cpe:/a:oracle:communications:46.6.4`	46.6.4
Oracle Communications 23.4.2 Oracle / Communications	`cpe:/a:oracle:communications:23.4.2`	23.4.2
Oracle Communications 46.6.5 Oracle / Communications	`cpe:/a:oracle:communications:46.6.5`	46.6.5
Oracle Communications 15.0.0.0.0 Oracle / Communications	`cpe:/a:oracle:communications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications 23.4.0 Oracle / Communications	`cpe:/a:oracle:communications:23.4.0`	23.4.0
Oracle Communications 23.1.0 Oracle / Communications	`cpe:/a:oracle:communications:23.1.0`	23.1.0
Oracle Communications 12.6.1.0.0 Oracle / Communications	`cpe:/a:oracle:communications:12.6.1.0.0`	12.6.1.0.0
Oracle Communications 5.1 Oracle / Communications	`cpe:/a:oracle:communications:5.1`	5.1

Last affected 5 products

Product	Identifier	Version	Remediation
Oracle Communications <=23.4.3 Oracle / Communications		<=23.4.3
Oracle Communications <=23.4.4 Oracle / Communications		<=23.4.4
Oracle Communications <=8.6.0.6 Oracle / Communications		<=8.6.0.6
Oracle Communications <=8.6.0.8 Oracle / Communications		<=8.6.0.8
Oracle Communications <=9.0.3 Oracle / Communications		<=9.0.3

CVE-2024-22019

Affected products

Known affected 21 products

Product	Identifier	Version
Oracle Communications 12.11.0 Oracle / Communications	`cpe:/a:oracle:communications:12.11.0`	12.11.0
Oracle Communications 4.1.0 Oracle / Communications	`cpe:/a:oracle:communications:4.1.0`	4.1.0
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Oracle Communications 4.2.0 Oracle / Communications	`cpe:/a:oracle:communications:4.2.0`	4.2.0
Oracle Communications 9.2.0 Oracle / Communications	`cpe:/a:oracle:communications:9.2.0`	9.2.0
Oracle Communications 9.3.0 Oracle / Communications	`cpe:/a:oracle:communications:9.3.0`	9.3.0
Oracle Communications 23.4.1 Oracle / Communications	`cpe:/a:oracle:communications:23.4.1`	23.4.1
Oracle Communications 12.11.3 Oracle / Communications	`cpe:/a:oracle:communications:12.11.3`	12.11.3
Oracle Communications 12.11.4 Oracle / Communications	`cpe:/a:oracle:communications:12.11.4`	12.11.4
Oracle Communications 10.5 Oracle / Communications	`cpe:/a:oracle:communications:10.5`	10.5
Oracle Communications 24.2.0 Oracle / Communications	`cpe:/a:oracle:communications:24.2.0`	24.2.0
Oracle Communications 5.2 Oracle / Communications	`cpe:/a:oracle:communications:5.2`	5.2
Oracle Communications 24.1.0 Oracle / Communications	`cpe:/a:oracle:communications:24.1.0`	24.1.0
Oracle Communications 46.6.4 Oracle / Communications	`cpe:/a:oracle:communications:46.6.4`	46.6.4
Oracle Communications 23.4.2 Oracle / Communications	`cpe:/a:oracle:communications:23.4.2`	23.4.2
Oracle Communications 46.6.5 Oracle / Communications	`cpe:/a:oracle:communications:46.6.5`	46.6.5
Oracle Communications 15.0.0.0.0 Oracle / Communications	`cpe:/a:oracle:communications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications 23.4.0 Oracle / Communications	`cpe:/a:oracle:communications:23.4.0`	23.4.0
Oracle Communications 23.1.0 Oracle / Communications	`cpe:/a:oracle:communications:23.1.0`	23.1.0
Oracle Communications 12.6.1.0.0 Oracle / Communications	`cpe:/a:oracle:communications:12.6.1.0.0`	12.6.1.0.0
Oracle Communications 5.1 Oracle / Communications	`cpe:/a:oracle:communications:5.1`	5.1

Last affected 5 products

Product	Identifier	Version	Remediation
Oracle Communications <=23.4.3 Oracle / Communications		<=23.4.3
Oracle Communications <=23.4.4 Oracle / Communications		<=23.4.4
Oracle Communications <=8.6.0.6 Oracle / Communications		<=8.6.0.6
Oracle Communications <=8.6.0.8 Oracle / Communications		<=8.6.0.8
Oracle Communications <=9.0.3 Oracle / Communications		<=9.0.3

CVE-2024-22201

Affected products

Known affected 21 products

Product	Identifier	Version
Oracle Communications 12.11.0 Oracle / Communications	`cpe:/a:oracle:communications:12.11.0`	12.11.0
Oracle Communications 4.1.0 Oracle / Communications	`cpe:/a:oracle:communications:4.1.0`	4.1.0
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Oracle Communications 4.2.0 Oracle / Communications	`cpe:/a:oracle:communications:4.2.0`	4.2.0
Oracle Communications 9.2.0 Oracle / Communications	`cpe:/a:oracle:communications:9.2.0`	9.2.0
Oracle Communications 9.3.0 Oracle / Communications	`cpe:/a:oracle:communications:9.3.0`	9.3.0
Oracle Communications 23.4.1 Oracle / Communications	`cpe:/a:oracle:communications:23.4.1`	23.4.1
Oracle Communications 12.11.3 Oracle / Communications	`cpe:/a:oracle:communications:12.11.3`	12.11.3
Oracle Communications 12.11.4 Oracle / Communications	`cpe:/a:oracle:communications:12.11.4`	12.11.4
Oracle Communications 10.5 Oracle / Communications	`cpe:/a:oracle:communications:10.5`	10.5
Oracle Communications 24.2.0 Oracle / Communications	`cpe:/a:oracle:communications:24.2.0`	24.2.0
Oracle Communications 5.2 Oracle / Communications	`cpe:/a:oracle:communications:5.2`	5.2
Oracle Communications 24.1.0 Oracle / Communications	`cpe:/a:oracle:communications:24.1.0`	24.1.0
Oracle Communications 46.6.4 Oracle / Communications	`cpe:/a:oracle:communications:46.6.4`	46.6.4
Oracle Communications 23.4.2 Oracle / Communications	`cpe:/a:oracle:communications:23.4.2`	23.4.2
Oracle Communications 46.6.5 Oracle / Communications	`cpe:/a:oracle:communications:46.6.5`	46.6.5
Oracle Communications 15.0.0.0.0 Oracle / Communications	`cpe:/a:oracle:communications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications 23.4.0 Oracle / Communications	`cpe:/a:oracle:communications:23.4.0`	23.4.0
Oracle Communications 23.1.0 Oracle / Communications	`cpe:/a:oracle:communications:23.1.0`	23.1.0
Oracle Communications 12.6.1.0.0 Oracle / Communications	`cpe:/a:oracle:communications:12.6.1.0.0`	12.6.1.0.0
Oracle Communications 5.1 Oracle / Communications	`cpe:/a:oracle:communications:5.1`	5.1

Last affected 5 products

Product	Identifier	Version	Remediation
Oracle Communications <=23.4.3 Oracle / Communications		<=23.4.3
Oracle Communications <=23.4.4 Oracle / Communications		<=23.4.4
Oracle Communications <=8.6.0.6 Oracle / Communications		<=8.6.0.6
Oracle Communications <=8.6.0.8 Oracle / Communications		<=8.6.0.8
Oracle Communications <=9.0.3 Oracle / Communications		<=9.0.3

CVE-2024-22234

Affected products

Known affected 21 products

Product	Identifier	Version
Oracle Communications 12.11.0 Oracle / Communications	`cpe:/a:oracle:communications:12.11.0`	12.11.0
Oracle Communications 4.1.0 Oracle / Communications	`cpe:/a:oracle:communications:4.1.0`	4.1.0
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Oracle Communications 4.2.0 Oracle / Communications	`cpe:/a:oracle:communications:4.2.0`	4.2.0
Oracle Communications 9.2.0 Oracle / Communications	`cpe:/a:oracle:communications:9.2.0`	9.2.0
Oracle Communications 9.3.0 Oracle / Communications	`cpe:/a:oracle:communications:9.3.0`	9.3.0
Oracle Communications 23.4.1 Oracle / Communications	`cpe:/a:oracle:communications:23.4.1`	23.4.1
Oracle Communications 12.11.3 Oracle / Communications	`cpe:/a:oracle:communications:12.11.3`	12.11.3
Oracle Communications 12.11.4 Oracle / Communications	`cpe:/a:oracle:communications:12.11.4`	12.11.4
Oracle Communications 10.5 Oracle / Communications	`cpe:/a:oracle:communications:10.5`	10.5
Oracle Communications 24.2.0 Oracle / Communications	`cpe:/a:oracle:communications:24.2.0`	24.2.0
Oracle Communications 5.2 Oracle / Communications	`cpe:/a:oracle:communications:5.2`	5.2
Oracle Communications 24.1.0 Oracle / Communications	`cpe:/a:oracle:communications:24.1.0`	24.1.0
Oracle Communications 46.6.4 Oracle / Communications	`cpe:/a:oracle:communications:46.6.4`	46.6.4
Oracle Communications 23.4.2 Oracle / Communications	`cpe:/a:oracle:communications:23.4.2`	23.4.2
Oracle Communications 46.6.5 Oracle / Communications	`cpe:/a:oracle:communications:46.6.5`	46.6.5
Oracle Communications 15.0.0.0.0 Oracle / Communications	`cpe:/a:oracle:communications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications 23.4.0 Oracle / Communications	`cpe:/a:oracle:communications:23.4.0`	23.4.0
Oracle Communications 23.1.0 Oracle / Communications	`cpe:/a:oracle:communications:23.1.0`	23.1.0
Oracle Communications 12.6.1.0.0 Oracle / Communications	`cpe:/a:oracle:communications:12.6.1.0.0`	12.6.1.0.0
Oracle Communications 5.1 Oracle / Communications	`cpe:/a:oracle:communications:5.1`	5.1

Last affected 5 products

Product	Identifier	Version	Remediation
Oracle Communications <=23.4.3 Oracle / Communications		<=23.4.3
Oracle Communications <=23.4.4 Oracle / Communications		<=23.4.4
Oracle Communications <=8.6.0.6 Oracle / Communications		<=8.6.0.6
Oracle Communications <=8.6.0.8 Oracle / Communications		<=8.6.0.8
Oracle Communications <=9.0.3 Oracle / Communications		<=9.0.3

CVE-2024-22257

Affected products

Known affected 21 products

Product	Identifier	Version
Oracle Communications 12.11.0 Oracle / Communications	`cpe:/a:oracle:communications:12.11.0`	12.11.0
Oracle Communications 4.1.0 Oracle / Communications	`cpe:/a:oracle:communications:4.1.0`	4.1.0
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Oracle Communications 4.2.0 Oracle / Communications	`cpe:/a:oracle:communications:4.2.0`	4.2.0
Oracle Communications 9.2.0 Oracle / Communications	`cpe:/a:oracle:communications:9.2.0`	9.2.0
Oracle Communications 9.3.0 Oracle / Communications	`cpe:/a:oracle:communications:9.3.0`	9.3.0
Oracle Communications 23.4.1 Oracle / Communications	`cpe:/a:oracle:communications:23.4.1`	23.4.1
Oracle Communications 12.11.3 Oracle / Communications	`cpe:/a:oracle:communications:12.11.3`	12.11.3
Oracle Communications 12.11.4 Oracle / Communications	`cpe:/a:oracle:communications:12.11.4`	12.11.4
Oracle Communications 10.5 Oracle / Communications	`cpe:/a:oracle:communications:10.5`	10.5
Oracle Communications 24.2.0 Oracle / Communications	`cpe:/a:oracle:communications:24.2.0`	24.2.0
Oracle Communications 5.2 Oracle / Communications	`cpe:/a:oracle:communications:5.2`	5.2
Oracle Communications 24.1.0 Oracle / Communications	`cpe:/a:oracle:communications:24.1.0`	24.1.0
Oracle Communications 46.6.4 Oracle / Communications	`cpe:/a:oracle:communications:46.6.4`	46.6.4
Oracle Communications 23.4.2 Oracle / Communications	`cpe:/a:oracle:communications:23.4.2`	23.4.2
Oracle Communications 46.6.5 Oracle / Communications	`cpe:/a:oracle:communications:46.6.5`	46.6.5
Oracle Communications 15.0.0.0.0 Oracle / Communications	`cpe:/a:oracle:communications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications 23.4.0 Oracle / Communications	`cpe:/a:oracle:communications:23.4.0`	23.4.0
Oracle Communications 23.1.0 Oracle / Communications	`cpe:/a:oracle:communications:23.1.0`	23.1.0
Oracle Communications 12.6.1.0.0 Oracle / Communications	`cpe:/a:oracle:communications:12.6.1.0.0`	12.6.1.0.0
Oracle Communications 5.1 Oracle / Communications	`cpe:/a:oracle:communications:5.1`	5.1

Last affected 5 products

Product	Identifier	Version	Remediation
Oracle Communications <=23.4.3 Oracle / Communications		<=23.4.3
Oracle Communications <=23.4.4 Oracle / Communications		<=23.4.4
Oracle Communications <=8.6.0.6 Oracle / Communications		<=8.6.0.6
Oracle Communications <=8.6.0.8 Oracle / Communications		<=8.6.0.8
Oracle Communications <=9.0.3 Oracle / Communications		<=9.0.3

CVE-2024-22262

Affected products

Known affected 21 products

Product	Identifier	Version
Oracle Communications 12.11.0 Oracle / Communications	`cpe:/a:oracle:communications:12.11.0`	12.11.0
Oracle Communications 4.1.0 Oracle / Communications	`cpe:/a:oracle:communications:4.1.0`	4.1.0
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Oracle Communications 4.2.0 Oracle / Communications	`cpe:/a:oracle:communications:4.2.0`	4.2.0
Oracle Communications 9.2.0 Oracle / Communications	`cpe:/a:oracle:communications:9.2.0`	9.2.0
Oracle Communications 9.3.0 Oracle / Communications	`cpe:/a:oracle:communications:9.3.0`	9.3.0
Oracle Communications 23.4.1 Oracle / Communications	`cpe:/a:oracle:communications:23.4.1`	23.4.1
Oracle Communications 12.11.3 Oracle / Communications	`cpe:/a:oracle:communications:12.11.3`	12.11.3
Oracle Communications 12.11.4 Oracle / Communications	`cpe:/a:oracle:communications:12.11.4`	12.11.4
Oracle Communications 10.5 Oracle / Communications	`cpe:/a:oracle:communications:10.5`	10.5
Oracle Communications 24.2.0 Oracle / Communications	`cpe:/a:oracle:communications:24.2.0`	24.2.0
Oracle Communications 5.2 Oracle / Communications	`cpe:/a:oracle:communications:5.2`	5.2
Oracle Communications 24.1.0 Oracle / Communications	`cpe:/a:oracle:communications:24.1.0`	24.1.0
Oracle Communications 46.6.4 Oracle / Communications	`cpe:/a:oracle:communications:46.6.4`	46.6.4
Oracle Communications 23.4.2 Oracle / Communications	`cpe:/a:oracle:communications:23.4.2`	23.4.2
Oracle Communications 46.6.5 Oracle / Communications	`cpe:/a:oracle:communications:46.6.5`	46.6.5
Oracle Communications 15.0.0.0.0 Oracle / Communications	`cpe:/a:oracle:communications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications 23.4.0 Oracle / Communications	`cpe:/a:oracle:communications:23.4.0`	23.4.0
Oracle Communications 23.1.0 Oracle / Communications	`cpe:/a:oracle:communications:23.1.0`	23.1.0
Oracle Communications 12.6.1.0.0 Oracle / Communications	`cpe:/a:oracle:communications:12.6.1.0.0`	12.6.1.0.0
Oracle Communications 5.1 Oracle / Communications	`cpe:/a:oracle:communications:5.1`	5.1

Last affected 5 products

Product	Identifier	Version	Remediation
Oracle Communications <=23.4.3 Oracle / Communications		<=23.4.3
Oracle Communications <=23.4.4 Oracle / Communications		<=23.4.4
Oracle Communications <=8.6.0.6 Oracle / Communications		<=8.6.0.6
Oracle Communications <=8.6.0.8 Oracle / Communications		<=8.6.0.8
Oracle Communications <=9.0.3 Oracle / Communications		<=9.0.3

CVE-2024-23672

Affected products

Known affected 21 products

Product	Identifier	Version
Oracle Communications 12.11.0 Oracle / Communications	`cpe:/a:oracle:communications:12.11.0`	12.11.0
Oracle Communications 4.1.0 Oracle / Communications	`cpe:/a:oracle:communications:4.1.0`	4.1.0
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Oracle Communications 4.2.0 Oracle / Communications	`cpe:/a:oracle:communications:4.2.0`	4.2.0
Oracle Communications 9.2.0 Oracle / Communications	`cpe:/a:oracle:communications:9.2.0`	9.2.0
Oracle Communications 9.3.0 Oracle / Communications	`cpe:/a:oracle:communications:9.3.0`	9.3.0
Oracle Communications 23.4.1 Oracle / Communications	`cpe:/a:oracle:communications:23.4.1`	23.4.1
Oracle Communications 12.11.3 Oracle / Communications	`cpe:/a:oracle:communications:12.11.3`	12.11.3
Oracle Communications 12.11.4 Oracle / Communications	`cpe:/a:oracle:communications:12.11.4`	12.11.4
Oracle Communications 10.5 Oracle / Communications	`cpe:/a:oracle:communications:10.5`	10.5
Oracle Communications 24.2.0 Oracle / Communications	`cpe:/a:oracle:communications:24.2.0`	24.2.0
Oracle Communications 5.2 Oracle / Communications	`cpe:/a:oracle:communications:5.2`	5.2
Oracle Communications 24.1.0 Oracle / Communications	`cpe:/a:oracle:communications:24.1.0`	24.1.0
Oracle Communications 46.6.4 Oracle / Communications	`cpe:/a:oracle:communications:46.6.4`	46.6.4
Oracle Communications 23.4.2 Oracle / Communications	`cpe:/a:oracle:communications:23.4.2`	23.4.2
Oracle Communications 46.6.5 Oracle / Communications	`cpe:/a:oracle:communications:46.6.5`	46.6.5
Oracle Communications 15.0.0.0.0 Oracle / Communications	`cpe:/a:oracle:communications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications 23.4.0 Oracle / Communications	`cpe:/a:oracle:communications:23.4.0`	23.4.0
Oracle Communications 23.1.0 Oracle / Communications	`cpe:/a:oracle:communications:23.1.0`	23.1.0
Oracle Communications 12.6.1.0.0 Oracle / Communications	`cpe:/a:oracle:communications:12.6.1.0.0`	12.6.1.0.0
Oracle Communications 5.1 Oracle / Communications	`cpe:/a:oracle:communications:5.1`	5.1

Last affected 5 products

Product	Identifier	Version	Remediation
Oracle Communications <=23.4.3 Oracle / Communications		<=23.4.3
Oracle Communications <=23.4.4 Oracle / Communications		<=23.4.4
Oracle Communications <=8.6.0.6 Oracle / Communications		<=8.6.0.6
Oracle Communications <=8.6.0.8 Oracle / Communications		<=8.6.0.8
Oracle Communications <=9.0.3 Oracle / Communications		<=9.0.3

CVE-2024-23807

Affected products

Known affected 21 products

Product	Identifier	Version
Oracle Communications 12.11.0 Oracle / Communications	`cpe:/a:oracle:communications:12.11.0`	12.11.0
Oracle Communications 4.1.0 Oracle / Communications	`cpe:/a:oracle:communications:4.1.0`	4.1.0
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Oracle Communications 4.2.0 Oracle / Communications	`cpe:/a:oracle:communications:4.2.0`	4.2.0
Oracle Communications 9.2.0 Oracle / Communications	`cpe:/a:oracle:communications:9.2.0`	9.2.0
Oracle Communications 9.3.0 Oracle / Communications	`cpe:/a:oracle:communications:9.3.0`	9.3.0
Oracle Communications 23.4.1 Oracle / Communications	`cpe:/a:oracle:communications:23.4.1`	23.4.1
Oracle Communications 12.11.3 Oracle / Communications	`cpe:/a:oracle:communications:12.11.3`	12.11.3
Oracle Communications 12.11.4 Oracle / Communications	`cpe:/a:oracle:communications:12.11.4`	12.11.4
Oracle Communications 10.5 Oracle / Communications	`cpe:/a:oracle:communications:10.5`	10.5
Oracle Communications 24.2.0 Oracle / Communications	`cpe:/a:oracle:communications:24.2.0`	24.2.0
Oracle Communications 5.2 Oracle / Communications	`cpe:/a:oracle:communications:5.2`	5.2
Oracle Communications 24.1.0 Oracle / Communications	`cpe:/a:oracle:communications:24.1.0`	24.1.0
Oracle Communications 46.6.4 Oracle / Communications	`cpe:/a:oracle:communications:46.6.4`	46.6.4
Oracle Communications 23.4.2 Oracle / Communications	`cpe:/a:oracle:communications:23.4.2`	23.4.2
Oracle Communications 46.6.5 Oracle / Communications	`cpe:/a:oracle:communications:46.6.5`	46.6.5
Oracle Communications 15.0.0.0.0 Oracle / Communications	`cpe:/a:oracle:communications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications 23.4.0 Oracle / Communications	`cpe:/a:oracle:communications:23.4.0`	23.4.0
Oracle Communications 23.1.0 Oracle / Communications	`cpe:/a:oracle:communications:23.1.0`	23.1.0
Oracle Communications 12.6.1.0.0 Oracle / Communications	`cpe:/a:oracle:communications:12.6.1.0.0`	12.6.1.0.0
Oracle Communications 5.1 Oracle / Communications	`cpe:/a:oracle:communications:5.1`	5.1

Last affected 5 products

Product	Identifier	Version	Remediation
Oracle Communications <=23.4.3 Oracle / Communications		<=23.4.3
Oracle Communications <=23.4.4 Oracle / Communications		<=23.4.4
Oracle Communications <=8.6.0.6 Oracle / Communications		<=8.6.0.6
Oracle Communications <=8.6.0.8 Oracle / Communications		<=8.6.0.8
Oracle Communications <=9.0.3 Oracle / Communications		<=9.0.3

CVE-2024-23897

Affected products

Known affected 21 products

Product	Identifier	Version
Oracle Communications 12.11.0 Oracle / Communications	`cpe:/a:oracle:communications:12.11.0`	12.11.0
Oracle Communications 4.1.0 Oracle / Communications	`cpe:/a:oracle:communications:4.1.0`	4.1.0
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Oracle Communications 4.2.0 Oracle / Communications	`cpe:/a:oracle:communications:4.2.0`	4.2.0
Oracle Communications 9.2.0 Oracle / Communications	`cpe:/a:oracle:communications:9.2.0`	9.2.0
Oracle Communications 9.3.0 Oracle / Communications	`cpe:/a:oracle:communications:9.3.0`	9.3.0
Oracle Communications 23.4.1 Oracle / Communications	`cpe:/a:oracle:communications:23.4.1`	23.4.1
Oracle Communications 12.11.3 Oracle / Communications	`cpe:/a:oracle:communications:12.11.3`	12.11.3
Oracle Communications 12.11.4 Oracle / Communications	`cpe:/a:oracle:communications:12.11.4`	12.11.4
Oracle Communications 10.5 Oracle / Communications	`cpe:/a:oracle:communications:10.5`	10.5
Oracle Communications 24.2.0 Oracle / Communications	`cpe:/a:oracle:communications:24.2.0`	24.2.0
Oracle Communications 5.2 Oracle / Communications	`cpe:/a:oracle:communications:5.2`	5.2
Oracle Communications 24.1.0 Oracle / Communications	`cpe:/a:oracle:communications:24.1.0`	24.1.0
Oracle Communications 46.6.4 Oracle / Communications	`cpe:/a:oracle:communications:46.6.4`	46.6.4
Oracle Communications 23.4.2 Oracle / Communications	`cpe:/a:oracle:communications:23.4.2`	23.4.2
Oracle Communications 46.6.5 Oracle / Communications	`cpe:/a:oracle:communications:46.6.5`	46.6.5
Oracle Communications 15.0.0.0.0 Oracle / Communications	`cpe:/a:oracle:communications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications 23.4.0 Oracle / Communications	`cpe:/a:oracle:communications:23.4.0`	23.4.0
Oracle Communications 23.1.0 Oracle / Communications	`cpe:/a:oracle:communications:23.1.0`	23.1.0
Oracle Communications 12.6.1.0.0 Oracle / Communications	`cpe:/a:oracle:communications:12.6.1.0.0`	12.6.1.0.0
Oracle Communications 5.1 Oracle / Communications	`cpe:/a:oracle:communications:5.1`	5.1

Last affected 5 products

Product	Identifier	Version	Remediation
Oracle Communications <=23.4.3 Oracle / Communications		<=23.4.3
Oracle Communications <=23.4.4 Oracle / Communications		<=23.4.4
Oracle Communications <=8.6.0.6 Oracle / Communications		<=8.6.0.6
Oracle Communications <=8.6.0.8 Oracle / Communications		<=8.6.0.8
Oracle Communications <=9.0.3 Oracle / Communications		<=9.0.3

CVE-2024-24549

Affected products

Known affected 21 products

Product	Identifier	Version
Oracle Communications 12.11.0 Oracle / Communications	`cpe:/a:oracle:communications:12.11.0`	12.11.0
Oracle Communications 4.1.0 Oracle / Communications	`cpe:/a:oracle:communications:4.1.0`	4.1.0
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Oracle Communications 4.2.0 Oracle / Communications	`cpe:/a:oracle:communications:4.2.0`	4.2.0
Oracle Communications 9.2.0 Oracle / Communications	`cpe:/a:oracle:communications:9.2.0`	9.2.0
Oracle Communications 9.3.0 Oracle / Communications	`cpe:/a:oracle:communications:9.3.0`	9.3.0
Oracle Communications 23.4.1 Oracle / Communications	`cpe:/a:oracle:communications:23.4.1`	23.4.1
Oracle Communications 12.11.3 Oracle / Communications	`cpe:/a:oracle:communications:12.11.3`	12.11.3
Oracle Communications 12.11.4 Oracle / Communications	`cpe:/a:oracle:communications:12.11.4`	12.11.4
Oracle Communications 10.5 Oracle / Communications	`cpe:/a:oracle:communications:10.5`	10.5
Oracle Communications 24.2.0 Oracle / Communications	`cpe:/a:oracle:communications:24.2.0`	24.2.0
Oracle Communications 5.2 Oracle / Communications	`cpe:/a:oracle:communications:5.2`	5.2
Oracle Communications 24.1.0 Oracle / Communications	`cpe:/a:oracle:communications:24.1.0`	24.1.0
Oracle Communications 46.6.4 Oracle / Communications	`cpe:/a:oracle:communications:46.6.4`	46.6.4
Oracle Communications 23.4.2 Oracle / Communications	`cpe:/a:oracle:communications:23.4.2`	23.4.2
Oracle Communications 46.6.5 Oracle / Communications	`cpe:/a:oracle:communications:46.6.5`	46.6.5
Oracle Communications 15.0.0.0.0 Oracle / Communications	`cpe:/a:oracle:communications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications 23.4.0 Oracle / Communications	`cpe:/a:oracle:communications:23.4.0`	23.4.0
Oracle Communications 23.1.0 Oracle / Communications	`cpe:/a:oracle:communications:23.1.0`	23.1.0
Oracle Communications 12.6.1.0.0 Oracle / Communications	`cpe:/a:oracle:communications:12.6.1.0.0`	12.6.1.0.0
Oracle Communications 5.1 Oracle / Communications	`cpe:/a:oracle:communications:5.1`	5.1

Last affected 5 products

Product	Identifier	Version	Remediation
Oracle Communications <=23.4.3 Oracle / Communications		<=23.4.3
Oracle Communications <=23.4.4 Oracle / Communications		<=23.4.4
Oracle Communications <=8.6.0.6 Oracle / Communications		<=8.6.0.6
Oracle Communications <=8.6.0.8 Oracle / Communications		<=8.6.0.8
Oracle Communications <=9.0.3 Oracle / Communications		<=9.0.3

CVE-2024-25062

Affected products

Known affected 21 products

Product	Identifier	Version
Oracle Communications 12.11.0 Oracle / Communications	`cpe:/a:oracle:communications:12.11.0`	12.11.0
Oracle Communications 4.1.0 Oracle / Communications	`cpe:/a:oracle:communications:4.1.0`	4.1.0
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Oracle Communications 4.2.0 Oracle / Communications	`cpe:/a:oracle:communications:4.2.0`	4.2.0
Oracle Communications 9.2.0 Oracle / Communications	`cpe:/a:oracle:communications:9.2.0`	9.2.0
Oracle Communications 9.3.0 Oracle / Communications	`cpe:/a:oracle:communications:9.3.0`	9.3.0
Oracle Communications 23.4.1 Oracle / Communications	`cpe:/a:oracle:communications:23.4.1`	23.4.1
Oracle Communications 12.11.3 Oracle / Communications	`cpe:/a:oracle:communications:12.11.3`	12.11.3
Oracle Communications 12.11.4 Oracle / Communications	`cpe:/a:oracle:communications:12.11.4`	12.11.4
Oracle Communications 10.5 Oracle / Communications	`cpe:/a:oracle:communications:10.5`	10.5
Oracle Communications 24.2.0 Oracle / Communications	`cpe:/a:oracle:communications:24.2.0`	24.2.0
Oracle Communications 5.2 Oracle / Communications	`cpe:/a:oracle:communications:5.2`	5.2
Oracle Communications 24.1.0 Oracle / Communications	`cpe:/a:oracle:communications:24.1.0`	24.1.0
Oracle Communications 46.6.4 Oracle / Communications	`cpe:/a:oracle:communications:46.6.4`	46.6.4
Oracle Communications 23.4.2 Oracle / Communications	`cpe:/a:oracle:communications:23.4.2`	23.4.2
Oracle Communications 46.6.5 Oracle / Communications	`cpe:/a:oracle:communications:46.6.5`	46.6.5
Oracle Communications 15.0.0.0.0 Oracle / Communications	`cpe:/a:oracle:communications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications 23.4.0 Oracle / Communications	`cpe:/a:oracle:communications:23.4.0`	23.4.0
Oracle Communications 23.1.0 Oracle / Communications	`cpe:/a:oracle:communications:23.1.0`	23.1.0
Oracle Communications 12.6.1.0.0 Oracle / Communications	`cpe:/a:oracle:communications:12.6.1.0.0`	12.6.1.0.0
Oracle Communications 5.1 Oracle / Communications	`cpe:/a:oracle:communications:5.1`	5.1

Last affected 5 products

Product	Identifier	Version	Remediation
Oracle Communications <=23.4.3 Oracle / Communications		<=23.4.3
Oracle Communications <=23.4.4 Oracle / Communications		<=23.4.4
Oracle Communications <=8.6.0.6 Oracle / Communications		<=8.6.0.6
Oracle Communications <=8.6.0.8 Oracle / Communications		<=8.6.0.8
Oracle Communications <=9.0.3 Oracle / Communications		<=9.0.3

CVE-2024-25710

Affected products

Known affected 21 products

Product	Identifier	Version
Oracle Communications 12.11.0 Oracle / Communications	`cpe:/a:oracle:communications:12.11.0`	12.11.0
Oracle Communications 4.1.0 Oracle / Communications	`cpe:/a:oracle:communications:4.1.0`	4.1.0
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Oracle Communications 4.2.0 Oracle / Communications	`cpe:/a:oracle:communications:4.2.0`	4.2.0
Oracle Communications 9.2.0 Oracle / Communications	`cpe:/a:oracle:communications:9.2.0`	9.2.0
Oracle Communications 9.3.0 Oracle / Communications	`cpe:/a:oracle:communications:9.3.0`	9.3.0
Oracle Communications 23.4.1 Oracle / Communications	`cpe:/a:oracle:communications:23.4.1`	23.4.1
Oracle Communications 12.11.3 Oracle / Communications	`cpe:/a:oracle:communications:12.11.3`	12.11.3
Oracle Communications 12.11.4 Oracle / Communications	`cpe:/a:oracle:communications:12.11.4`	12.11.4
Oracle Communications 10.5 Oracle / Communications	`cpe:/a:oracle:communications:10.5`	10.5
Oracle Communications 24.2.0 Oracle / Communications	`cpe:/a:oracle:communications:24.2.0`	24.2.0
Oracle Communications 5.2 Oracle / Communications	`cpe:/a:oracle:communications:5.2`	5.2
Oracle Communications 24.1.0 Oracle / Communications	`cpe:/a:oracle:communications:24.1.0`	24.1.0
Oracle Communications 46.6.4 Oracle / Communications	`cpe:/a:oracle:communications:46.6.4`	46.6.4
Oracle Communications 23.4.2 Oracle / Communications	`cpe:/a:oracle:communications:23.4.2`	23.4.2
Oracle Communications 46.6.5 Oracle / Communications	`cpe:/a:oracle:communications:46.6.5`	46.6.5
Oracle Communications 15.0.0.0.0 Oracle / Communications	`cpe:/a:oracle:communications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications 23.4.0 Oracle / Communications	`cpe:/a:oracle:communications:23.4.0`	23.4.0
Oracle Communications 23.1.0 Oracle / Communications	`cpe:/a:oracle:communications:23.1.0`	23.1.0
Oracle Communications 12.6.1.0.0 Oracle / Communications	`cpe:/a:oracle:communications:12.6.1.0.0`	12.6.1.0.0
Oracle Communications 5.1 Oracle / Communications	`cpe:/a:oracle:communications:5.1`	5.1

Last affected 5 products

Product	Identifier	Version	Remediation
Oracle Communications <=23.4.3 Oracle / Communications		<=23.4.3
Oracle Communications <=23.4.4 Oracle / Communications		<=23.4.4
Oracle Communications <=8.6.0.6 Oracle / Communications		<=8.6.0.6
Oracle Communications <=8.6.0.8 Oracle / Communications		<=8.6.0.8
Oracle Communications <=9.0.3 Oracle / Communications		<=9.0.3

CVE-2024-26130

Affected products

Known affected 21 products

Product	Identifier	Version
Oracle Communications 12.11.0 Oracle / Communications	`cpe:/a:oracle:communications:12.11.0`	12.11.0
Oracle Communications 4.1.0 Oracle / Communications	`cpe:/a:oracle:communications:4.1.0`	4.1.0
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Oracle Communications 4.2.0 Oracle / Communications	`cpe:/a:oracle:communications:4.2.0`	4.2.0
Oracle Communications 9.2.0 Oracle / Communications	`cpe:/a:oracle:communications:9.2.0`	9.2.0
Oracle Communications 9.3.0 Oracle / Communications	`cpe:/a:oracle:communications:9.3.0`	9.3.0
Oracle Communications 23.4.1 Oracle / Communications	`cpe:/a:oracle:communications:23.4.1`	23.4.1
Oracle Communications 12.11.3 Oracle / Communications	`cpe:/a:oracle:communications:12.11.3`	12.11.3
Oracle Communications 12.11.4 Oracle / Communications	`cpe:/a:oracle:communications:12.11.4`	12.11.4
Oracle Communications 10.5 Oracle / Communications	`cpe:/a:oracle:communications:10.5`	10.5
Oracle Communications 24.2.0 Oracle / Communications	`cpe:/a:oracle:communications:24.2.0`	24.2.0
Oracle Communications 5.2 Oracle / Communications	`cpe:/a:oracle:communications:5.2`	5.2
Oracle Communications 24.1.0 Oracle / Communications	`cpe:/a:oracle:communications:24.1.0`	24.1.0
Oracle Communications 46.6.4 Oracle / Communications	`cpe:/a:oracle:communications:46.6.4`	46.6.4
Oracle Communications 23.4.2 Oracle / Communications	`cpe:/a:oracle:communications:23.4.2`	23.4.2
Oracle Communications 46.6.5 Oracle / Communications	`cpe:/a:oracle:communications:46.6.5`	46.6.5
Oracle Communications 15.0.0.0.0 Oracle / Communications	`cpe:/a:oracle:communications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications 23.4.0 Oracle / Communications	`cpe:/a:oracle:communications:23.4.0`	23.4.0
Oracle Communications 23.1.0 Oracle / Communications	`cpe:/a:oracle:communications:23.1.0`	23.1.0
Oracle Communications 12.6.1.0.0 Oracle / Communications	`cpe:/a:oracle:communications:12.6.1.0.0`	12.6.1.0.0
Oracle Communications 5.1 Oracle / Communications	`cpe:/a:oracle:communications:5.1`	5.1

Last affected 5 products

Product	Identifier	Version	Remediation
Oracle Communications <=23.4.3 Oracle / Communications		<=23.4.3
Oracle Communications <=23.4.4 Oracle / Communications		<=23.4.4
Oracle Communications <=8.6.0.6 Oracle / Communications		<=8.6.0.6
Oracle Communications <=8.6.0.8 Oracle / Communications		<=8.6.0.8
Oracle Communications <=9.0.3 Oracle / Communications		<=9.0.3

CVE-2024-26308

Affected products

Known affected 21 products

Product	Identifier	Version
Oracle Communications 12.11.0 Oracle / Communications	`cpe:/a:oracle:communications:12.11.0`	12.11.0
Oracle Communications 4.1.0 Oracle / Communications	`cpe:/a:oracle:communications:4.1.0`	4.1.0
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Oracle Communications 4.2.0 Oracle / Communications	`cpe:/a:oracle:communications:4.2.0`	4.2.0
Oracle Communications 9.2.0 Oracle / Communications	`cpe:/a:oracle:communications:9.2.0`	9.2.0
Oracle Communications 9.3.0 Oracle / Communications	`cpe:/a:oracle:communications:9.3.0`	9.3.0
Oracle Communications 23.4.1 Oracle / Communications	`cpe:/a:oracle:communications:23.4.1`	23.4.1
Oracle Communications 12.11.3 Oracle / Communications	`cpe:/a:oracle:communications:12.11.3`	12.11.3
Oracle Communications 12.11.4 Oracle / Communications	`cpe:/a:oracle:communications:12.11.4`	12.11.4
Oracle Communications 10.5 Oracle / Communications	`cpe:/a:oracle:communications:10.5`	10.5
Oracle Communications 24.2.0 Oracle / Communications	`cpe:/a:oracle:communications:24.2.0`	24.2.0
Oracle Communications 5.2 Oracle / Communications	`cpe:/a:oracle:communications:5.2`	5.2
Oracle Communications 24.1.0 Oracle / Communications	`cpe:/a:oracle:communications:24.1.0`	24.1.0
Oracle Communications 46.6.4 Oracle / Communications	`cpe:/a:oracle:communications:46.6.4`	46.6.4
Oracle Communications 23.4.2 Oracle / Communications	`cpe:/a:oracle:communications:23.4.2`	23.4.2
Oracle Communications 46.6.5 Oracle / Communications	`cpe:/a:oracle:communications:46.6.5`	46.6.5
Oracle Communications 15.0.0.0.0 Oracle / Communications	`cpe:/a:oracle:communications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications 23.4.0 Oracle / Communications	`cpe:/a:oracle:communications:23.4.0`	23.4.0
Oracle Communications 23.1.0 Oracle / Communications	`cpe:/a:oracle:communications:23.1.0`	23.1.0
Oracle Communications 12.6.1.0.0 Oracle / Communications	`cpe:/a:oracle:communications:12.6.1.0.0`	12.6.1.0.0
Oracle Communications 5.1 Oracle / Communications	`cpe:/a:oracle:communications:5.1`	5.1

Last affected 5 products

Product	Identifier	Version	Remediation
Oracle Communications <=23.4.3 Oracle / Communications		<=23.4.3
Oracle Communications <=23.4.4 Oracle / Communications		<=23.4.4
Oracle Communications <=8.6.0.6 Oracle / Communications		<=8.6.0.6
Oracle Communications <=8.6.0.8 Oracle / Communications		<=8.6.0.8
Oracle Communications <=9.0.3 Oracle / Communications		<=9.0.3

CVE-2024-27316

Affected products

Known affected 21 products

Product	Identifier	Version
Oracle Communications 12.11.0 Oracle / Communications	`cpe:/a:oracle:communications:12.11.0`	12.11.0
Oracle Communications 4.1.0 Oracle / Communications	`cpe:/a:oracle:communications:4.1.0`	4.1.0
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Oracle Communications 4.2.0 Oracle / Communications	`cpe:/a:oracle:communications:4.2.0`	4.2.0
Oracle Communications 9.2.0 Oracle / Communications	`cpe:/a:oracle:communications:9.2.0`	9.2.0
Oracle Communications 9.3.0 Oracle / Communications	`cpe:/a:oracle:communications:9.3.0`	9.3.0
Oracle Communications 23.4.1 Oracle / Communications	`cpe:/a:oracle:communications:23.4.1`	23.4.1
Oracle Communications 12.11.3 Oracle / Communications	`cpe:/a:oracle:communications:12.11.3`	12.11.3
Oracle Communications 12.11.4 Oracle / Communications	`cpe:/a:oracle:communications:12.11.4`	12.11.4
Oracle Communications 10.5 Oracle / Communications	`cpe:/a:oracle:communications:10.5`	10.5
Oracle Communications 24.2.0 Oracle / Communications	`cpe:/a:oracle:communications:24.2.0`	24.2.0
Oracle Communications 5.2 Oracle / Communications	`cpe:/a:oracle:communications:5.2`	5.2
Oracle Communications 24.1.0 Oracle / Communications	`cpe:/a:oracle:communications:24.1.0`	24.1.0
Oracle Communications 46.6.4 Oracle / Communications	`cpe:/a:oracle:communications:46.6.4`	46.6.4
Oracle Communications 23.4.2 Oracle / Communications	`cpe:/a:oracle:communications:23.4.2`	23.4.2
Oracle Communications 46.6.5 Oracle / Communications	`cpe:/a:oracle:communications:46.6.5`	46.6.5
Oracle Communications 15.0.0.0.0 Oracle / Communications	`cpe:/a:oracle:communications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications 23.4.0 Oracle / Communications	`cpe:/a:oracle:communications:23.4.0`	23.4.0
Oracle Communications 23.1.0 Oracle / Communications	`cpe:/a:oracle:communications:23.1.0`	23.1.0
Oracle Communications 12.6.1.0.0 Oracle / Communications	`cpe:/a:oracle:communications:12.6.1.0.0`	12.6.1.0.0
Oracle Communications 5.1 Oracle / Communications	`cpe:/a:oracle:communications:5.1`	5.1

Last affected 5 products

Product	Identifier	Version	Remediation
Oracle Communications <=23.4.3 Oracle / Communications		<=23.4.3
Oracle Communications <=23.4.4 Oracle / Communications		<=23.4.4
Oracle Communications <=8.6.0.6 Oracle / Communications		<=8.6.0.6
Oracle Communications <=8.6.0.8 Oracle / Communications		<=8.6.0.8
Oracle Communications <=9.0.3 Oracle / Communications		<=9.0.3

CVE-2024-28182

Affected products

Known affected 21 products

Product	Identifier	Version
Oracle Communications 12.11.0 Oracle / Communications	`cpe:/a:oracle:communications:12.11.0`	12.11.0
Oracle Communications 4.1.0 Oracle / Communications	`cpe:/a:oracle:communications:4.1.0`	4.1.0
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Oracle Communications 4.2.0 Oracle / Communications	`cpe:/a:oracle:communications:4.2.0`	4.2.0
Oracle Communications 9.2.0 Oracle / Communications	`cpe:/a:oracle:communications:9.2.0`	9.2.0
Oracle Communications 9.3.0 Oracle / Communications	`cpe:/a:oracle:communications:9.3.0`	9.3.0
Oracle Communications 23.4.1 Oracle / Communications	`cpe:/a:oracle:communications:23.4.1`	23.4.1
Oracle Communications 12.11.3 Oracle / Communications	`cpe:/a:oracle:communications:12.11.3`	12.11.3
Oracle Communications 12.11.4 Oracle / Communications	`cpe:/a:oracle:communications:12.11.4`	12.11.4
Oracle Communications 10.5 Oracle / Communications	`cpe:/a:oracle:communications:10.5`	10.5
Oracle Communications 24.2.0 Oracle / Communications	`cpe:/a:oracle:communications:24.2.0`	24.2.0
Oracle Communications 5.2 Oracle / Communications	`cpe:/a:oracle:communications:5.2`	5.2
Oracle Communications 24.1.0 Oracle / Communications	`cpe:/a:oracle:communications:24.1.0`	24.1.0
Oracle Communications 46.6.4 Oracle / Communications	`cpe:/a:oracle:communications:46.6.4`	46.6.4
Oracle Communications 23.4.2 Oracle / Communications	`cpe:/a:oracle:communications:23.4.2`	23.4.2
Oracle Communications 46.6.5 Oracle / Communications	`cpe:/a:oracle:communications:46.6.5`	46.6.5
Oracle Communications 15.0.0.0.0 Oracle / Communications	`cpe:/a:oracle:communications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications 23.4.0 Oracle / Communications	`cpe:/a:oracle:communications:23.4.0`	23.4.0
Oracle Communications 23.1.0 Oracle / Communications	`cpe:/a:oracle:communications:23.1.0`	23.1.0
Oracle Communications 12.6.1.0.0 Oracle / Communications	`cpe:/a:oracle:communications:12.6.1.0.0`	12.6.1.0.0
Oracle Communications 5.1 Oracle / Communications	`cpe:/a:oracle:communications:5.1`	5.1

Last affected 5 products

Product	Identifier	Version	Remediation
Oracle Communications <=23.4.3 Oracle / Communications		<=23.4.3
Oracle Communications <=23.4.4 Oracle / Communications		<=23.4.4
Oracle Communications <=8.6.0.6 Oracle / Communications		<=8.6.0.6
Oracle Communications <=8.6.0.8 Oracle / Communications		<=8.6.0.8
Oracle Communications <=9.0.3 Oracle / Communications		<=9.0.3

CVE-2024-28752

Affected products

Known affected 21 products

Product	Identifier	Version
Oracle Communications 12.11.0 Oracle / Communications	`cpe:/a:oracle:communications:12.11.0`	12.11.0
Oracle Communications 4.1.0 Oracle / Communications	`cpe:/a:oracle:communications:4.1.0`	4.1.0
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Oracle Communications 4.2.0 Oracle / Communications	`cpe:/a:oracle:communications:4.2.0`	4.2.0
Oracle Communications 9.2.0 Oracle / Communications	`cpe:/a:oracle:communications:9.2.0`	9.2.0
Oracle Communications 9.3.0 Oracle / Communications	`cpe:/a:oracle:communications:9.3.0`	9.3.0
Oracle Communications 23.4.1 Oracle / Communications	`cpe:/a:oracle:communications:23.4.1`	23.4.1
Oracle Communications 12.11.3 Oracle / Communications	`cpe:/a:oracle:communications:12.11.3`	12.11.3
Oracle Communications 12.11.4 Oracle / Communications	`cpe:/a:oracle:communications:12.11.4`	12.11.4
Oracle Communications 10.5 Oracle / Communications	`cpe:/a:oracle:communications:10.5`	10.5
Oracle Communications 24.2.0 Oracle / Communications	`cpe:/a:oracle:communications:24.2.0`	24.2.0
Oracle Communications 5.2 Oracle / Communications	`cpe:/a:oracle:communications:5.2`	5.2
Oracle Communications 24.1.0 Oracle / Communications	`cpe:/a:oracle:communications:24.1.0`	24.1.0
Oracle Communications 46.6.4 Oracle / Communications	`cpe:/a:oracle:communications:46.6.4`	46.6.4
Oracle Communications 23.4.2 Oracle / Communications	`cpe:/a:oracle:communications:23.4.2`	23.4.2
Oracle Communications 46.6.5 Oracle / Communications	`cpe:/a:oracle:communications:46.6.5`	46.6.5
Oracle Communications 15.0.0.0.0 Oracle / Communications	`cpe:/a:oracle:communications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications 23.4.0 Oracle / Communications	`cpe:/a:oracle:communications:23.4.0`	23.4.0
Oracle Communications 23.1.0 Oracle / Communications	`cpe:/a:oracle:communications:23.1.0`	23.1.0
Oracle Communications 12.6.1.0.0 Oracle / Communications	`cpe:/a:oracle:communications:12.6.1.0.0`	12.6.1.0.0
Oracle Communications 5.1 Oracle / Communications	`cpe:/a:oracle:communications:5.1`	5.1

Last affected 5 products

Product	Identifier	Version	Remediation
Oracle Communications <=23.4.3 Oracle / Communications		<=23.4.3
Oracle Communications <=23.4.4 Oracle / Communications		<=23.4.4
Oracle Communications <=8.6.0.6 Oracle / Communications		<=8.6.0.6
Oracle Communications <=8.6.0.8 Oracle / Communications		<=8.6.0.8
Oracle Communications <=9.0.3 Oracle / Communications		<=9.0.3

CVE-2024-28849

Affected products

Known affected 21 products

Product	Identifier	Version
Oracle Communications 12.11.0 Oracle / Communications	`cpe:/a:oracle:communications:12.11.0`	12.11.0
Oracle Communications 4.1.0 Oracle / Communications	`cpe:/a:oracle:communications:4.1.0`	4.1.0
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Oracle Communications 4.2.0 Oracle / Communications	`cpe:/a:oracle:communications:4.2.0`	4.2.0
Oracle Communications 9.2.0 Oracle / Communications	`cpe:/a:oracle:communications:9.2.0`	9.2.0
Oracle Communications 9.3.0 Oracle / Communications	`cpe:/a:oracle:communications:9.3.0`	9.3.0
Oracle Communications 23.4.1 Oracle / Communications	`cpe:/a:oracle:communications:23.4.1`	23.4.1
Oracle Communications 12.11.3 Oracle / Communications	`cpe:/a:oracle:communications:12.11.3`	12.11.3
Oracle Communications 12.11.4 Oracle / Communications	`cpe:/a:oracle:communications:12.11.4`	12.11.4
Oracle Communications 10.5 Oracle / Communications	`cpe:/a:oracle:communications:10.5`	10.5
Oracle Communications 24.2.0 Oracle / Communications	`cpe:/a:oracle:communications:24.2.0`	24.2.0
Oracle Communications 5.2 Oracle / Communications	`cpe:/a:oracle:communications:5.2`	5.2
Oracle Communications 24.1.0 Oracle / Communications	`cpe:/a:oracle:communications:24.1.0`	24.1.0
Oracle Communications 46.6.4 Oracle / Communications	`cpe:/a:oracle:communications:46.6.4`	46.6.4
Oracle Communications 23.4.2 Oracle / Communications	`cpe:/a:oracle:communications:23.4.2`	23.4.2
Oracle Communications 46.6.5 Oracle / Communications	`cpe:/a:oracle:communications:46.6.5`	46.6.5
Oracle Communications 15.0.0.0.0 Oracle / Communications	`cpe:/a:oracle:communications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications 23.4.0 Oracle / Communications	`cpe:/a:oracle:communications:23.4.0`	23.4.0
Oracle Communications 23.1.0 Oracle / Communications	`cpe:/a:oracle:communications:23.1.0`	23.1.0
Oracle Communications 12.6.1.0.0 Oracle / Communications	`cpe:/a:oracle:communications:12.6.1.0.0`	12.6.1.0.0
Oracle Communications 5.1 Oracle / Communications	`cpe:/a:oracle:communications:5.1`	5.1

Last affected 5 products

Product	Identifier	Version	Remediation
Oracle Communications <=23.4.3 Oracle / Communications		<=23.4.3
Oracle Communications <=23.4.4 Oracle / Communications		<=23.4.4
Oracle Communications <=8.6.0.6 Oracle / Communications		<=8.6.0.6
Oracle Communications <=8.6.0.8 Oracle / Communications		<=8.6.0.8
Oracle Communications <=9.0.3 Oracle / Communications		<=9.0.3

CVE-2024-29025

Affected products

Known affected 21 products

Product	Identifier	Version
Oracle Communications 12.11.0 Oracle / Communications	`cpe:/a:oracle:communications:12.11.0`	12.11.0
Oracle Communications 4.1.0 Oracle / Communications	`cpe:/a:oracle:communications:4.1.0`	4.1.0
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Oracle Communications 4.2.0 Oracle / Communications	`cpe:/a:oracle:communications:4.2.0`	4.2.0
Oracle Communications 9.2.0 Oracle / Communications	`cpe:/a:oracle:communications:9.2.0`	9.2.0
Oracle Communications 9.3.0 Oracle / Communications	`cpe:/a:oracle:communications:9.3.0`	9.3.0
Oracle Communications 23.4.1 Oracle / Communications	`cpe:/a:oracle:communications:23.4.1`	23.4.1
Oracle Communications 12.11.3 Oracle / Communications	`cpe:/a:oracle:communications:12.11.3`	12.11.3
Oracle Communications 12.11.4 Oracle / Communications	`cpe:/a:oracle:communications:12.11.4`	12.11.4
Oracle Communications 10.5 Oracle / Communications	`cpe:/a:oracle:communications:10.5`	10.5
Oracle Communications 24.2.0 Oracle / Communications	`cpe:/a:oracle:communications:24.2.0`	24.2.0
Oracle Communications 5.2 Oracle / Communications	`cpe:/a:oracle:communications:5.2`	5.2
Oracle Communications 24.1.0 Oracle / Communications	`cpe:/a:oracle:communications:24.1.0`	24.1.0
Oracle Communications 46.6.4 Oracle / Communications	`cpe:/a:oracle:communications:46.6.4`	46.6.4
Oracle Communications 23.4.2 Oracle / Communications	`cpe:/a:oracle:communications:23.4.2`	23.4.2
Oracle Communications 46.6.5 Oracle / Communications	`cpe:/a:oracle:communications:46.6.5`	46.6.5
Oracle Communications 15.0.0.0.0 Oracle / Communications	`cpe:/a:oracle:communications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications 23.4.0 Oracle / Communications	`cpe:/a:oracle:communications:23.4.0`	23.4.0
Oracle Communications 23.1.0 Oracle / Communications	`cpe:/a:oracle:communications:23.1.0`	23.1.0
Oracle Communications 12.6.1.0.0 Oracle / Communications	`cpe:/a:oracle:communications:12.6.1.0.0`	12.6.1.0.0
Oracle Communications 5.1 Oracle / Communications	`cpe:/a:oracle:communications:5.1`	5.1

Last affected 5 products

Product	Identifier	Version	Remediation
Oracle Communications <=23.4.3 Oracle / Communications		<=23.4.3
Oracle Communications <=23.4.4 Oracle / Communications		<=23.4.4
Oracle Communications <=8.6.0.6 Oracle / Communications		<=8.6.0.6
Oracle Communications <=8.6.0.8 Oracle / Communications		<=8.6.0.8
Oracle Communications <=9.0.3 Oracle / Communications		<=9.0.3

CVE-2024-2961

Affected products

Known affected 21 products

Product	Identifier	Version
Oracle Communications 12.11.0 Oracle / Communications	`cpe:/a:oracle:communications:12.11.0`	12.11.0
Oracle Communications 4.1.0 Oracle / Communications	`cpe:/a:oracle:communications:4.1.0`	4.1.0
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Oracle Communications 4.2.0 Oracle / Communications	`cpe:/a:oracle:communications:4.2.0`	4.2.0
Oracle Communications 9.2.0 Oracle / Communications	`cpe:/a:oracle:communications:9.2.0`	9.2.0
Oracle Communications 9.3.0 Oracle / Communications	`cpe:/a:oracle:communications:9.3.0`	9.3.0
Oracle Communications 23.4.1 Oracle / Communications	`cpe:/a:oracle:communications:23.4.1`	23.4.1
Oracle Communications 12.11.3 Oracle / Communications	`cpe:/a:oracle:communications:12.11.3`	12.11.3
Oracle Communications 12.11.4 Oracle / Communications	`cpe:/a:oracle:communications:12.11.4`	12.11.4
Oracle Communications 10.5 Oracle / Communications	`cpe:/a:oracle:communications:10.5`	10.5
Oracle Communications 24.2.0 Oracle / Communications	`cpe:/a:oracle:communications:24.2.0`	24.2.0
Oracle Communications 5.2 Oracle / Communications	`cpe:/a:oracle:communications:5.2`	5.2
Oracle Communications 24.1.0 Oracle / Communications	`cpe:/a:oracle:communications:24.1.0`	24.1.0
Oracle Communications 46.6.4 Oracle / Communications	`cpe:/a:oracle:communications:46.6.4`	46.6.4
Oracle Communications 23.4.2 Oracle / Communications	`cpe:/a:oracle:communications:23.4.2`	23.4.2
Oracle Communications 46.6.5 Oracle / Communications	`cpe:/a:oracle:communications:46.6.5`	46.6.5
Oracle Communications 15.0.0.0.0 Oracle / Communications	`cpe:/a:oracle:communications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications 23.4.0 Oracle / Communications	`cpe:/a:oracle:communications:23.4.0`	23.4.0
Oracle Communications 23.1.0 Oracle / Communications	`cpe:/a:oracle:communications:23.1.0`	23.1.0
Oracle Communications 12.6.1.0.0 Oracle / Communications	`cpe:/a:oracle:communications:12.6.1.0.0`	12.6.1.0.0
Oracle Communications 5.1 Oracle / Communications	`cpe:/a:oracle:communications:5.1`	5.1

Last affected 5 products

Product	Identifier	Version	Remediation
Oracle Communications <=23.4.3 Oracle / Communications		<=23.4.3
Oracle Communications <=23.4.4 Oracle / Communications		<=23.4.4
Oracle Communications <=8.6.0.6 Oracle / Communications		<=8.6.0.6
Oracle Communications <=8.6.0.8 Oracle / Communications		<=8.6.0.8
Oracle Communications <=9.0.3 Oracle / Communications		<=9.0.3

CVE-2024-34064

Affected products

Known affected 21 products

Product	Identifier	Version
Oracle Communications 12.11.0 Oracle / Communications	`cpe:/a:oracle:communications:12.11.0`	12.11.0
Oracle Communications 4.1.0 Oracle / Communications	`cpe:/a:oracle:communications:4.1.0`	4.1.0
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Oracle Communications 4.2.0 Oracle / Communications	`cpe:/a:oracle:communications:4.2.0`	4.2.0
Oracle Communications 9.2.0 Oracle / Communications	`cpe:/a:oracle:communications:9.2.0`	9.2.0
Oracle Communications 9.3.0 Oracle / Communications	`cpe:/a:oracle:communications:9.3.0`	9.3.0
Oracle Communications 23.4.1 Oracle / Communications	`cpe:/a:oracle:communications:23.4.1`	23.4.1
Oracle Communications 12.11.3 Oracle / Communications	`cpe:/a:oracle:communications:12.11.3`	12.11.3
Oracle Communications 12.11.4 Oracle / Communications	`cpe:/a:oracle:communications:12.11.4`	12.11.4
Oracle Communications 10.5 Oracle / Communications	`cpe:/a:oracle:communications:10.5`	10.5
Oracle Communications 24.2.0 Oracle / Communications	`cpe:/a:oracle:communications:24.2.0`	24.2.0
Oracle Communications 5.2 Oracle / Communications	`cpe:/a:oracle:communications:5.2`	5.2
Oracle Communications 24.1.0 Oracle / Communications	`cpe:/a:oracle:communications:24.1.0`	24.1.0
Oracle Communications 46.6.4 Oracle / Communications	`cpe:/a:oracle:communications:46.6.4`	46.6.4
Oracle Communications 23.4.2 Oracle / Communications	`cpe:/a:oracle:communications:23.4.2`	23.4.2
Oracle Communications 46.6.5 Oracle / Communications	`cpe:/a:oracle:communications:46.6.5`	46.6.5
Oracle Communications 15.0.0.0.0 Oracle / Communications	`cpe:/a:oracle:communications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications 23.4.0 Oracle / Communications	`cpe:/a:oracle:communications:23.4.0`	23.4.0
Oracle Communications 23.1.0 Oracle / Communications	`cpe:/a:oracle:communications:23.1.0`	23.1.0
Oracle Communications 12.6.1.0.0 Oracle / Communications	`cpe:/a:oracle:communications:12.6.1.0.0`	12.6.1.0.0
Oracle Communications 5.1 Oracle / Communications	`cpe:/a:oracle:communications:5.1`	5.1

Last affected 5 products

Product	Identifier	Version	Remediation
Oracle Communications <=23.4.3 Oracle / Communications		<=23.4.3
Oracle Communications <=23.4.4 Oracle / Communications		<=23.4.4
Oracle Communications <=8.6.0.6 Oracle / Communications		<=8.6.0.6
Oracle Communications <=8.6.0.8 Oracle / Communications		<=8.6.0.8
Oracle Communications <=9.0.3 Oracle / Communications		<=9.0.3

CVE-2024-34069

Affected products

Known affected 21 products

Product	Identifier	Version
Oracle Communications 12.11.0 Oracle / Communications	`cpe:/a:oracle:communications:12.11.0`	12.11.0
Oracle Communications 4.1.0 Oracle / Communications	`cpe:/a:oracle:communications:4.1.0`	4.1.0
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Oracle Communications 4.2.0 Oracle / Communications	`cpe:/a:oracle:communications:4.2.0`	4.2.0
Oracle Communications 9.2.0 Oracle / Communications	`cpe:/a:oracle:communications:9.2.0`	9.2.0
Oracle Communications 9.3.0 Oracle / Communications	`cpe:/a:oracle:communications:9.3.0`	9.3.0
Oracle Communications 23.4.1 Oracle / Communications	`cpe:/a:oracle:communications:23.4.1`	23.4.1
Oracle Communications 12.11.3 Oracle / Communications	`cpe:/a:oracle:communications:12.11.3`	12.11.3
Oracle Communications 12.11.4 Oracle / Communications	`cpe:/a:oracle:communications:12.11.4`	12.11.4
Oracle Communications 10.5 Oracle / Communications	`cpe:/a:oracle:communications:10.5`	10.5
Oracle Communications 24.2.0 Oracle / Communications	`cpe:/a:oracle:communications:24.2.0`	24.2.0
Oracle Communications 5.2 Oracle / Communications	`cpe:/a:oracle:communications:5.2`	5.2
Oracle Communications 24.1.0 Oracle / Communications	`cpe:/a:oracle:communications:24.1.0`	24.1.0
Oracle Communications 46.6.4 Oracle / Communications	`cpe:/a:oracle:communications:46.6.4`	46.6.4
Oracle Communications 23.4.2 Oracle / Communications	`cpe:/a:oracle:communications:23.4.2`	23.4.2
Oracle Communications 46.6.5 Oracle / Communications	`cpe:/a:oracle:communications:46.6.5`	46.6.5
Oracle Communications 15.0.0.0.0 Oracle / Communications	`cpe:/a:oracle:communications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications 23.4.0 Oracle / Communications	`cpe:/a:oracle:communications:23.4.0`	23.4.0
Oracle Communications 23.1.0 Oracle / Communications	`cpe:/a:oracle:communications:23.1.0`	23.1.0
Oracle Communications 12.6.1.0.0 Oracle / Communications	`cpe:/a:oracle:communications:12.6.1.0.0`	12.6.1.0.0
Oracle Communications 5.1 Oracle / Communications	`cpe:/a:oracle:communications:5.1`	5.1

Last affected 5 products

Product	Identifier	Version	Remediation
Oracle Communications <=23.4.3 Oracle / Communications		<=23.4.3
Oracle Communications <=23.4.4 Oracle / Communications		<=23.4.4
Oracle Communications <=8.6.0.6 Oracle / Communications		<=8.6.0.6
Oracle Communications <=8.6.0.8 Oracle / Communications		<=8.6.0.8
Oracle Communications <=9.0.3 Oracle / Communications		<=9.0.3

CVE-2024-6162

Affected products

Known affected 21 products

Product	Identifier	Version
Oracle Communications 12.11.0 Oracle / Communications	`cpe:/a:oracle:communications:12.11.0`	12.11.0
Oracle Communications 4.1.0 Oracle / Communications	`cpe:/a:oracle:communications:4.1.0`	4.1.0
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Oracle Communications 4.2.0 Oracle / Communications	`cpe:/a:oracle:communications:4.2.0`	4.2.0
Oracle Communications 9.2.0 Oracle / Communications	`cpe:/a:oracle:communications:9.2.0`	9.2.0
Oracle Communications 9.3.0 Oracle / Communications	`cpe:/a:oracle:communications:9.3.0`	9.3.0
Oracle Communications 23.4.1 Oracle / Communications	`cpe:/a:oracle:communications:23.4.1`	23.4.1
Oracle Communications 12.11.3 Oracle / Communications	`cpe:/a:oracle:communications:12.11.3`	12.11.3
Oracle Communications 12.11.4 Oracle / Communications	`cpe:/a:oracle:communications:12.11.4`	12.11.4
Oracle Communications 10.5 Oracle / Communications	`cpe:/a:oracle:communications:10.5`	10.5
Oracle Communications 24.2.0 Oracle / Communications	`cpe:/a:oracle:communications:24.2.0`	24.2.0
Oracle Communications 5.2 Oracle / Communications	`cpe:/a:oracle:communications:5.2`	5.2
Oracle Communications 24.1.0 Oracle / Communications	`cpe:/a:oracle:communications:24.1.0`	24.1.0
Oracle Communications 46.6.4 Oracle / Communications	`cpe:/a:oracle:communications:46.6.4`	46.6.4
Oracle Communications 23.4.2 Oracle / Communications	`cpe:/a:oracle:communications:23.4.2`	23.4.2
Oracle Communications 46.6.5 Oracle / Communications	`cpe:/a:oracle:communications:46.6.5`	46.6.5
Oracle Communications 15.0.0.0.0 Oracle / Communications	`cpe:/a:oracle:communications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications 23.4.0 Oracle / Communications	`cpe:/a:oracle:communications:23.4.0`	23.4.0
Oracle Communications 23.1.0 Oracle / Communications	`cpe:/a:oracle:communications:23.1.0`	23.1.0
Oracle Communications 12.6.1.0.0 Oracle / Communications	`cpe:/a:oracle:communications:12.6.1.0.0`	12.6.1.0.0
Oracle Communications 5.1 Oracle / Communications	`cpe:/a:oracle:communications:5.1`	5.1

Last affected 5 products

Product	Identifier	Version	Remediation
Oracle Communications <=23.4.3 Oracle / Communications		<=23.4.3
Oracle Communications <=23.4.4 Oracle / Communications		<=23.4.4
Oracle Communications <=8.6.0.6 Oracle / Communications		<=8.6.0.6
Oracle Communications <=8.6.0.8 Oracle / Communications		<=8.6.0.8
Oracle Communications <=9.0.3 Oracle / Communications		<=9.0.3

References

6 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://www.oracle.com/security-alerts/cpujul2024…	external
https://access.redhat.com/errata/RHSA-2024:6016	external
https://access.redhat.com/errata/RHSA-2024:9975	external
https://access.redhat.com/errata/RHSA-2024:9976	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Oracle Communications umfasst branchenspezifische L\u00f6sungen f\u00fcr die Telekommunikationsbranche.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Communications ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Sonstiges\n- UNIX\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-1642 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1642.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-1642 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1642"
      },
      {
        "category": "external",
        "summary": "Oracle Critical Patch Update Advisory - July 2024 - Appendix Oracle Communications vom 2024-07-16",
        "url": "https://www.oracle.com/security-alerts/cpujul2024.html#AppendixCGBU"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:6016 vom 2024-09-05",
        "url": "https://access.redhat.com/errata/RHSA-2024:6016"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:9975 vom 2024-11-21",
        "url": "https://access.redhat.com/errata/RHSA-2024:9975"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:9976 vom 2024-11-21",
        "url": "https://access.redhat.com/errata/RHSA-2024:9976"
      }
    ],
    "source_lang": "en-US",
    "title": "Oracle Communications: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2024-11-20T23:00:00.000+00:00",
      "generator": {
        "date": "2024-11-21T13:09:50.776+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.8"
        }
      },
      "id": "WID-SEC-W-2024-1642",
      "initial_release_date": "2024-07-16T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-07-16T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2024-09-05T22:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-11-20T23:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von Red Hat aufgenommen"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "23.1.0",
                "product": {
                  "name": "Oracle Communications 23.1.0",
                  "product_id": "T027326",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:23.1.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "12.6.1.0.0",
                "product": {
                  "name": "Oracle Communications 12.6.1.0.0",
                  "product_id": "T027338",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:12.6.1.0.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "5.1",
                "product": {
                  "name": "Oracle Communications 5.1",
                  "product_id": "T028684",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:5.1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "15.0.0.0.0",
                "product": {
                  "name": "Oracle Communications 15.0.0.0.0",
                  "product_id": "T032090",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:15.0.0.0.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "23.4.0",
                "product": {
                  "name": "Oracle Communications 23.4.0",
                  "product_id": "T032091",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:23.4.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "23.4.1",
                "product": {
                  "name": "Oracle Communications 23.4.1",
                  "product_id": "T034143",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:23.4.1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "23.4.2",
                "product": {
                  "name": "Oracle Communications 23.4.2",
                  "product_id": "T034144",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:23.4.2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "24.1.0",
                "product": {
                  "name": "Oracle Communications 24.1.0",
                  "product_id": "T034145",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:24.1.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "5.2",
                "product": {
                  "name": "Oracle Communications 5.2",
                  "product_id": "T034146",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:5.2"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=23.4.3",
                "product": {
                  "name": "Oracle Communications \u003c=23.4.3",
                  "product_id": "T036195"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=23.4.3",
                "product": {
                  "name": "Oracle Communications \u003c=23.4.3",
                  "product_id": "T036195-fixed"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=23.4.4",
                "product": {
                  "name": "Oracle Communications \u003c=23.4.4",
                  "product_id": "T036196"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=23.4.4",
                "product": {
                  "name": "Oracle Communications \u003c=23.4.4",
                  "product_id": "T036196-fixed"
                }
              },
              {
                "category": "product_version",
                "name": "24.2.0",
                "product": {
                  "name": "Oracle Communications 24.2.0",
                  "product_id": "T036197",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:24.2.0"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=8.6.0.8",
                "product": {
                  "name": "Oracle Communications \u003c=8.6.0.8",
                  "product_id": "T036198"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=8.6.0.8",
                "product": {
                  "name": "Oracle Communications \u003c=8.6.0.8",
                  "product_id": "T036198-fixed"
                }
              },
              {
                "category": "product_version",
                "name": "46.6.4",
                "product": {
                  "name": "Oracle Communications 46.6.4",
                  "product_id": "T036199",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:46.6.4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "46.6.5",
                "product": {
                  "name": "Oracle Communications 46.6.5",
                  "product_id": "T036200",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:46.6.5"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "12.11.3",
                "product": {
                  "name": "Oracle Communications 12.11.3",
                  "product_id": "T036201",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:12.11.3"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "12.11.4",
                "product": {
                  "name": "Oracle Communications 12.11.4",
                  "product_id": "T036202",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:12.11.4"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=8.6.0.6",
                "product": {
                  "name": "Oracle Communications \u003c=8.6.0.6",
                  "product_id": "T036203"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=8.6.0.6",
                "product": {
                  "name": "Oracle Communications \u003c=8.6.0.6",
                  "product_id": "T036203-fixed"
                }
              },
              {
                "category": "product_version",
                "name": "10.5",
                "product": {
                  "name": "Oracle Communications 10.5",
                  "product_id": "T036204",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:10.5"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "4.1.0",
                "product": {
                  "name": "Oracle Communications 4.1.0",
                  "product_id": "T036205",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:4.1.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "4.2.0",
                "product": {
                  "name": "Oracle Communications 4.2.0",
                  "product_id": "T036206",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:4.2.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "9.2.0",
                "product": {
                  "name": "Oracle Communications 9.2.0",
                  "product_id": "T036207",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:9.2.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "9.3.0",
                "product": {
                  "name": "Oracle Communications 9.3.0",
                  "product_id": "T036208",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:9.3.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "12.11.0",
                "product": {
                  "name": "Oracle Communications 12.11.0",
                  "product_id": "T036209",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:12.11.0"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=9.0.3",
                "product": {
                  "name": "Oracle Communications \u003c=9.0.3",
                  "product_id": "T036210"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=9.0.3",
                "product": {
                  "name": "Oracle Communications \u003c=9.0.3",
                  "product_id": "T036210-fixed"
                }
              }
            ],
            "category": "product_name",
            "name": "Communications"
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Red Hat Enterprise Linux",
            "product": {
              "name": "Red Hat Enterprise Linux",
              "product_id": "67646",
              "product_identification_helper": {
                "cpe": "cpe:/o:redhat:enterprise_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2019-10086",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2019-10086"
    },
    {
      "cve": "CVE-2021-29425",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2021-29425"
    },
    {
      "cve": "CVE-2021-37533",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2021-37533"
    },
    {
      "cve": "CVE-2021-41184",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2021-41184"
    },
    {
      "cve": "CVE-2022-34169",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2022-34169"
    },
    {
      "cve": "CVE-2022-36033",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2022-36033"
    },
    {
      "cve": "CVE-2022-42890",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2022-42890"
    },
    {
      "cve": "CVE-2022-48174",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2022-48174"
    },
    {
      "cve": "CVE-2023-24998",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2023-24998"
    },
    {
      "cve": "CVE-2023-33201",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2023-33201"
    },
    {
      "cve": "CVE-2023-37920",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2023-37920"
    },
    {
      "cve": "CVE-2023-44487",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2023-44487"
    },
    {
      "cve": "CVE-2023-46589",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2023-46589"
    },
    {
      "cve": "CVE-2023-48795",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2023-48795"
    },
    {
      "cve": "CVE-2023-51775",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2023-51775"
    },
    {
      "cve": "CVE-2023-52425",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2023-52425"
    },
    {
      "cve": "CVE-2023-5685",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2023-5685"
    },
    {
      "cve": "CVE-2024-0450",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-0450"
    },
    {
      "cve": "CVE-2024-22019",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-22019"
    },
    {
      "cve": "CVE-2024-22201",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-22201"
    },
    {
      "cve": "CVE-2024-22234",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-22234"
    },
    {
      "cve": "CVE-2024-22257",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-22257"
    },
    {
      "cve": "CVE-2024-22262",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-22262"
    },
    {
      "cve": "CVE-2024-23672",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-23672"
    },
    {
      "cve": "CVE-2024-23807",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-23807"
    },
    {
      "cve": "CVE-2024-23897",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-23897"
    },
    {
      "cve": "CVE-2024-24549",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-24549"
    },
    {
      "cve": "CVE-2024-25062",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-25062"
    },
    {
      "cve": "CVE-2024-25710",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-25710"
    },
    {
      "cve": "CVE-2024-26130",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-26130"
    },
    {
      "cve": "CVE-2024-26308",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-26308"
    },
    {
      "cve": "CVE-2024-27316",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-27316"
    },
    {
      "cve": "CVE-2024-28182",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-28182"
    },
    {
      "cve": "CVE-2024-28752",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-28752"
    },
    {
      "cve": "CVE-2024-28849",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-28849"
    },
    {
      "cve": "CVE-2024-29025",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-29025"
    },
    {
      "cve": "CVE-2024-2961",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-2961"
    },
    {
      "cve": "CVE-2024-34064",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-34064"
    },
    {
      "cve": "CVE-2024-34069",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-34069"
    },
    {
      "cve": "CVE-2024-6162",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-6162"
    }
  ]
}

WID-SEC-W-2024-1652

Vulnerability from csaf_certbund - Published: 2024-07-16 22:00 - Updated: 2024-07-16 22:00

Summary

Oracle Supply Chain: Mehrere Schwachstellen

Severity

Hoch

Notes

Produktbeschreibung: Die Oracle Supply Chain ist eine Sammlung von Applikationen für verschiedene Zwecke.

Angriff: Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Supply Chain ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.

Betroffene Betriebssysteme: - Linux - Windows

CVE-2022-34169

In Oracle Supply Chain existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Supply Chain 21.0.2 Oracle / Supply Chain	`cpe:/a:oracle:supply_chain:21.0.2`	21.0.2

Last affected 2 products

Product	Identifier	Version	Remediation
Oracle Supply Chain <=6.2.1.7 Oracle / Supply Chain		<=6.2.1.7
Oracle Supply Chain <=6.2.1.9 Oracle / Supply Chain		<=6.2.1.9

CVE-2023-24998

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Supply Chain 21.0.2 Oracle / Supply Chain	`cpe:/a:oracle:supply_chain:21.0.2`	21.0.2

Last affected 2 products

Product	Identifier	Version	Remediation
Oracle Supply Chain <=6.2.1.7 Oracle / Supply Chain		<=6.2.1.7
Oracle Supply Chain <=6.2.1.9 Oracle / Supply Chain		<=6.2.1.9

CVE-2023-37536

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Supply Chain 21.0.2 Oracle / Supply Chain	`cpe:/a:oracle:supply_chain:21.0.2`	21.0.2

Last affected 2 products

Product	Identifier	Version	Remediation
Oracle Supply Chain <=6.2.1.7 Oracle / Supply Chain		<=6.2.1.7
Oracle Supply Chain <=6.2.1.9 Oracle / Supply Chain		<=6.2.1.9

CVE-2023-44487

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Supply Chain 21.0.2 Oracle / Supply Chain	`cpe:/a:oracle:supply_chain:21.0.2`	21.0.2

Last affected 2 products

Product	Identifier	Version	Remediation
Oracle Supply Chain <=6.2.1.7 Oracle / Supply Chain		<=6.2.1.7
Oracle Supply Chain <=6.2.1.9 Oracle / Supply Chain		<=6.2.1.9

CVE-2023-46589

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Supply Chain 21.0.2 Oracle / Supply Chain	`cpe:/a:oracle:supply_chain:21.0.2`	21.0.2

Last affected 2 products

Product	Identifier	Version	Remediation
Oracle Supply Chain <=6.2.1.7 Oracle / Supply Chain		<=6.2.1.7
Oracle Supply Chain <=6.2.1.9 Oracle / Supply Chain		<=6.2.1.9

References

3 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://www.oracle.com/security-alerts/cpujul2024…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Die Oracle Supply Chain ist eine Sammlung von Applikationen f\u00fcr verschiedene Zwecke.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Supply Chain ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-1652 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1652.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-1652 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1652"
      },
      {
        "category": "external",
        "summary": "Oracle Critical Patch Update Advisory - July 2024 - Appendix Oracle Supply Chain vom 2024-07-16",
        "url": "https://www.oracle.com/security-alerts/cpujul2024.html#AppendixSCP"
      }
    ],
    "source_lang": "en-US",
    "title": "Oracle Supply Chain: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2024-07-16T22:00:00.000+00:00",
      "generator": {
        "date": "2024-08-15T18:11:29.832+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.5"
        }
      },
      "id": "WID-SEC-W-2024-1652",
      "initial_release_date": "2024-07-16T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-07-16T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "21.0.2",
                "product": {
                  "name": "Oracle Supply Chain 21.0.2",
                  "product_id": "T020726",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:supply_chain:21.0.2"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=6.2.1.9",
                "product": {
                  "name": "Oracle Supply Chain \u003c=6.2.1.9",
                  "product_id": "T036248"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=6.2.1.7",
                "product": {
                  "name": "Oracle Supply Chain \u003c=6.2.1.7",
                  "product_id": "T036249"
                }
              }
            ],
            "category": "product_name",
            "name": "Supply Chain"
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-34169",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Supply Chain existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T020726"
        ],
        "last_affected": [
          "T036249",
          "T036248"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2022-34169"
    },
    {
      "cve": "CVE-2023-24998",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Supply Chain existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T020726"
        ],
        "last_affected": [
          "T036249",
          "T036248"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2023-24998"
    },
    {
      "cve": "CVE-2023-37536",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Supply Chain existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T020726"
        ],
        "last_affected": [
          "T036249",
          "T036248"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2023-37536"
    },
    {
      "cve": "CVE-2023-44487",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Supply Chain existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T020726"
        ],
        "last_affected": [
          "T036249",
          "T036248"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2023-44487"
    },
    {
      "cve": "CVE-2023-46589",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Supply Chain existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T020726"
        ],
        "last_affected": [
          "T036249",
          "T036248"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2023-46589"
    }
  ]
}

WID-SEC-W-2024-1653

Vulnerability from csaf_certbund - Published: 2024-07-16 22:00 - Updated: 2024-07-16 22:00

Summary

Oracle Siebel CRM: Mehrere Schwachstellen

Severity

Hoch

Notes

Produktbeschreibung: Siebel CRM ist eine CRM-Lösung von Oracle.

Angriff: Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Siebel CRM ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.

Betroffene Betriebssysteme: - Linux - Windows

CVE-2021-36090

In Oracle Siebel CRM existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.

Affected products

Last affected 9 products

Product	Identifier	Version	Remediation
Oracle Siebel CRM <=22.12 Oracle / Siebel CRM		<=22.12
Oracle Siebel CRM <=23.12 Oracle / Siebel CRM		<=23.12
Oracle Siebel CRM <=23.11 Oracle / Siebel CRM		<=23.11
Oracle Siebel CRM <=22.3 Oracle / Siebel CRM		<=22.3
Oracle Siebel CRM <=24.4 Oracle / Siebel CRM		<=24.4
Oracle Siebel CRM <=24.6 Oracle / Siebel CRM		<=24.6
Oracle Siebel CRM <=24.2 Oracle / Siebel CRM		<=24.2
Oracle Siebel CRM <=24.3 Oracle / Siebel CRM		<=24.3
Oracle Siebel CRM <=24.1 Oracle / Siebel CRM		<=24.1

CVE-2022-34169

Affected products

Last affected 9 products

Product	Identifier	Version	Remediation
Oracle Siebel CRM <=22.12 Oracle / Siebel CRM		<=22.12
Oracle Siebel CRM <=23.12 Oracle / Siebel CRM		<=23.12
Oracle Siebel CRM <=23.11 Oracle / Siebel CRM		<=23.11
Oracle Siebel CRM <=22.3 Oracle / Siebel CRM		<=22.3
Oracle Siebel CRM <=24.4 Oracle / Siebel CRM		<=24.4
Oracle Siebel CRM <=24.6 Oracle / Siebel CRM		<=24.6
Oracle Siebel CRM <=24.2 Oracle / Siebel CRM		<=24.2
Oracle Siebel CRM <=24.3 Oracle / Siebel CRM		<=24.3
Oracle Siebel CRM <=24.1 Oracle / Siebel CRM		<=24.1

CVE-2022-37434

Affected products

Last affected 9 products

Product	Identifier	Version	Remediation
Oracle Siebel CRM <=22.12 Oracle / Siebel CRM		<=22.12
Oracle Siebel CRM <=23.12 Oracle / Siebel CRM		<=23.12
Oracle Siebel CRM <=23.11 Oracle / Siebel CRM		<=23.11
Oracle Siebel CRM <=22.3 Oracle / Siebel CRM		<=22.3
Oracle Siebel CRM <=24.4 Oracle / Siebel CRM		<=24.4
Oracle Siebel CRM <=24.6 Oracle / Siebel CRM		<=24.6
Oracle Siebel CRM <=24.2 Oracle / Siebel CRM		<=24.2
Oracle Siebel CRM <=24.3 Oracle / Siebel CRM		<=24.3
Oracle Siebel CRM <=24.1 Oracle / Siebel CRM		<=24.1

CVE-2022-42003

Affected products

Last affected 9 products

Product	Identifier	Version	Remediation
Oracle Siebel CRM <=22.12 Oracle / Siebel CRM		<=22.12
Oracle Siebel CRM <=23.12 Oracle / Siebel CRM		<=23.12
Oracle Siebel CRM <=23.11 Oracle / Siebel CRM		<=23.11
Oracle Siebel CRM <=22.3 Oracle / Siebel CRM		<=22.3
Oracle Siebel CRM <=24.4 Oracle / Siebel CRM		<=24.4
Oracle Siebel CRM <=24.6 Oracle / Siebel CRM		<=24.6
Oracle Siebel CRM <=24.2 Oracle / Siebel CRM		<=24.2
Oracle Siebel CRM <=24.3 Oracle / Siebel CRM		<=24.3
Oracle Siebel CRM <=24.1 Oracle / Siebel CRM		<=24.1

CVE-2023-22081

Affected products

Last affected 9 products

Product	Identifier	Version	Remediation
Oracle Siebel CRM <=22.12 Oracle / Siebel CRM		<=22.12
Oracle Siebel CRM <=23.12 Oracle / Siebel CRM		<=23.12
Oracle Siebel CRM <=23.11 Oracle / Siebel CRM		<=23.11
Oracle Siebel CRM <=22.3 Oracle / Siebel CRM		<=22.3
Oracle Siebel CRM <=24.4 Oracle / Siebel CRM		<=24.4
Oracle Siebel CRM <=24.6 Oracle / Siebel CRM		<=24.6
Oracle Siebel CRM <=24.2 Oracle / Siebel CRM		<=24.2
Oracle Siebel CRM <=24.3 Oracle / Siebel CRM		<=24.3
Oracle Siebel CRM <=24.1 Oracle / Siebel CRM		<=24.1

CVE-2023-33201

Affected products

Last affected 9 products

Product	Identifier	Version	Remediation
Oracle Siebel CRM <=22.12 Oracle / Siebel CRM		<=22.12
Oracle Siebel CRM <=23.12 Oracle / Siebel CRM		<=23.12
Oracle Siebel CRM <=23.11 Oracle / Siebel CRM		<=23.11
Oracle Siebel CRM <=22.3 Oracle / Siebel CRM		<=22.3
Oracle Siebel CRM <=24.4 Oracle / Siebel CRM		<=24.4
Oracle Siebel CRM <=24.6 Oracle / Siebel CRM		<=24.6
Oracle Siebel CRM <=24.2 Oracle / Siebel CRM		<=24.2
Oracle Siebel CRM <=24.3 Oracle / Siebel CRM		<=24.3
Oracle Siebel CRM <=24.1 Oracle / Siebel CRM		<=24.1

CVE-2023-41105

Affected products

Last affected 9 products

Product	Identifier	Version	Remediation
Oracle Siebel CRM <=22.12 Oracle / Siebel CRM		<=22.12
Oracle Siebel CRM <=23.12 Oracle / Siebel CRM		<=23.12
Oracle Siebel CRM <=23.11 Oracle / Siebel CRM		<=23.11
Oracle Siebel CRM <=22.3 Oracle / Siebel CRM		<=22.3
Oracle Siebel CRM <=24.4 Oracle / Siebel CRM		<=24.4
Oracle Siebel CRM <=24.6 Oracle / Siebel CRM		<=24.6
Oracle Siebel CRM <=24.2 Oracle / Siebel CRM		<=24.2
Oracle Siebel CRM <=24.3 Oracle / Siebel CRM		<=24.3
Oracle Siebel CRM <=24.1 Oracle / Siebel CRM		<=24.1

CVE-2023-46589

Affected products

Last affected 9 products

Product	Identifier	Version	Remediation
Oracle Siebel CRM <=22.12 Oracle / Siebel CRM		<=22.12
Oracle Siebel CRM <=23.12 Oracle / Siebel CRM		<=23.12
Oracle Siebel CRM <=23.11 Oracle / Siebel CRM		<=23.11
Oracle Siebel CRM <=22.3 Oracle / Siebel CRM		<=22.3
Oracle Siebel CRM <=24.4 Oracle / Siebel CRM		<=24.4
Oracle Siebel CRM <=24.6 Oracle / Siebel CRM		<=24.6
Oracle Siebel CRM <=24.2 Oracle / Siebel CRM		<=24.2
Oracle Siebel CRM <=24.3 Oracle / Siebel CRM		<=24.3
Oracle Siebel CRM <=24.1 Oracle / Siebel CRM		<=24.1

CVE-2023-47627

Affected products

Last affected 9 products

Product	Identifier	Version	Remediation
Oracle Siebel CRM <=22.12 Oracle / Siebel CRM		<=22.12
Oracle Siebel CRM <=23.12 Oracle / Siebel CRM		<=23.12
Oracle Siebel CRM <=23.11 Oracle / Siebel CRM		<=23.11
Oracle Siebel CRM <=22.3 Oracle / Siebel CRM		<=22.3
Oracle Siebel CRM <=24.4 Oracle / Siebel CRM		<=24.4
Oracle Siebel CRM <=24.6 Oracle / Siebel CRM		<=24.6
Oracle Siebel CRM <=24.2 Oracle / Siebel CRM		<=24.2
Oracle Siebel CRM <=24.3 Oracle / Siebel CRM		<=24.3
Oracle Siebel CRM <=24.1 Oracle / Siebel CRM		<=24.1

CVE-2023-5072

Affected products

Last affected 9 products

Product	Identifier	Version	Remediation
Oracle Siebel CRM <=22.12 Oracle / Siebel CRM		<=22.12
Oracle Siebel CRM <=23.12 Oracle / Siebel CRM		<=23.12
Oracle Siebel CRM <=23.11 Oracle / Siebel CRM		<=23.11
Oracle Siebel CRM <=22.3 Oracle / Siebel CRM		<=22.3
Oracle Siebel CRM <=24.4 Oracle / Siebel CRM		<=24.4
Oracle Siebel CRM <=24.6 Oracle / Siebel CRM		<=24.6
Oracle Siebel CRM <=24.2 Oracle / Siebel CRM		<=24.2
Oracle Siebel CRM <=24.3 Oracle / Siebel CRM		<=24.3
Oracle Siebel CRM <=24.1 Oracle / Siebel CRM		<=24.1

CVE-2023-5678

Affected products

Last affected 9 products

Product	Identifier	Version	Remediation
Oracle Siebel CRM <=22.12 Oracle / Siebel CRM		<=22.12
Oracle Siebel CRM <=23.12 Oracle / Siebel CRM		<=23.12
Oracle Siebel CRM <=23.11 Oracle / Siebel CRM		<=23.11
Oracle Siebel CRM <=22.3 Oracle / Siebel CRM		<=22.3
Oracle Siebel CRM <=24.4 Oracle / Siebel CRM		<=24.4
Oracle Siebel CRM <=24.6 Oracle / Siebel CRM		<=24.6
Oracle Siebel CRM <=24.2 Oracle / Siebel CRM		<=24.2
Oracle Siebel CRM <=24.3 Oracle / Siebel CRM		<=24.3
Oracle Siebel CRM <=24.1 Oracle / Siebel CRM		<=24.1

CVE-2023-5764

Affected products

Last affected 9 products

Product	Identifier	Version	Remediation
Oracle Siebel CRM <=22.12 Oracle / Siebel CRM		<=22.12
Oracle Siebel CRM <=23.12 Oracle / Siebel CRM		<=23.12
Oracle Siebel CRM <=23.11 Oracle / Siebel CRM		<=23.11
Oracle Siebel CRM <=22.3 Oracle / Siebel CRM		<=22.3
Oracle Siebel CRM <=24.4 Oracle / Siebel CRM		<=24.4
Oracle Siebel CRM <=24.6 Oracle / Siebel CRM		<=24.6
Oracle Siebel CRM <=24.2 Oracle / Siebel CRM		<=24.2
Oracle Siebel CRM <=24.3 Oracle / Siebel CRM		<=24.3
Oracle Siebel CRM <=24.1 Oracle / Siebel CRM		<=24.1

References

3 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://www.oracle.com/security-alerts/cpujul2024…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Siebel CRM ist eine CRM-L\u00f6sung von Oracle.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Siebel CRM ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-1653 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1653.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-1653 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1653"
      },
      {
        "category": "external",
        "summary": "Oracle Critical Patch Update Advisory - July 2024 - Appendix Oracle Siebel CRM vom 2024-07-16",
        "url": "https://www.oracle.com/security-alerts/cpujul2024.html#AppendixSECR"
      }
    ],
    "source_lang": "en-US",
    "title": "Oracle Siebel CRM: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2024-07-16T22:00:00.000+00:00",
      "generator": {
        "date": "2024-08-15T18:11:30.064+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.5"
        }
      },
      "id": "WID-SEC-W-2024-1653",
      "initial_release_date": "2024-07-16T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-07-16T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c=22.12",
                "product": {
                  "name": "Oracle Siebel CRM \u003c=22.12",
                  "product_id": "T028728"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=23.12",
                "product": {
                  "name": "Oracle Siebel CRM \u003c=23.12",
                  "product_id": "T032128"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=24.2",
                "product": {
                  "name": "Oracle Siebel CRM \u003c=24.2",
                  "product_id": "T034189"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=24.6",
                "product": {
                  "name": "Oracle Siebel CRM \u003c=24.6",
                  "product_id": "T036242"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=24.3",
                "product": {
                  "name": "Oracle Siebel CRM \u003c=24.3",
                  "product_id": "T036243"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=24.1",
                "product": {
                  "name": "Oracle Siebel CRM \u003c=24.1",
                  "product_id": "T036244"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=23.11",
                "product": {
                  "name": "Oracle Siebel CRM \u003c=23.11",
                  "product_id": "T036245"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=22.3",
                "product": {
                  "name": "Oracle Siebel CRM \u003c=22.3",
                  "product_id": "T036246"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=24.4",
                "product": {
                  "name": "Oracle Siebel CRM \u003c=24.4",
                  "product_id": "T036247"
                }
              }
            ],
            "category": "product_name",
            "name": "Siebel CRM"
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-36090",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Siebel CRM existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "last_affected": [
          "T028728",
          "T032128",
          "T036245",
          "T036246",
          "T036247",
          "T036242",
          "T034189",
          "T036243",
          "T036244"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2021-36090"
    },
    {
      "cve": "CVE-2022-34169",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Siebel CRM existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "last_affected": [
          "T028728",
          "T032128",
          "T036245",
          "T036246",
          "T036247",
          "T036242",
          "T034189",
          "T036243",
          "T036244"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2022-34169"
    },
    {
      "cve": "CVE-2022-37434",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Siebel CRM existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "last_affected": [
          "T028728",
          "T032128",
          "T036245",
          "T036246",
          "T036247",
          "T036242",
          "T034189",
          "T036243",
          "T036244"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2022-37434"
    },
    {
      "cve": "CVE-2022-42003",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Siebel CRM existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "last_affected": [
          "T028728",
          "T032128",
          "T036245",
          "T036246",
          "T036247",
          "T036242",
          "T034189",
          "T036243",
          "T036244"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2022-42003"
    },
    {
      "cve": "CVE-2023-22081",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Siebel CRM existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "last_affected": [
          "T028728",
          "T032128",
          "T036245",
          "T036246",
          "T036247",
          "T036242",
          "T034189",
          "T036243",
          "T036244"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2023-22081"
    },
    {
      "cve": "CVE-2023-33201",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Siebel CRM existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "last_affected": [
          "T028728",
          "T032128",
          "T036245",
          "T036246",
          "T036247",
          "T036242",
          "T034189",
          "T036243",
          "T036244"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2023-33201"
    },
    {
      "cve": "CVE-2023-41105",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Siebel CRM existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "last_affected": [
          "T028728",
          "T032128",
          "T036245",
          "T036246",
          "T036247",
          "T036242",
          "T034189",
          "T036243",
          "T036244"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2023-41105"
    },
    {
      "cve": "CVE-2023-46589",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Siebel CRM existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "last_affected": [
          "T028728",
          "T032128",
          "T036245",
          "T036246",
          "T036247",
          "T036242",
          "T034189",
          "T036243",
          "T036244"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2023-46589"
    },
    {
      "cve": "CVE-2023-47627",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Siebel CRM existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "last_affected": [
          "T028728",
          "T032128",
          "T036245",
          "T036246",
          "T036247",
          "T036242",
          "T034189",
          "T036243",
          "T036244"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2023-47627"
    },
    {
      "cve": "CVE-2023-5072",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Siebel CRM existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "last_affected": [
          "T028728",
          "T032128",
          "T036245",
          "T036246",
          "T036247",
          "T036242",
          "T034189",
          "T036243",
          "T036244"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2023-5072"
    },
    {
      "cve": "CVE-2023-5678",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Siebel CRM existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "last_affected": [
          "T028728",
          "T032128",
          "T036245",
          "T036246",
          "T036247",
          "T036242",
          "T034189",
          "T036243",
          "T036244"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2023-5678"
    },
    {
      "cve": "CVE-2023-5764",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Siebel CRM existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "last_affected": [
          "T028728",
          "T032128",
          "T036245",
          "T036246",
          "T036247",
          "T036242",
          "T034189",
          "T036243",
          "T036244"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2023-5764"
    }
  ]
}

WID-SEC-W-2024-1659

Vulnerability from csaf_certbund - Published: 2024-07-16 22:00 - Updated: 2024-07-16 22:00

Summary

Oracle Insurance Applications: Mehrere Schwachstellen

Severity

Hoch

Notes

Produktbeschreibung: Oracle Insurance Applications ist eine Produktfamilie mit Lösungen für die Versicherungsbranche.

Angriff: Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Insurance Applications ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.

Betroffene Betriebssysteme: - Sonstiges - UNIX - Windows

CVE-2020-13956

In Oracle Insurance Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL-HOCH" für die Schadenshöhe.

Affected products

Known affected 3 products

Product	Identifier	Version
Oracle Insurance Applications 11.2.12 Oracle / Insurance Applications	`cpe:/a:oracle:insurance_applications:11.2.12`	11.2.12
Oracle Insurance Applications 12.7.1 Oracle / Insurance Applications	`cpe:/a:oracle:insurance_applications:12.7.1`	12.7.1
Oracle Insurance Applications 12.6.4 Oracle / Insurance Applications	`cpe:/a:oracle:insurance_applications:12.6.4`	12.6.4

Last affected 1 product

Product	Identifier	Version	Remediation
Oracle Insurance Applications <=11.3.2 Oracle / Insurance Applications		<=11.3.2

CVE-2022-34169

Affected products

Known affected 3 products

Product	Identifier	Version
Oracle Insurance Applications 11.2.12 Oracle / Insurance Applications	`cpe:/a:oracle:insurance_applications:11.2.12`	11.2.12
Oracle Insurance Applications 12.7.1 Oracle / Insurance Applications	`cpe:/a:oracle:insurance_applications:12.7.1`	12.7.1
Oracle Insurance Applications 12.6.4 Oracle / Insurance Applications	`cpe:/a:oracle:insurance_applications:12.6.4`	12.6.4

Last affected 1 product

Product	Identifier	Version	Remediation
Oracle Insurance Applications <=11.3.2 Oracle / Insurance Applications		<=11.3.2

CVE-2023-21036

Affected products

Known affected 3 products

Product	Identifier	Version
Oracle Insurance Applications 11.2.12 Oracle / Insurance Applications	`cpe:/a:oracle:insurance_applications:11.2.12`	11.2.12
Oracle Insurance Applications 12.7.1 Oracle / Insurance Applications	`cpe:/a:oracle:insurance_applications:12.7.1`	12.7.1
Oracle Insurance Applications 12.6.4 Oracle / Insurance Applications	`cpe:/a:oracle:insurance_applications:12.6.4`	12.6.4

Last affected 1 product

Product	Identifier	Version	Remediation
Oracle Insurance Applications <=11.3.2 Oracle / Insurance Applications		<=11.3.2

CVE-2023-29081

Affected products

Known affected 3 products

Product	Identifier	Version
Oracle Insurance Applications 11.2.12 Oracle / Insurance Applications	`cpe:/a:oracle:insurance_applications:11.2.12`	11.2.12
Oracle Insurance Applications 12.7.1 Oracle / Insurance Applications	`cpe:/a:oracle:insurance_applications:12.7.1`	12.7.1
Oracle Insurance Applications 12.6.4 Oracle / Insurance Applications	`cpe:/a:oracle:insurance_applications:12.6.4`	12.6.4

Last affected 1 product

Product	Identifier	Version	Remediation
Oracle Insurance Applications <=11.3.2 Oracle / Insurance Applications		<=11.3.2

CVE-2024-22257

Affected products

Known affected 3 products

Product	Identifier	Version
Oracle Insurance Applications 11.2.12 Oracle / Insurance Applications	`cpe:/a:oracle:insurance_applications:11.2.12`	11.2.12
Oracle Insurance Applications 12.7.1 Oracle / Insurance Applications	`cpe:/a:oracle:insurance_applications:12.7.1`	12.7.1
Oracle Insurance Applications 12.6.4 Oracle / Insurance Applications	`cpe:/a:oracle:insurance_applications:12.6.4`	12.6.4

Last affected 1 product

Product	Identifier	Version	Remediation
Oracle Insurance Applications <=11.3.2 Oracle / Insurance Applications		<=11.3.2

CVE-2024-22262

Affected products

Known affected 3 products

Product	Identifier	Version
Oracle Insurance Applications 11.2.12 Oracle / Insurance Applications	`cpe:/a:oracle:insurance_applications:11.2.12`	11.2.12
Oracle Insurance Applications 12.7.1 Oracle / Insurance Applications	`cpe:/a:oracle:insurance_applications:12.7.1`	12.7.1
Oracle Insurance Applications 12.6.4 Oracle / Insurance Applications	`cpe:/a:oracle:insurance_applications:12.6.4`	12.6.4

Last affected 1 product

Product	Identifier	Version	Remediation
Oracle Insurance Applications <=11.3.2 Oracle / Insurance Applications		<=11.3.2

CVE-2024-23635

Affected products

Known affected 3 products

Product	Identifier	Version
Oracle Insurance Applications 11.2.12 Oracle / Insurance Applications	`cpe:/a:oracle:insurance_applications:11.2.12`	11.2.12
Oracle Insurance Applications 12.7.1 Oracle / Insurance Applications	`cpe:/a:oracle:insurance_applications:12.7.1`	12.7.1
Oracle Insurance Applications 12.6.4 Oracle / Insurance Applications	`cpe:/a:oracle:insurance_applications:12.6.4`	12.6.4

Last affected 1 product

Product	Identifier	Version	Remediation
Oracle Insurance Applications <=11.3.2 Oracle / Insurance Applications		<=11.3.2

CVE-2024-26308

Affected products

Known affected 3 products

Product	Identifier	Version
Oracle Insurance Applications 11.2.12 Oracle / Insurance Applications	`cpe:/a:oracle:insurance_applications:11.2.12`	11.2.12
Oracle Insurance Applications 12.7.1 Oracle / Insurance Applications	`cpe:/a:oracle:insurance_applications:12.7.1`	12.7.1
Oracle Insurance Applications 12.6.4 Oracle / Insurance Applications	`cpe:/a:oracle:insurance_applications:12.6.4`	12.6.4

Last affected 1 product

Product	Identifier	Version	Remediation
Oracle Insurance Applications <=11.3.2 Oracle / Insurance Applications		<=11.3.2

References

3 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://www.oracle.com/security-alerts/cpujul2024…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Oracle Insurance Applications ist eine Produktfamilie mit L\u00f6sungen f\u00fcr die Versicherungsbranche.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Insurance Applications ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Sonstiges\n- UNIX\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-1659 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1659.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-1659 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1659"
      },
      {
        "category": "external",
        "summary": "Oracle Critical Patch Update Advisory - July 2024 - Appendix Oracle Insurance Applications vom 2024-07-16",
        "url": "https://www.oracle.com/security-alerts/cpujul2024.html#AppendixINSU"
      }
    ],
    "source_lang": "en-US",
    "title": "Oracle Insurance Applications: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2024-07-16T22:00:00.000+00:00",
      "generator": {
        "date": "2024-08-15T18:11:32.285+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.5"
        }
      },
      "id": "WID-SEC-W-2024-1659",
      "initial_release_date": "2024-07-16T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-07-16T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "12.6.4",
                "product": {
                  "name": "Oracle Insurance Applications 12.6.4",
                  "product_id": "T020709",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:insurance_applications:12.6.4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "12.7.1",
                "product": {
                  "name": "Oracle Insurance Applications 12.7.1",
                  "product_id": "T028713",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:insurance_applications:12.7.1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "11.2.12",
                "product": {
                  "name": "Oracle Insurance Applications 11.2.12",
                  "product_id": "T036227",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:insurance_applications:11.2.12"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=11.3.2",
                "product": {
                  "name": "Oracle Insurance Applications \u003c=11.3.2",
                  "product_id": "T036228"
                }
              }
            ],
            "category": "product_name",
            "name": "Insurance Applications"
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2020-13956",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Insurance Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL-HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036227",
          "T028713",
          "T020709"
        ],
        "last_affected": [
          "T036228"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2020-13956"
    },
    {
      "cve": "CVE-2022-34169",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Insurance Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL-HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036227",
          "T028713",
          "T020709"
        ],
        "last_affected": [
          "T036228"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2022-34169"
    },
    {
      "cve": "CVE-2023-21036",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Insurance Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL-HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036227",
          "T028713",
          "T020709"
        ],
        "last_affected": [
          "T036228"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2023-21036"
    },
    {
      "cve": "CVE-2023-29081",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Insurance Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL-HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036227",
          "T028713",
          "T020709"
        ],
        "last_affected": [
          "T036228"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2023-29081"
    },
    {
      "cve": "CVE-2024-22257",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Insurance Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL-HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036227",
          "T028713",
          "T020709"
        ],
        "last_affected": [
          "T036228"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-22257"
    },
    {
      "cve": "CVE-2024-22262",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Insurance Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL-HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036227",
          "T028713",
          "T020709"
        ],
        "last_affected": [
          "T036228"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-22262"
    },
    {
      "cve": "CVE-2024-23635",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Insurance Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL-HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036227",
          "T028713",
          "T020709"
        ],
        "last_affected": [
          "T036228"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-23635"
    },
    {
      "cve": "CVE-2024-26308",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Insurance Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL-HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036227",
          "T028713",
          "T020709"
        ],
        "last_affected": [
          "T036228"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-26308"
    }
  ]
}

WID-SEC-W-2025-0144

Vulnerability from csaf_certbund - Published: 2025-01-21 23:00 - Updated: 2025-01-21 23:00

Summary

Oracle Financial Services Applications: Mehrere Schwachstellen

Severity

Hoch

Notes

Produktbeschreibung: Oracle Financial Services ist eine Zusammenstellung von Anwendungen für den Finanzsektor und eine Technologiebasis zur Erfüllung von IT- und Geschäftsanforderungen.

Angriff: Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Financial Services Applications ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.

Betroffene Betriebssysteme: - Linux - UNIX - Windows

CVE-2022-34169

In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.

Affected products

Known affected 12 products

Product	Identifier	Version
Oracle Financial Services Applications 8.0.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8`	8.0.8
Oracle Financial Services Applications 8.0.8.1 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.1`	8.0.8.1
Oracle Financial Services Applications 8.1.2.6 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.6`	8.1.2.6
Oracle Financial Services Applications 14.7.5.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:14.7.5.0.0`	14.7.5.0.0
Oracle Financial Services Applications 14.4.0.0.0-14.7.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:14.4.0.0.0_-_14.7.0.0.0`	14.4.0.0.0-14.7.0.0.0
Oracle Financial Services Applications 8.1.2.5 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.5`	8.1.2.5
Oracle Financial Services Applications 8.1.2.7 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.7`	8.1.2.7
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0`	2.9.0.0.0-7.0.0.0.0
Oracle Financial Services Applications 8.1.2.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.8`	8.1.2.8
Oracle Financial Services Applications 8.1.3.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.3.0`	8.1.3.0
Oracle Financial Services Applications 8.0.8.6 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.6`	8.0.8.6
Oracle Financial Services Applications 8.0.7.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.7.8`	8.0.7.8

CVE-2023-26031

Affected products

Known affected 12 products

Product	Identifier	Version
Oracle Financial Services Applications 8.0.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8`	8.0.8
Oracle Financial Services Applications 8.0.8.1 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.1`	8.0.8.1
Oracle Financial Services Applications 8.1.2.6 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.6`	8.1.2.6
Oracle Financial Services Applications 14.7.5.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:14.7.5.0.0`	14.7.5.0.0
Oracle Financial Services Applications 14.4.0.0.0-14.7.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:14.4.0.0.0_-_14.7.0.0.0`	14.4.0.0.0-14.7.0.0.0
Oracle Financial Services Applications 8.1.2.5 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.5`	8.1.2.5
Oracle Financial Services Applications 8.1.2.7 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.7`	8.1.2.7
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0`	2.9.0.0.0-7.0.0.0.0
Oracle Financial Services Applications 8.1.2.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.8`	8.1.2.8
Oracle Financial Services Applications 8.1.3.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.3.0`	8.1.3.0
Oracle Financial Services Applications 8.0.8.6 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.6`	8.0.8.6
Oracle Financial Services Applications 8.0.7.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.7.8`	8.0.7.8

CVE-2023-33201

Affected products

Known affected 12 products

Product	Identifier	Version
Oracle Financial Services Applications 8.0.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8`	8.0.8
Oracle Financial Services Applications 8.0.8.1 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.1`	8.0.8.1
Oracle Financial Services Applications 8.1.2.6 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.6`	8.1.2.6
Oracle Financial Services Applications 14.7.5.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:14.7.5.0.0`	14.7.5.0.0
Oracle Financial Services Applications 14.4.0.0.0-14.7.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:14.4.0.0.0_-_14.7.0.0.0`	14.4.0.0.0-14.7.0.0.0
Oracle Financial Services Applications 8.1.2.5 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.5`	8.1.2.5
Oracle Financial Services Applications 8.1.2.7 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.7`	8.1.2.7
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0`	2.9.0.0.0-7.0.0.0.0
Oracle Financial Services Applications 8.1.2.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.8`	8.1.2.8
Oracle Financial Services Applications 8.1.3.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.3.0`	8.1.3.0
Oracle Financial Services Applications 8.0.8.6 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.6`	8.0.8.6
Oracle Financial Services Applications 8.0.7.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.7.8`	8.0.7.8

CVE-2023-39410

Affected products

Known affected 12 products

Product	Identifier	Version
Oracle Financial Services Applications 8.0.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8`	8.0.8
Oracle Financial Services Applications 8.0.8.1 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.1`	8.0.8.1
Oracle Financial Services Applications 8.1.2.6 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.6`	8.1.2.6
Oracle Financial Services Applications 14.7.5.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:14.7.5.0.0`	14.7.5.0.0
Oracle Financial Services Applications 14.4.0.0.0-14.7.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:14.4.0.0.0_-_14.7.0.0.0`	14.4.0.0.0-14.7.0.0.0
Oracle Financial Services Applications 8.1.2.5 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.5`	8.1.2.5
Oracle Financial Services Applications 8.1.2.7 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.7`	8.1.2.7
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0`	2.9.0.0.0-7.0.0.0.0
Oracle Financial Services Applications 8.1.2.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.8`	8.1.2.8
Oracle Financial Services Applications 8.1.3.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.3.0`	8.1.3.0
Oracle Financial Services Applications 8.0.8.6 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.6`	8.0.8.6
Oracle Financial Services Applications 8.0.7.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.7.8`	8.0.7.8

CVE-2023-44483

Affected products

Known affected 12 products

Product	Identifier	Version
Oracle Financial Services Applications 8.0.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8`	8.0.8
Oracle Financial Services Applications 8.0.8.1 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.1`	8.0.8.1
Oracle Financial Services Applications 8.1.2.6 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.6`	8.1.2.6
Oracle Financial Services Applications 14.7.5.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:14.7.5.0.0`	14.7.5.0.0
Oracle Financial Services Applications 14.4.0.0.0-14.7.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:14.4.0.0.0_-_14.7.0.0.0`	14.4.0.0.0-14.7.0.0.0
Oracle Financial Services Applications 8.1.2.5 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.5`	8.1.2.5
Oracle Financial Services Applications 8.1.2.7 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.7`	8.1.2.7
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0`	2.9.0.0.0-7.0.0.0.0
Oracle Financial Services Applications 8.1.2.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.8`	8.1.2.8
Oracle Financial Services Applications 8.1.3.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.3.0`	8.1.3.0
Oracle Financial Services Applications 8.0.8.6 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.6`	8.0.8.6
Oracle Financial Services Applications 8.0.7.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.7.8`	8.0.7.8

CVE-2023-48795

Affected products

Known affected 12 products

Product	Identifier	Version
Oracle Financial Services Applications 8.0.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8`	8.0.8
Oracle Financial Services Applications 8.0.8.1 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.1`	8.0.8.1
Oracle Financial Services Applications 8.1.2.6 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.6`	8.1.2.6
Oracle Financial Services Applications 14.7.5.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:14.7.5.0.0`	14.7.5.0.0
Oracle Financial Services Applications 14.4.0.0.0-14.7.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:14.4.0.0.0_-_14.7.0.0.0`	14.4.0.0.0-14.7.0.0.0
Oracle Financial Services Applications 8.1.2.5 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.5`	8.1.2.5
Oracle Financial Services Applications 8.1.2.7 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.7`	8.1.2.7
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0`	2.9.0.0.0-7.0.0.0.0
Oracle Financial Services Applications 8.1.2.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.8`	8.1.2.8
Oracle Financial Services Applications 8.1.3.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.3.0`	8.1.3.0
Oracle Financial Services Applications 8.0.8.6 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.6`	8.0.8.6
Oracle Financial Services Applications 8.0.7.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.7.8`	8.0.7.8

CVE-2023-51074

Affected products

Known affected 12 products

Product	Identifier	Version
Oracle Financial Services Applications 8.0.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8`	8.0.8
Oracle Financial Services Applications 8.0.8.1 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.1`	8.0.8.1
Oracle Financial Services Applications 8.1.2.6 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.6`	8.1.2.6
Oracle Financial Services Applications 14.7.5.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:14.7.5.0.0`	14.7.5.0.0
Oracle Financial Services Applications 14.4.0.0.0-14.7.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:14.4.0.0.0_-_14.7.0.0.0`	14.4.0.0.0-14.7.0.0.0
Oracle Financial Services Applications 8.1.2.5 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.5`	8.1.2.5
Oracle Financial Services Applications 8.1.2.7 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.7`	8.1.2.7
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0`	2.9.0.0.0-7.0.0.0.0
Oracle Financial Services Applications 8.1.2.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.8`	8.1.2.8
Oracle Financial Services Applications 8.1.3.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.3.0`	8.1.3.0
Oracle Financial Services Applications 8.0.8.6 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.6`	8.0.8.6
Oracle Financial Services Applications 8.0.7.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.7.8`	8.0.7.8

CVE-2023-52070

Affected products

Known affected 12 products

Product	Identifier	Version
Oracle Financial Services Applications 8.0.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8`	8.0.8
Oracle Financial Services Applications 8.0.8.1 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.1`	8.0.8.1
Oracle Financial Services Applications 8.1.2.6 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.6`	8.1.2.6
Oracle Financial Services Applications 14.7.5.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:14.7.5.0.0`	14.7.5.0.0
Oracle Financial Services Applications 14.4.0.0.0-14.7.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:14.4.0.0.0_-_14.7.0.0.0`	14.4.0.0.0-14.7.0.0.0
Oracle Financial Services Applications 8.1.2.5 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.5`	8.1.2.5
Oracle Financial Services Applications 8.1.2.7 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.7`	8.1.2.7
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0`	2.9.0.0.0-7.0.0.0.0
Oracle Financial Services Applications 8.1.2.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.8`	8.1.2.8
Oracle Financial Services Applications 8.1.3.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.3.0`	8.1.3.0
Oracle Financial Services Applications 8.0.8.6 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.6`	8.0.8.6
Oracle Financial Services Applications 8.0.7.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.7.8`	8.0.7.8

CVE-2024-28219

Affected products

Known affected 12 products

Product	Identifier	Version
Oracle Financial Services Applications 8.0.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8`	8.0.8
Oracle Financial Services Applications 8.0.8.1 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.1`	8.0.8.1
Oracle Financial Services Applications 8.1.2.6 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.6`	8.1.2.6
Oracle Financial Services Applications 14.7.5.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:14.7.5.0.0`	14.7.5.0.0
Oracle Financial Services Applications 14.4.0.0.0-14.7.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:14.4.0.0.0_-_14.7.0.0.0`	14.4.0.0.0-14.7.0.0.0
Oracle Financial Services Applications 8.1.2.5 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.5`	8.1.2.5
Oracle Financial Services Applications 8.1.2.7 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.7`	8.1.2.7
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0`	2.9.0.0.0-7.0.0.0.0
Oracle Financial Services Applications 8.1.2.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.8`	8.1.2.8
Oracle Financial Services Applications 8.1.3.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.3.0`	8.1.3.0
Oracle Financial Services Applications 8.0.8.6 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.6`	8.0.8.6
Oracle Financial Services Applications 8.0.7.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.7.8`	8.0.7.8

CVE-2024-34064

Affected products

Known affected 12 products

Product	Identifier	Version
Oracle Financial Services Applications 8.0.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8`	8.0.8
Oracle Financial Services Applications 8.0.8.1 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.1`	8.0.8.1
Oracle Financial Services Applications 8.1.2.6 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.6`	8.1.2.6
Oracle Financial Services Applications 14.7.5.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:14.7.5.0.0`	14.7.5.0.0
Oracle Financial Services Applications 14.4.0.0.0-14.7.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:14.4.0.0.0_-_14.7.0.0.0`	14.4.0.0.0-14.7.0.0.0
Oracle Financial Services Applications 8.1.2.5 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.5`	8.1.2.5
Oracle Financial Services Applications 8.1.2.7 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.7`	8.1.2.7
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0`	2.9.0.0.0-7.0.0.0.0
Oracle Financial Services Applications 8.1.2.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.8`	8.1.2.8
Oracle Financial Services Applications 8.1.3.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.3.0`	8.1.3.0
Oracle Financial Services Applications 8.0.8.6 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.6`	8.0.8.6
Oracle Financial Services Applications 8.0.7.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.7.8`	8.0.7.8

CVE-2024-34750

Affected products

Known affected 12 products

Product	Identifier	Version
Oracle Financial Services Applications 8.0.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8`	8.0.8
Oracle Financial Services Applications 8.0.8.1 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.1`	8.0.8.1
Oracle Financial Services Applications 8.1.2.6 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.6`	8.1.2.6
Oracle Financial Services Applications 14.7.5.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:14.7.5.0.0`	14.7.5.0.0
Oracle Financial Services Applications 14.4.0.0.0-14.7.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:14.4.0.0.0_-_14.7.0.0.0`	14.4.0.0.0-14.7.0.0.0
Oracle Financial Services Applications 8.1.2.5 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.5`	8.1.2.5
Oracle Financial Services Applications 8.1.2.7 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.7`	8.1.2.7
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0`	2.9.0.0.0-7.0.0.0.0
Oracle Financial Services Applications 8.1.2.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.8`	8.1.2.8
Oracle Financial Services Applications 8.1.3.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.3.0`	8.1.3.0
Oracle Financial Services Applications 8.0.8.6 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.6`	8.0.8.6
Oracle Financial Services Applications 8.0.7.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.7.8`	8.0.7.8

CVE-2024-35195

Affected products

Known affected 12 products

Product	Identifier	Version
Oracle Financial Services Applications 8.0.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8`	8.0.8
Oracle Financial Services Applications 8.0.8.1 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.1`	8.0.8.1
Oracle Financial Services Applications 8.1.2.6 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.6`	8.1.2.6
Oracle Financial Services Applications 14.7.5.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:14.7.5.0.0`	14.7.5.0.0
Oracle Financial Services Applications 14.4.0.0.0-14.7.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:14.4.0.0.0_-_14.7.0.0.0`	14.4.0.0.0-14.7.0.0.0
Oracle Financial Services Applications 8.1.2.5 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.5`	8.1.2.5
Oracle Financial Services Applications 8.1.2.7 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.7`	8.1.2.7
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0`	2.9.0.0.0-7.0.0.0.0
Oracle Financial Services Applications 8.1.2.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.8`	8.1.2.8
Oracle Financial Services Applications 8.1.3.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.3.0`	8.1.3.0
Oracle Financial Services Applications 8.0.8.6 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.6`	8.0.8.6
Oracle Financial Services Applications 8.0.7.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.7.8`	8.0.7.8

CVE-2024-38819

Affected products

Known affected 12 products

Product	Identifier	Version
Oracle Financial Services Applications 8.0.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8`	8.0.8
Oracle Financial Services Applications 8.0.8.1 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.1`	8.0.8.1
Oracle Financial Services Applications 8.1.2.6 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.6`	8.1.2.6
Oracle Financial Services Applications 14.7.5.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:14.7.5.0.0`	14.7.5.0.0
Oracle Financial Services Applications 14.4.0.0.0-14.7.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:14.4.0.0.0_-_14.7.0.0.0`	14.4.0.0.0-14.7.0.0.0
Oracle Financial Services Applications 8.1.2.5 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.5`	8.1.2.5
Oracle Financial Services Applications 8.1.2.7 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.7`	8.1.2.7
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0`	2.9.0.0.0-7.0.0.0.0
Oracle Financial Services Applications 8.1.2.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.8`	8.1.2.8
Oracle Financial Services Applications 8.1.3.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.3.0`	8.1.3.0
Oracle Financial Services Applications 8.0.8.6 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.6`	8.0.8.6
Oracle Financial Services Applications 8.0.7.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.7.8`	8.0.7.8

CVE-2024-38827

Affected products

Known affected 12 products

Product	Identifier	Version
Oracle Financial Services Applications 8.0.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8`	8.0.8
Oracle Financial Services Applications 8.0.8.1 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.1`	8.0.8.1
Oracle Financial Services Applications 8.1.2.6 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.6`	8.1.2.6
Oracle Financial Services Applications 14.7.5.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:14.7.5.0.0`	14.7.5.0.0
Oracle Financial Services Applications 14.4.0.0.0-14.7.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:14.4.0.0.0_-_14.7.0.0.0`	14.4.0.0.0-14.7.0.0.0
Oracle Financial Services Applications 8.1.2.5 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.5`	8.1.2.5
Oracle Financial Services Applications 8.1.2.7 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.7`	8.1.2.7
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0`	2.9.0.0.0-7.0.0.0.0
Oracle Financial Services Applications 8.1.2.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.8`	8.1.2.8
Oracle Financial Services Applications 8.1.3.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.3.0`	8.1.3.0
Oracle Financial Services Applications 8.0.8.6 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.6`	8.0.8.6
Oracle Financial Services Applications 8.0.7.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.7.8`	8.0.7.8

CVE-2024-45492

Affected products

Known affected 12 products

Product	Identifier	Version
Oracle Financial Services Applications 8.0.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8`	8.0.8
Oracle Financial Services Applications 8.0.8.1 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.1`	8.0.8.1
Oracle Financial Services Applications 8.1.2.6 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.6`	8.1.2.6
Oracle Financial Services Applications 14.7.5.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:14.7.5.0.0`	14.7.5.0.0
Oracle Financial Services Applications 14.4.0.0.0-14.7.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:14.4.0.0.0_-_14.7.0.0.0`	14.4.0.0.0-14.7.0.0.0
Oracle Financial Services Applications 8.1.2.5 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.5`	8.1.2.5
Oracle Financial Services Applications 8.1.2.7 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.7`	8.1.2.7
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0`	2.9.0.0.0-7.0.0.0.0
Oracle Financial Services Applications 8.1.2.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.8`	8.1.2.8
Oracle Financial Services Applications 8.1.3.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.3.0`	8.1.3.0
Oracle Financial Services Applications 8.0.8.6 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.6`	8.0.8.6
Oracle Financial Services Applications 8.0.7.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.7.8`	8.0.7.8

CVE-2025-21550

Affected products

Known affected 12 products

Product	Identifier	Version
Oracle Financial Services Applications 8.0.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8`	8.0.8
Oracle Financial Services Applications 8.0.8.1 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.1`	8.0.8.1
Oracle Financial Services Applications 8.1.2.6 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.6`	8.1.2.6
Oracle Financial Services Applications 14.7.5.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:14.7.5.0.0`	14.7.5.0.0
Oracle Financial Services Applications 14.4.0.0.0-14.7.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:14.4.0.0.0_-_14.7.0.0.0`	14.4.0.0.0-14.7.0.0.0
Oracle Financial Services Applications 8.1.2.5 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.5`	8.1.2.5
Oracle Financial Services Applications 8.1.2.7 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.7`	8.1.2.7
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0`	2.9.0.0.0-7.0.0.0.0
Oracle Financial Services Applications 8.1.2.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.8`	8.1.2.8
Oracle Financial Services Applications 8.1.3.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.3.0`	8.1.3.0
Oracle Financial Services Applications 8.0.8.6 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.6`	8.0.8.6
Oracle Financial Services Applications 8.0.7.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.7.8`	8.0.7.8

References

3 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://www.oracle.com/security-alerts/cpujan2025…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Oracle Financial Services ist eine Zusammenstellung  von Anwendungen f\u00fcr den Finanzsektor und eine Technologiebasis zur Erf\u00fcllung von IT- und Gesch\u00e4ftsanforderungen.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Financial Services Applications ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux\n- UNIX\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2025-0144 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0144.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2025-0144 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0144"
      },
      {
        "category": "external",
        "summary": "Oracle Critical Patch Update Advisory - January 2025 - Appendix Oracle Financial Services Applications vom 2025-01-21",
        "url": "https://www.oracle.com/security-alerts/cpujan2025.html#AppendixIFLX"
      }
    ],
    "source_lang": "en-US",
    "title": "Oracle Financial Services Applications: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2025-01-21T23:00:00.000+00:00",
      "generator": {
        "date": "2025-01-22T09:43:52.607+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.10"
        }
      },
      "id": "WID-SEC-W-2025-0144",
      "initial_release_date": "2025-01-21T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2025-01-21T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "8.0.8",
                "product": {
                  "name": "Oracle Financial Services Applications 8.0.8",
                  "product_id": "T021677",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:8.0.8"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.0.8.1",
                "product": {
                  "name": "Oracle Financial Services Applications 8.0.8.1",
                  "product_id": "T022844",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:8.0.8.1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.1.2.5",
                "product": {
                  "name": "Oracle Financial Services Applications 8.1.2.5",
                  "product_id": "T028706",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:8.1.2.5"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.1.2.6",
                "product": {
                  "name": "Oracle Financial Services Applications 8.1.2.6",
                  "product_id": "T032104",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:8.1.2.6"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.1.2.7",
                "product": {
                  "name": "Oracle Financial Services Applications 8.1.2.7",
                  "product_id": "T036217",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:8.1.2.7"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.1.2.8",
                "product": {
                  "name": "Oracle Financial Services Applications 8.1.2.8",
                  "product_id": "T038392",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:8.1.2.8"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "14.7.5.0.0",
                "product": {
                  "name": "Oracle Financial Services Applications 14.7.5.0.0",
                  "product_id": "T038393",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:14.7.5.0.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.0.7.8",
                "product": {
                  "name": "Oracle Financial Services Applications 8.0.7.8",
                  "product_id": "T040464",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:8.0.7.8"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.0.8.6",
                "product": {
                  "name": "Oracle Financial Services Applications 8.0.8.6",
                  "product_id": "T040465",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:8.0.8.6"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.1.3.0",
                "product": {
                  "name": "Oracle Financial Services Applications 8.1.3.0",
                  "product_id": "T040466",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:8.1.3.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "2.9.0.0.0-7.0.0.0.0",
                "product": {
                  "name": "Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0",
                  "product_id": "T040516",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "14.4.0.0.0-14.7.0.0.0",
                "product": {
                  "name": "Oracle Financial Services Applications 14.4.0.0.0-14.7.0.0.0",
                  "product_id": "T040517",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:14.4.0.0.0_-_14.7.0.0.0"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Financial Services Applications"
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-34169",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T021677",
          "T022844",
          "T032104",
          "T038393",
          "T040517",
          "T028706",
          "T036217",
          "T040516",
          "T038392",
          "T040466",
          "T040465",
          "T040464"
        ]
      },
      "release_date": "2025-01-21T23:00:00.000+00:00",
      "title": "CVE-2022-34169"
    },
    {
      "cve": "CVE-2023-26031",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T021677",
          "T022844",
          "T032104",
          "T038393",
          "T040517",
          "T028706",
          "T036217",
          "T040516",
          "T038392",
          "T040466",
          "T040465",
          "T040464"
        ]
      },
      "release_date": "2025-01-21T23:00:00.000+00:00",
      "title": "CVE-2023-26031"
    },
    {
      "cve": "CVE-2023-33201",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T021677",
          "T022844",
          "T032104",
          "T038393",
          "T040517",
          "T028706",
          "T036217",
          "T040516",
          "T038392",
          "T040466",
          "T040465",
          "T040464"
        ]
      },
      "release_date": "2025-01-21T23:00:00.000+00:00",
      "title": "CVE-2023-33201"
    },
    {
      "cve": "CVE-2023-39410",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T021677",
          "T022844",
          "T032104",
          "T038393",
          "T040517",
          "T028706",
          "T036217",
          "T040516",
          "T038392",
          "T040466",
          "T040465",
          "T040464"
        ]
      },
      "release_date": "2025-01-21T23:00:00.000+00:00",
      "title": "CVE-2023-39410"
    },
    {
      "cve": "CVE-2023-44483",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T021677",
          "T022844",
          "T032104",
          "T038393",
          "T040517",
          "T028706",
          "T036217",
          "T040516",
          "T038392",
          "T040466",
          "T040465",
          "T040464"
        ]
      },
      "release_date": "2025-01-21T23:00:00.000+00:00",
      "title": "CVE-2023-44483"
    },
    {
      "cve": "CVE-2023-48795",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T021677",
          "T022844",
          "T032104",
          "T038393",
          "T040517",
          "T028706",
          "T036217",
          "T040516",
          "T038392",
          "T040466",
          "T040465",
          "T040464"
        ]
      },
      "release_date": "2025-01-21T23:00:00.000+00:00",
      "title": "CVE-2023-48795"
    },
    {
      "cve": "CVE-2023-51074",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T021677",
          "T022844",
          "T032104",
          "T038393",
          "T040517",
          "T028706",
          "T036217",
          "T040516",
          "T038392",
          "T040466",
          "T040465",
          "T040464"
        ]
      },
      "release_date": "2025-01-21T23:00:00.000+00:00",
      "title": "CVE-2023-51074"
    },
    {
      "cve": "CVE-2023-52070",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T021677",
          "T022844",
          "T032104",
          "T038393",
          "T040517",
          "T028706",
          "T036217",
          "T040516",
          "T038392",
          "T040466",
          "T040465",
          "T040464"
        ]
      },
      "release_date": "2025-01-21T23:00:00.000+00:00",
      "title": "CVE-2023-52070"
    },
    {
      "cve": "CVE-2024-28219",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T021677",
          "T022844",
          "T032104",
          "T038393",
          "T040517",
          "T028706",
          "T036217",
          "T040516",
          "T038392",
          "T040466",
          "T040465",
          "T040464"
        ]
      },
      "release_date": "2025-01-21T23:00:00.000+00:00",
      "title": "CVE-2024-28219"
    },
    {
      "cve": "CVE-2024-34064",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T021677",
          "T022844",
          "T032104",
          "T038393",
          "T040517",
          "T028706",
          "T036217",
          "T040516",
          "T038392",
          "T040466",
          "T040465",
          "T040464"
        ]
      },
      "release_date": "2025-01-21T23:00:00.000+00:00",
      "title": "CVE-2024-34064"
    },
    {
      "cve": "CVE-2024-34750",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T021677",
          "T022844",
          "T032104",
          "T038393",
          "T040517",
          "T028706",
          "T036217",
          "T040516",
          "T038392",
          "T040466",
          "T040465",
          "T040464"
        ]
      },
      "release_date": "2025-01-21T23:00:00.000+00:00",
      "title": "CVE-2024-34750"
    },
    {
      "cve": "CVE-2024-35195",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T021677",
          "T022844",
          "T032104",
          "T038393",
          "T040517",
          "T028706",
          "T036217",
          "T040516",
          "T038392",
          "T040466",
          "T040465",
          "T040464"
        ]
      },
      "release_date": "2025-01-21T23:00:00.000+00:00",
      "title": "CVE-2024-35195"
    },
    {
      "cve": "CVE-2024-38819",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T021677",
          "T022844",
          "T032104",
          "T038393",
          "T040517",
          "T028706",
          "T036217",
          "T040516",
          "T038392",
          "T040466",
          "T040465",
          "T040464"
        ]
      },
      "release_date": "2025-01-21T23:00:00.000+00:00",
      "title": "CVE-2024-38819"
    },
    {
      "cve": "CVE-2024-38827",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T021677",
          "T022844",
          "T032104",
          "T038393",
          "T040517",
          "T028706",
          "T036217",
          "T040516",
          "T038392",
          "T040466",
          "T040465",
          "T040464"
        ]
      },
      "release_date": "2025-01-21T23:00:00.000+00:00",
      "title": "CVE-2024-38827"
    },
    {
      "cve": "CVE-2024-45492",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T021677",
          "T022844",
          "T032104",
          "T038393",
          "T040517",
          "T028706",
          "T036217",
          "T040516",
          "T038392",
          "T040466",
          "T040465",
          "T040464"
        ]
      },
      "release_date": "2025-01-21T23:00:00.000+00:00",
      "title": "CVE-2024-45492"
    },
    {
      "cve": "CVE-2025-21550",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T021677",
          "T022844",
          "T032104",
          "T038393",
          "T040517",
          "T028706",
          "T036217",
          "T040516",
          "T038392",
          "T040466",
          "T040465",
          "T040464"
        ]
      },
      "release_date": "2025-01-21T23:00:00.000+00:00",
      "title": "CVE-2025-21550"
    }
  ]
}

WID-SEC-W-2025-1563

Vulnerability from csaf_certbund - Published: 2025-07-15 22:00 - Updated: 2025-07-15 22:00

Summary

Oracle Supply Chain: Mehrere Schwachstellen

Severity

Hoch

Notes

Produktbeschreibung: Die Oracle Supply Chain ist eine Sammlung von Applikationen für verschiedene Zwecke.

Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Oracle Supply Chain ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.

Betroffene Betriebssysteme: - Linux - UNIX - Windows

CVE-2021-42575

Affected products

Known affected 5 products

Product	Identifier	Version
Oracle Supply Chain 6.2.1 Oracle / Supply Chain	`cpe:/a:oracle:supply_chain:6.2.1`	6.2.1
Oracle Supply Chain 3.6.1 Oracle / Supply Chain	`cpe:/a:oracle:supply_chain:3.6.1`	3.6.1
Oracle Supply Chain 9.3.6 Oracle / Supply Chain	`cpe:/a:oracle:supply_chain:9.3.6`	9.3.6
Oracle Supply Chain 21.0.2 Oracle / Supply Chain	`cpe:/a:oracle:supply_chain:21.0.2`	21.0.2
Oracle Supply Chain 21.1.0 Oracle / Supply Chain	`cpe:/a:oracle:supply_chain:21.1.0`	21.1.0

CVE-2022-34169

Affected products

Known affected 5 products

Product	Identifier	Version
Oracle Supply Chain 6.2.1 Oracle / Supply Chain	`cpe:/a:oracle:supply_chain:6.2.1`	6.2.1
Oracle Supply Chain 3.6.1 Oracle / Supply Chain	`cpe:/a:oracle:supply_chain:3.6.1`	3.6.1
Oracle Supply Chain 9.3.6 Oracle / Supply Chain	`cpe:/a:oracle:supply_chain:9.3.6`	9.3.6
Oracle Supply Chain 21.0.2 Oracle / Supply Chain	`cpe:/a:oracle:supply_chain:21.0.2`	21.0.2
Oracle Supply Chain 21.1.0 Oracle / Supply Chain	`cpe:/a:oracle:supply_chain:21.1.0`	21.1.0

CVE-2024-22201

Affected products

Known affected 5 products

Product	Identifier	Version
Oracle Supply Chain 6.2.1 Oracle / Supply Chain	`cpe:/a:oracle:supply_chain:6.2.1`	6.2.1
Oracle Supply Chain 3.6.1 Oracle / Supply Chain	`cpe:/a:oracle:supply_chain:3.6.1`	3.6.1
Oracle Supply Chain 9.3.6 Oracle / Supply Chain	`cpe:/a:oracle:supply_chain:9.3.6`	9.3.6
Oracle Supply Chain 21.0.2 Oracle / Supply Chain	`cpe:/a:oracle:supply_chain:21.0.2`	21.0.2
Oracle Supply Chain 21.1.0 Oracle / Supply Chain	`cpe:/a:oracle:supply_chain:21.1.0`	21.1.0

CVE-2024-47554

Affected products

Known affected 5 products

Product	Identifier	Version
Oracle Supply Chain 6.2.1 Oracle / Supply Chain	`cpe:/a:oracle:supply_chain:6.2.1`	6.2.1
Oracle Supply Chain 3.6.1 Oracle / Supply Chain	`cpe:/a:oracle:supply_chain:3.6.1`	3.6.1
Oracle Supply Chain 9.3.6 Oracle / Supply Chain	`cpe:/a:oracle:supply_chain:9.3.6`	9.3.6
Oracle Supply Chain 21.0.2 Oracle / Supply Chain	`cpe:/a:oracle:supply_chain:21.0.2`	21.0.2
Oracle Supply Chain 21.1.0 Oracle / Supply Chain	`cpe:/a:oracle:supply_chain:21.1.0`	21.1.0

CVE-2025-27363

Affected products

Known affected 5 products

Product	Identifier	Version
Oracle Supply Chain 6.2.1 Oracle / Supply Chain	`cpe:/a:oracle:supply_chain:6.2.1`	6.2.1
Oracle Supply Chain 3.6.1 Oracle / Supply Chain	`cpe:/a:oracle:supply_chain:3.6.1`	3.6.1
Oracle Supply Chain 9.3.6 Oracle / Supply Chain	`cpe:/a:oracle:supply_chain:9.3.6`	9.3.6
Oracle Supply Chain 21.0.2 Oracle / Supply Chain	`cpe:/a:oracle:supply_chain:21.0.2`	21.0.2
Oracle Supply Chain 21.1.0 Oracle / Supply Chain	`cpe:/a:oracle:supply_chain:21.1.0`	21.1.0

CVE-2025-31651

Affected products

Known affected 5 products

Product	Identifier	Version
Oracle Supply Chain 6.2.1 Oracle / Supply Chain	`cpe:/a:oracle:supply_chain:6.2.1`	6.2.1
Oracle Supply Chain 3.6.1 Oracle / Supply Chain	`cpe:/a:oracle:supply_chain:3.6.1`	3.6.1
Oracle Supply Chain 9.3.6 Oracle / Supply Chain	`cpe:/a:oracle:supply_chain:9.3.6`	9.3.6
Oracle Supply Chain 21.0.2 Oracle / Supply Chain	`cpe:/a:oracle:supply_chain:21.0.2`	21.0.2
Oracle Supply Chain 21.1.0 Oracle / Supply Chain	`cpe:/a:oracle:supply_chain:21.1.0`	21.1.0

References

3 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://www.oracle.com/security-alerts/cpujul2025…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Die Oracle Supply Chain ist eine Sammlung von Applikationen f\u00fcr verschiedene Zwecke.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Oracle Supply Chain ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux\n- UNIX\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2025-1563 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-1563.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2025-1563 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1563"
      },
      {
        "category": "external",
        "summary": "Oracle Critical Patch Update Advisory - July 2025 - Appendix Oracle Supply Chain vom 2025-07-15",
        "url": "https://www.oracle.com/security-alerts/cpujul2025.html#AppendixSCP"
      }
    ],
    "source_lang": "en-US",
    "title": "Oracle Supply Chain: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2025-07-15T22:00:00.000+00:00",
      "generator": {
        "date": "2025-07-16T08:31:56.339+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.4.0"
        }
      },
      "id": "WID-SEC-W-2025-1563",
      "initial_release_date": "2025-07-15T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2025-07-15T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "9.3.6",
                "product": {
                  "name": "Oracle Supply Chain 9.3.6",
                  "product_id": "T019052",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:supply_chain:9.3.6"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "21.0.2",
                "product": {
                  "name": "Oracle Supply Chain 21.0.2",
                  "product_id": "T020726",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:supply_chain:21.0.2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "3.6.1",
                "product": {
                  "name": "Oracle Supply Chain 3.6.1",
                  "product_id": "T021722",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:supply_chain:3.6.1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "21.1.0",
                "product": {
                  "name": "Oracle Supply Chain 21.1.0",
                  "product_id": "T038411",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:supply_chain:21.1.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "6.2.1",
                "product": {
                  "name": "Oracle Supply Chain 6.2.1",
                  "product_id": "T040481",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:supply_chain:6.2.1"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Supply Chain"
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-42575",
      "product_status": {
        "known_affected": [
          "T040481",
          "T021722",
          "T019052",
          "T020726",
          "T038411"
        ]
      },
      "release_date": "2025-07-15T22:00:00.000+00:00",
      "title": "CVE-2021-42575"
    },
    {
      "cve": "CVE-2022-34169",
      "product_status": {
        "known_affected": [
          "T040481",
          "T021722",
          "T019052",
          "T020726",
          "T038411"
        ]
      },
      "release_date": "2025-07-15T22:00:00.000+00:00",
      "title": "CVE-2022-34169"
    },
    {
      "cve": "CVE-2024-22201",
      "product_status": {
        "known_affected": [
          "T040481",
          "T021722",
          "T019052",
          "T020726",
          "T038411"
        ]
      },
      "release_date": "2025-07-15T22:00:00.000+00:00",
      "title": "CVE-2024-22201"
    },
    {
      "cve": "CVE-2024-47554",
      "product_status": {
        "known_affected": [
          "T040481",
          "T021722",
          "T019052",
          "T020726",
          "T038411"
        ]
      },
      "release_date": "2025-07-15T22:00:00.000+00:00",
      "title": "CVE-2024-47554"
    },
    {
      "cve": "CVE-2025-27363",
      "product_status": {
        "known_affected": [
          "T040481",
          "T021722",
          "T019052",
          "T020726",
          "T038411"
        ]
      },
      "release_date": "2025-07-15T22:00:00.000+00:00",
      "title": "CVE-2025-27363"
    },
    {
      "cve": "CVE-2025-31651",
      "product_status": {
        "known_affected": [
          "T040481",
          "T021722",
          "T019052",
          "T020726",
          "T038411"
        ]
      },
      "release_date": "2025-07-15T22:00:00.000+00:00",
      "title": "CVE-2025-31651"
    }
  ]
}

WID-SEC-W-2025-1565

Vulnerability from csaf_certbund - Published: 2025-07-15 22:00 - Updated: 2025-07-15 22:00

Summary

Oracle Retail Applications: Mehrere Schwachstellen

Severity

Hoch

Notes

Produktbeschreibung: Oracle Retail Applications ist eine Sammlung von Produkten zur Unterstützung u. a. von Handelsfirmen und der Gastronomie.

Angriff: Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Retail Applications ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.

Betroffene Betriebssysteme: - Linux - Sonstiges - UNIX - Windows

CVE-2022-34169

Affected products

Known affected 15 products

Product	Identifier	Version
Oracle Retail Applications 23.0.0 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:23.0.0`	23.0.0
Oracle Retail Applications 24.0.1 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:24.0.1`	24.0.1
Oracle Retail Applications 16.0.3 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:16.0.3`	16.0.3
Oracle Retail Applications 19.0.1 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:19.0.1`	19.0.1
Oracle Retail Applications 21.0.0 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:21.0.0`	21.0.0
Oracle Retail Applications 13.2.5 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:13.2.5`	13.2.5
Oracle Retail Applications 20.0.1 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:20.0.1`	20.0.1
Oracle Retail Applications 20.0.5 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:20.0.5`	20.0.5
Oracle Retail Applications 14.1.3.2 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:14.1.3.2`	14.1.3.2
Oracle Retail Applications 21.0.4 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:21.0.4`	21.0.4
Oracle Retail Applications 22.0.2 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:22.0.2`	22.0.2
Oracle Retail Applications 15.0.3 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:15.0.3`	15.0.3
Oracle Retail Applications 23.0.2 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:23.0.2`	23.0.2
Oracle Retail Applications 22.0.0 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:22.0.0`	22.0.0
Oracle Retail Applications 15.0.3.1 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:15.0.3.1`	15.0.3.1

CVE-2024-38819

Affected products

Known affected 15 products

Product	Identifier	Version
Oracle Retail Applications 23.0.0 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:23.0.0`	23.0.0
Oracle Retail Applications 24.0.1 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:24.0.1`	24.0.1
Oracle Retail Applications 16.0.3 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:16.0.3`	16.0.3
Oracle Retail Applications 19.0.1 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:19.0.1`	19.0.1
Oracle Retail Applications 21.0.0 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:21.0.0`	21.0.0
Oracle Retail Applications 13.2.5 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:13.2.5`	13.2.5
Oracle Retail Applications 20.0.1 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:20.0.1`	20.0.1
Oracle Retail Applications 20.0.5 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:20.0.5`	20.0.5
Oracle Retail Applications 14.1.3.2 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:14.1.3.2`	14.1.3.2
Oracle Retail Applications 21.0.4 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:21.0.4`	21.0.4
Oracle Retail Applications 22.0.2 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:22.0.2`	22.0.2
Oracle Retail Applications 15.0.3 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:15.0.3`	15.0.3
Oracle Retail Applications 23.0.2 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:23.0.2`	23.0.2
Oracle Retail Applications 22.0.0 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:22.0.0`	22.0.0
Oracle Retail Applications 15.0.3.1 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:15.0.3.1`	15.0.3.1

CVE-2024-47072

Affected products

Known affected 15 products

Product	Identifier	Version
Oracle Retail Applications 23.0.0 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:23.0.0`	23.0.0
Oracle Retail Applications 24.0.1 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:24.0.1`	24.0.1
Oracle Retail Applications 16.0.3 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:16.0.3`	16.0.3
Oracle Retail Applications 19.0.1 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:19.0.1`	19.0.1
Oracle Retail Applications 21.0.0 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:21.0.0`	21.0.0
Oracle Retail Applications 13.2.5 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:13.2.5`	13.2.5
Oracle Retail Applications 20.0.1 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:20.0.1`	20.0.1
Oracle Retail Applications 20.0.5 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:20.0.5`	20.0.5
Oracle Retail Applications 14.1.3.2 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:14.1.3.2`	14.1.3.2
Oracle Retail Applications 21.0.4 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:21.0.4`	21.0.4
Oracle Retail Applications 22.0.2 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:22.0.2`	22.0.2
Oracle Retail Applications 15.0.3 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:15.0.3`	15.0.3
Oracle Retail Applications 23.0.2 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:23.0.2`	23.0.2
Oracle Retail Applications 22.0.0 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:22.0.0`	22.0.0
Oracle Retail Applications 15.0.3.1 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:15.0.3.1`	15.0.3.1

CVE-2024-47554

Affected products

Known affected 15 products

Product	Identifier	Version
Oracle Retail Applications 23.0.0 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:23.0.0`	23.0.0
Oracle Retail Applications 24.0.1 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:24.0.1`	24.0.1
Oracle Retail Applications 16.0.3 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:16.0.3`	16.0.3
Oracle Retail Applications 19.0.1 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:19.0.1`	19.0.1
Oracle Retail Applications 21.0.0 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:21.0.0`	21.0.0
Oracle Retail Applications 13.2.5 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:13.2.5`	13.2.5
Oracle Retail Applications 20.0.1 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:20.0.1`	20.0.1
Oracle Retail Applications 20.0.5 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:20.0.5`	20.0.5
Oracle Retail Applications 14.1.3.2 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:14.1.3.2`	14.1.3.2
Oracle Retail Applications 21.0.4 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:21.0.4`	21.0.4
Oracle Retail Applications 22.0.2 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:22.0.2`	22.0.2
Oracle Retail Applications 15.0.3 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:15.0.3`	15.0.3
Oracle Retail Applications 23.0.2 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:23.0.2`	23.0.2
Oracle Retail Applications 22.0.0 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:22.0.0`	22.0.0
Oracle Retail Applications 15.0.3.1 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:15.0.3.1`	15.0.3.1

CVE-2024-6763

Affected products

Known affected 15 products

Product	Identifier	Version
Oracle Retail Applications 23.0.0 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:23.0.0`	23.0.0
Oracle Retail Applications 24.0.1 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:24.0.1`	24.0.1
Oracle Retail Applications 16.0.3 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:16.0.3`	16.0.3
Oracle Retail Applications 19.0.1 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:19.0.1`	19.0.1
Oracle Retail Applications 21.0.0 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:21.0.0`	21.0.0
Oracle Retail Applications 13.2.5 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:13.2.5`	13.2.5
Oracle Retail Applications 20.0.1 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:20.0.1`	20.0.1
Oracle Retail Applications 20.0.5 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:20.0.5`	20.0.5
Oracle Retail Applications 14.1.3.2 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:14.1.3.2`	14.1.3.2
Oracle Retail Applications 21.0.4 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:21.0.4`	21.0.4
Oracle Retail Applications 22.0.2 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:22.0.2`	22.0.2
Oracle Retail Applications 15.0.3 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:15.0.3`	15.0.3
Oracle Retail Applications 23.0.2 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:23.0.2`	23.0.2
Oracle Retail Applications 22.0.0 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:22.0.0`	22.0.0
Oracle Retail Applications 15.0.3.1 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:15.0.3.1`	15.0.3.1

CVE-2025-24970

Affected products

Known affected 15 products

Product	Identifier	Version
Oracle Retail Applications 23.0.0 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:23.0.0`	23.0.0
Oracle Retail Applications 24.0.1 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:24.0.1`	24.0.1
Oracle Retail Applications 16.0.3 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:16.0.3`	16.0.3
Oracle Retail Applications 19.0.1 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:19.0.1`	19.0.1
Oracle Retail Applications 21.0.0 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:21.0.0`	21.0.0
Oracle Retail Applications 13.2.5 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:13.2.5`	13.2.5
Oracle Retail Applications 20.0.1 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:20.0.1`	20.0.1
Oracle Retail Applications 20.0.5 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:20.0.5`	20.0.5
Oracle Retail Applications 14.1.3.2 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:14.1.3.2`	14.1.3.2
Oracle Retail Applications 21.0.4 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:21.0.4`	21.0.4
Oracle Retail Applications 22.0.2 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:22.0.2`	22.0.2
Oracle Retail Applications 15.0.3 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:15.0.3`	15.0.3
Oracle Retail Applications 23.0.2 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:23.0.2`	23.0.2
Oracle Retail Applications 22.0.0 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:22.0.0`	22.0.0
Oracle Retail Applications 15.0.3.1 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:15.0.3.1`	15.0.3.1

CVE-2025-31651

Affected products

Known affected 15 products

Product	Identifier	Version
Oracle Retail Applications 23.0.0 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:23.0.0`	23.0.0
Oracle Retail Applications 24.0.1 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:24.0.1`	24.0.1
Oracle Retail Applications 16.0.3 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:16.0.3`	16.0.3
Oracle Retail Applications 19.0.1 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:19.0.1`	19.0.1
Oracle Retail Applications 21.0.0 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:21.0.0`	21.0.0
Oracle Retail Applications 13.2.5 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:13.2.5`	13.2.5
Oracle Retail Applications 20.0.1 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:20.0.1`	20.0.1
Oracle Retail Applications 20.0.5 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:20.0.5`	20.0.5
Oracle Retail Applications 14.1.3.2 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:14.1.3.2`	14.1.3.2
Oracle Retail Applications 21.0.4 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:21.0.4`	21.0.4
Oracle Retail Applications 22.0.2 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:22.0.2`	22.0.2
Oracle Retail Applications 15.0.3 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:15.0.3`	15.0.3
Oracle Retail Applications 23.0.2 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:23.0.2`	23.0.2
Oracle Retail Applications 22.0.0 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:22.0.0`	22.0.0
Oracle Retail Applications 15.0.3.1 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:15.0.3.1`	15.0.3.1

CVE-2025-48734

Affected products

Known affected 15 products

Product	Identifier	Version
Oracle Retail Applications 23.0.0 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:23.0.0`	23.0.0
Oracle Retail Applications 24.0.1 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:24.0.1`	24.0.1
Oracle Retail Applications 16.0.3 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:16.0.3`	16.0.3
Oracle Retail Applications 19.0.1 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:19.0.1`	19.0.1
Oracle Retail Applications 21.0.0 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:21.0.0`	21.0.0
Oracle Retail Applications 13.2.5 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:13.2.5`	13.2.5
Oracle Retail Applications 20.0.1 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:20.0.1`	20.0.1
Oracle Retail Applications 20.0.5 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:20.0.5`	20.0.5
Oracle Retail Applications 14.1.3.2 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:14.1.3.2`	14.1.3.2
Oracle Retail Applications 21.0.4 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:21.0.4`	21.0.4
Oracle Retail Applications 22.0.2 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:22.0.2`	22.0.2
Oracle Retail Applications 15.0.3 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:15.0.3`	15.0.3
Oracle Retail Applications 23.0.2 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:23.0.2`	23.0.2
Oracle Retail Applications 22.0.0 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:22.0.0`	22.0.0
Oracle Retail Applications 15.0.3.1 Oracle / Retail Applications	`cpe:/a:oracle:retail_applications:15.0.3.1`	15.0.3.1

References

3 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://www.oracle.com/security-alerts/cpujul2025…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Oracle Retail Applications ist eine Sammlung von Produkten zur Unterst\u00fctzung u. a.  von Handelsfirmen und der Gastronomie.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Retail Applications ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux\n- Sonstiges\n- UNIX\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2025-1565 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-1565.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2025-1565 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1565"
      },
      {
        "category": "external",
        "summary": "Oracle Critical Patch Update Advisory - July 2025 - Appendix Oracle Retail Applications vom 2025-07-15",
        "url": "https://www.oracle.com/security-alerts/cpujul2025.html#AppendixRAPP"
      }
    ],
    "source_lang": "en-US",
    "title": "Oracle Retail Applications: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2025-07-15T22:00:00.000+00:00",
      "generator": {
        "date": "2025-07-16T08:31:56.910+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.4.0"
        }
      },
      "id": "WID-SEC-W-2025-1565",
      "initial_release_date": "2025-07-15T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2025-07-15T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "16.0.3",
                "product": {
                  "name": "Oracle Retail Applications 16.0.3",
                  "product_id": "T019034",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:retail_applications:16.0.3"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "19.0.1",
                "product": {
                  "name": "Oracle Retail Applications 19.0.1",
                  "product_id": "T019038",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:retail_applications:19.0.1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "15.0.3.1",
                "product": {
                  "name": "Oracle Retail Applications 15.0.3.1",
                  "product_id": "T019909",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:retail_applications:15.0.3.1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "14.1.3.2",
                "product": {
                  "name": "Oracle Retail Applications 14.1.3.2",
                  "product_id": "T019910",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:retail_applications:14.1.3.2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "20.0.1",
                "product": {
                  "name": "Oracle Retail Applications 20.0.1",
                  "product_id": "T019911",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:retail_applications:20.0.1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "15.0.3",
                "product": {
                  "name": "Oracle Retail Applications 15.0.3",
                  "product_id": "T020721",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:retail_applications:15.0.3"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "21.0.0",
                "product": {
                  "name": "Oracle Retail Applications 21.0.0",
                  "product_id": "T022878",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:retail_applications:21.0.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "13.2.5",
                "product": {
                  "name": "Oracle Retail Applications 13.2.5",
                  "product_id": "T023957",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:retail_applications:13.2.5"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "22.0.0",
                "product": {
                  "name": "Oracle Retail Applications 22.0.0",
                  "product_id": "T030616",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:retail_applications:22.0.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "23.0.0",
                "product": {
                  "name": "Oracle Retail Applications 23.0.0",
                  "product_id": "T032127",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:retail_applications:23.0.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "20.0.5",
                "product": {
                  "name": "Oracle Retail Applications 20.0.5",
                  "product_id": "T042831",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:retail_applications:20.0.5"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "21.0.4",
                "product": {
                  "name": "Oracle Retail Applications 21.0.4",
                  "product_id": "T042832",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:retail_applications:21.0.4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "22.0.2",
                "product": {
                  "name": "Oracle Retail Applications 22.0.2",
                  "product_id": "T042833",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:retail_applications:22.0.2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "23.0.2",
                "product": {
                  "name": "Oracle Retail Applications 23.0.2",
                  "product_id": "T042834",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:retail_applications:23.0.2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "24.0.1",
                "product": {
                  "name": "Oracle Retail Applications 24.0.1",
                  "product_id": "T042835",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:retail_applications:24.0.1"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Retail Applications"
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-34169",
      "product_status": {
        "known_affected": [
          "T032127",
          "T042835",
          "T019034",
          "T019038",
          "T022878",
          "T023957",
          "T019911",
          "T042831",
          "T019910",
          "T042832",
          "T042833",
          "T020721",
          "T042834",
          "T030616",
          "T019909"
        ]
      },
      "release_date": "2025-07-15T22:00:00.000+00:00",
      "title": "CVE-2022-34169"
    },
    {
      "cve": "CVE-2024-38819",
      "product_status": {
        "known_affected": [
          "T032127",
          "T042835",
          "T019034",
          "T019038",
          "T022878",
          "T023957",
          "T019911",
          "T042831",
          "T019910",
          "T042832",
          "T042833",
          "T020721",
          "T042834",
          "T030616",
          "T019909"
        ]
      },
      "release_date": "2025-07-15T22:00:00.000+00:00",
      "title": "CVE-2024-38819"
    },
    {
      "cve": "CVE-2024-47072",
      "product_status": {
        "known_affected": [
          "T032127",
          "T042835",
          "T019034",
          "T019038",
          "T022878",
          "T023957",
          "T019911",
          "T042831",
          "T019910",
          "T042832",
          "T042833",
          "T020721",
          "T042834",
          "T030616",
          "T019909"
        ]
      },
      "release_date": "2025-07-15T22:00:00.000+00:00",
      "title": "CVE-2024-47072"
    },
    {
      "cve": "CVE-2024-47554",
      "product_status": {
        "known_affected": [
          "T032127",
          "T042835",
          "T019034",
          "T019038",
          "T022878",
          "T023957",
          "T019911",
          "T042831",
          "T019910",
          "T042832",
          "T042833",
          "T020721",
          "T042834",
          "T030616",
          "T019909"
        ]
      },
      "release_date": "2025-07-15T22:00:00.000+00:00",
      "title": "CVE-2024-47554"
    },
    {
      "cve": "CVE-2024-6763",
      "product_status": {
        "known_affected": [
          "T032127",
          "T042835",
          "T019034",
          "T019038",
          "T022878",
          "T023957",
          "T019911",
          "T042831",
          "T019910",
          "T042832",
          "T042833",
          "T020721",
          "T042834",
          "T030616",
          "T019909"
        ]
      },
      "release_date": "2025-07-15T22:00:00.000+00:00",
      "title": "CVE-2024-6763"
    },
    {
      "cve": "CVE-2025-24970",
      "product_status": {
        "known_affected": [
          "T032127",
          "T042835",
          "T019034",
          "T019038",
          "T022878",
          "T023957",
          "T019911",
          "T042831",
          "T019910",
          "T042832",
          "T042833",
          "T020721",
          "T042834",
          "T030616",
          "T019909"
        ]
      },
      "release_date": "2025-07-15T22:00:00.000+00:00",
      "title": "CVE-2025-24970"
    },
    {
      "cve": "CVE-2025-31651",
      "product_status": {
        "known_affected": [
          "T032127",
          "T042835",
          "T019034",
          "T019038",
          "T022878",
          "T023957",
          "T019911",
          "T042831",
          "T019910",
          "T042832",
          "T042833",
          "T020721",
          "T042834",
          "T030616",
          "T019909"
        ]
      },
      "release_date": "2025-07-15T22:00:00.000+00:00",
      "title": "CVE-2025-31651"
    },
    {
      "cve": "CVE-2025-48734",
      "product_status": {
        "known_affected": [
          "T032127",
          "T042835",
          "T019034",
          "T019038",
          "T022878",
          "T023957",
          "T019911",
          "T042831",
          "T019910",
          "T042832",
          "T042833",
          "T020721",
          "T042834",
          "T030616",
          "T019909"
        ]
      },
      "release_date": "2025-07-15T22:00:00.000+00:00",
      "title": "CVE-2025-48734"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2022-34169 (GCVE-0-2022-34169)

Tags

Sightings

Nomenclature