Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2024-38820 (GCVE-0-2024-38820)
Vulnerability from cvelistv5 – Published: 2024-10-18 05:39 – Updated: 2024-11-29 12:04
VLAI
EPSS
Title
CVE-2024-38820: Spring Framework DataBinder Case Sensitive Match Exception
Summary
The fix for CVE-2022-22968 made disallowedFields patterns in DataBinder case insensitive. However, String.toLowerCase() has some Locale dependent exceptions that could potentially result in fields not protected as expected.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-178 - Improper Handling of Case Sensitivity
Assigner
References
2 references
Impacted products
Date Public
2024-10-17 05:32
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38820",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-18T16:33:48.971617Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-178",
"description": "CWE-178 Improper Handling of Case Sensitivity",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-05T20:15:24.631Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-11-29T12:04:41.387Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20241129-0003/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"packageName": "Spring Framework",
"product": "Spring",
"vendor": "VMware",
"versions": [
{
"lessThan": "5.3.41",
"status": "affected",
"version": "5.3.x",
"versionType": "Enterprise Support Only"
},
{
"lessThan": "6.0.25",
"status": "affected",
"version": "6.0.x",
"versionType": "Enterprise Support Only"
},
{
"lessThan": "6.1.14",
"status": "affected",
"version": "6.1.x",
"versionType": "OSS"
}
]
}
],
"datePublic": "2024-10-17T05:32:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eThe fix for CVE-2022-22968 made \u003ccode\u003edisallowedFields\u003c/code\u003e\u0026nbsp;patterns in \u003ccode\u003eDataBinder\u003c/code\u003e\u0026nbsp;case insensitive. However, \u003ccode\u003eString.toLowerCase()\u003c/code\u003e\u0026nbsp;has some Locale dependent exceptions that could potentially result in fields not protected as expected.\u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cbr\u003e"
}
],
"value": "The fix for CVE-2022-22968 made disallowedFields\u00a0patterns in DataBinder\u00a0case insensitive. However, String.toLowerCase()\u00a0has some Locale dependent exceptions that could potentially result in fields not protected as expected."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-18T05:39:05.275Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://spring.io/security/cve-2024-38820"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "CVE-2024-38820: Spring Framework DataBinder Case Sensitive Match Exception",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2024-38820",
"datePublished": "2024-10-18T05:39:05.275Z",
"dateReserved": "2024-06-19T22:32:06.583Z",
"dateUpdated": "2024-11-29T12:04:41.387Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2024-38820",
"date": "2026-06-05",
"epss": "0.01514",
"percentile": "0.81571"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-38820\",\"sourceIdentifier\":\"security@vmware.com\",\"published\":\"2024-10-18T06:15:03.333\",\"lastModified\":\"2024-11-29T12:15:07.007\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The fix for CVE-2022-22968 made disallowedFields\u00a0patterns in DataBinder\u00a0case insensitive. However, String.toLowerCase()\u00a0has some Locale dependent exceptions that could potentially result in fields not protected as expected.\"},{\"lang\":\"es\",\"value\":\"La correcci\u00f3n de CVE-2022-22968 hizo que los patrones disallowedFields en DataBinder no distingan entre may\u00fasculas y min\u00fasculas. Sin embargo, String.toLowerCase() tiene algunas excepciones dependientes de la configuraci\u00f3n regional que podr\u00edan generar campos no protegidos como se esperaba.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security@vmware.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N\",\"baseScore\":3.1,\"baseSeverity\":\"LOW\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.6,\"impactScore\":1.4},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-178\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:spring_framework:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.3.0\",\"versionEndExcluding\":\"5.3.41\",\"matchCriteriaId\":\"CF21F5D2-C4C5-4F24-AC72-D035237FF88E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:spring_framework:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.0.0\",\"versionEndExcluding\":\"6.0.25\",\"matchCriteriaId\":\"39D2699C-C6AD-4D79-A35B-2D273FA1C97C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:spring_framework:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.1.0\",\"versionEndExcluding\":\"6.1.14\",\"matchCriteriaId\":\"34886C2E-A108-48D6-9536-D33EF3C90A0A\"}]}]}],\"references\":[{\"url\":\"https://spring.io/security/cve-2024-38820\",\"source\":\"security@vmware.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20241129-0003/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://security.netapp.com/advisory/ntap-20241129-0003/\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-11-29T12:04:41.387Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-38820\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-10-18T16:33:48.971617Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-178\", \"description\": \"CWE-178 Improper Handling of Case Sensitivity\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-10-18T16:33:52.621Z\"}}], \"cna\": {\"title\": \"CVE-2024-38820: Spring Framework DataBinder Case Sensitive Match Exception\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 3.1, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"LOW\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"NONE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"VMware\", \"product\": \"Spring\", \"versions\": [{\"status\": \"affected\", \"version\": \"5.3.x\", \"lessThan\": \"5.3.41\", \"versionType\": \"Enterprise Support Only\"}, {\"status\": \"affected\", \"version\": \"6.0.x\", \"lessThan\": \"6.0.25\", \"versionType\": \"Enterprise Support Only\"}, {\"status\": \"affected\", \"version\": \"6.1.x\", \"lessThan\": \"6.1.14\", \"versionType\": \"OSS\"}], \"packageName\": \"Spring Framework\", \"defaultStatus\": \"affected\"}], \"datePublic\": \"2024-10-17T05:32:00.000Z\", \"references\": [{\"url\": \"https://spring.io/security/cve-2024-38820\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"The fix for CVE-2022-22968 made disallowedFields\\u00a0patterns in DataBinder\\u00a0case insensitive. However, String.toLowerCase()\\u00a0has some Locale dependent exceptions that could potentially result in fields not protected as expected.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eThe fix for CVE-2022-22968 made \u003ccode\u003edisallowedFields\u003c/code\u003e\u0026nbsp;patterns in \u003ccode\u003eDataBinder\u003c/code\u003e\u0026nbsp;case insensitive. However, \u003ccode\u003eString.toLowerCase()\u003c/code\u003e\u0026nbsp;has some Locale dependent exceptions that could potentially result in fields not protected as expected.\u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cbr\u003e\", \"base64\": false}]}], \"providerMetadata\": {\"orgId\": \"dcf2e128-44bd-42ed-91e8-88f912c1401d\", \"shortName\": \"vmware\", \"dateUpdated\": \"2024-10-18T05:39:05.275Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-38820\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-11-29T12:04:41.387Z\", \"dateReserved\": \"2024-06-19T22:32:06.583Z\", \"assignerOrgId\": \"dcf2e128-44bd-42ed-91e8-88f912c1401d\", \"datePublished\": \"2024-10-18T05:39:05.275Z\", \"assignerShortName\": \"vmware\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
WID-SEC-W-2024-3237
Vulnerability from csaf_certbund - Published: 2024-10-17 22:00 - Updated: 2025-11-30 23:00Summary
VMware Tanzu Spring Framework: Mehrere Schwachstellen
Severity
Mittel
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Das Spring Framework bietet ein Entwicklungsmodell für Java mit Infrastrukturunterstützung auf Anwendungsebene.
Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in VMware Tanzu Spring Framework ausnutzen, um Informationen offenzulegen oder Sicherheitsmaßnahmen zu umgehen.
Betroffene Betriebssysteme: - Linux
- Sonstiges
- UNIX
- Windows
Affected products
Known affected
28 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
VMware Tanzu Spring Framework <6.0.25
VMware Tanzu / Spring Framework
|
<6.0.25 | ||
|
VMware Tanzu Spring Framework <6.1.14
VMware Tanzu / Spring Framework
|
<6.1.14 | ||
|
Hitachi Ops Center
Hitachi / Ops Center
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
Dell NetWorker <19.13
Dell / NetWorker
|
<19.13 | ||
|
Adobe Experience Manager Forms <6.5.22.0 (AEMForms-6.5.0-0095)
Adobe / Experience Manager Forms
|
<6.5.22.0 (AEMForms-6.5.0-0095) | ||
|
RealObjects PDFreactor <12.0.1
RealObjects / PDFreactor
|
<12.0.1 | ||
|
IBM Operational Decision Manager
IBM
|
cpe:/a:ibm:operational_decision_manager:-
|
— | |
|
HCL BigFix Service Management
HCL / BigFix
|
cpe:/a:hcltech:bigfix:service_management
|
Service Management | |
|
Atlassian Bitbucket <9.4.13 (LTS)
Atlassian / Bitbucket
|
<9.4.13 (LTS) | ||
|
Hitachi Ops Center <11.0.4-00
Hitachi / Ops Center
|
<11.0.4-00 | ||
|
Atlassian Bitbucket <8.19.25 (LTS)
Atlassian / Bitbucket
|
<8.19.25 (LTS) | ||
|
Atlassian Bitbucket <10.0.2
Atlassian / Bitbucket
|
<10.0.2 | ||
|
Atlassian Confluence <9.2.0 (LTS)
Atlassian / Confluence
|
<9.2.0 (LTS) | ||
|
IBM InfoSphere Information Server
IBM / InfoSphere Information Server
|
cpe:/a:ibm:infosphere_information_server:-
|
— | |
|
Atlassian Bitbucket Data Center <8.9.24 (LTS)
Atlassian / Bitbucket
|
Data Center <8.9.24 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.2 (LTS)
Atlassian / Bitbucket
|
Data Center <9.4.2 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.5.0
Atlassian / Bitbucket
|
Data Center <9.5.0 | ||
|
Atlassian Confluence <7.19.30
Atlassian / Confluence
|
<7.19.30 | ||
|
Red Hat Integration Camel for Spring Boot 1
Red Hat / Integration
|
cpe:/a:redhat:integration:camel_for_spring_boot_1
|
Camel for Spring Boot 1 | |
|
Atlassian Confluence <8.5.18
Atlassian / Confluence
|
<8.5.18 | ||
|
NetApp ActiveIQ Unified Manager
NetApp / ActiveIQ Unified Manager
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— | |
|
VMware Tanzu Spring Framework <5.3.41
VMware Tanzu / Spring Framework
|
<5.3.41 | ||
|
NetApp ActiveIQ Unified Manager
NetApp / ActiveIQ Unified Manager
|
cpe:/a:netapp:active_iq_unified_manager:for_linux
|
— | |
|
IBM InfoSphere Information Server 11.7
IBM / InfoSphere Information Server
|
cpe:/a:ibm:infosphere_information_server:11.7
|
11.7 | |
|
IBM Business Automation Workflow
IBM
|
cpe:/a:ibm:business_automation_workflow:-
|
— | |
|
Atlassian Confluence <7.19.30 (LTS)
Atlassian / Confluence
|
<7.19.30 (LTS) | ||
|
Atlassian Confluence <8.5.18 (LTS)
Atlassian / Confluence
|
<8.5.18 (LTS) | ||
|
SolarWinds Security Event Manager <2025.4
SolarWinds / Security Event Manager
|
<2025.4 |
Affected products
Known affected
28 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
VMware Tanzu Spring Framework <6.0.25
VMware Tanzu / Spring Framework
|
<6.0.25 | ||
|
VMware Tanzu Spring Framework <6.1.14
VMware Tanzu / Spring Framework
|
<6.1.14 | ||
|
Hitachi Ops Center
Hitachi / Ops Center
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
Dell NetWorker <19.13
Dell / NetWorker
|
<19.13 | ||
|
Adobe Experience Manager Forms <6.5.22.0 (AEMForms-6.5.0-0095)
Adobe / Experience Manager Forms
|
<6.5.22.0 (AEMForms-6.5.0-0095) | ||
|
RealObjects PDFreactor <12.0.1
RealObjects / PDFreactor
|
<12.0.1 | ||
|
IBM Operational Decision Manager
IBM
|
cpe:/a:ibm:operational_decision_manager:-
|
— | |
|
HCL BigFix Service Management
HCL / BigFix
|
cpe:/a:hcltech:bigfix:service_management
|
Service Management | |
|
Atlassian Bitbucket <9.4.13 (LTS)
Atlassian / Bitbucket
|
<9.4.13 (LTS) | ||
|
Hitachi Ops Center <11.0.4-00
Hitachi / Ops Center
|
<11.0.4-00 | ||
|
Atlassian Bitbucket <8.19.25 (LTS)
Atlassian / Bitbucket
|
<8.19.25 (LTS) | ||
|
Atlassian Bitbucket <10.0.2
Atlassian / Bitbucket
|
<10.0.2 | ||
|
Atlassian Confluence <9.2.0 (LTS)
Atlassian / Confluence
|
<9.2.0 (LTS) | ||
|
IBM InfoSphere Information Server
IBM / InfoSphere Information Server
|
cpe:/a:ibm:infosphere_information_server:-
|
— | |
|
Atlassian Bitbucket Data Center <8.9.24 (LTS)
Atlassian / Bitbucket
|
Data Center <8.9.24 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.2 (LTS)
Atlassian / Bitbucket
|
Data Center <9.4.2 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.5.0
Atlassian / Bitbucket
|
Data Center <9.5.0 | ||
|
Atlassian Confluence <7.19.30
Atlassian / Confluence
|
<7.19.30 | ||
|
Red Hat Integration Camel for Spring Boot 1
Red Hat / Integration
|
cpe:/a:redhat:integration:camel_for_spring_boot_1
|
Camel for Spring Boot 1 | |
|
Atlassian Confluence <8.5.18
Atlassian / Confluence
|
<8.5.18 | ||
|
NetApp ActiveIQ Unified Manager
NetApp / ActiveIQ Unified Manager
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— | |
|
VMware Tanzu Spring Framework <5.3.41
VMware Tanzu / Spring Framework
|
<5.3.41 | ||
|
NetApp ActiveIQ Unified Manager
NetApp / ActiveIQ Unified Manager
|
cpe:/a:netapp:active_iq_unified_manager:for_linux
|
— | |
|
IBM InfoSphere Information Server 11.7
IBM / InfoSphere Information Server
|
cpe:/a:ibm:infosphere_information_server:11.7
|
11.7 | |
|
IBM Business Automation Workflow
IBM
|
cpe:/a:ibm:business_automation_workflow:-
|
— | |
|
Atlassian Confluence <7.19.30 (LTS)
Atlassian / Confluence
|
<7.19.30 (LTS) | ||
|
Atlassian Confluence <8.5.18 (LTS)
Atlassian / Confluence
|
<8.5.18 (LTS) | ||
|
SolarWinds Security Event Manager <2025.4
SolarWinds / Security Event Manager
|
<2025.4 |
References
22 references
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Das Spring Framework bietet ein Entwicklungsmodell f\u00fcr Java mit Infrastrukturunterst\u00fctzung auf Anwendungsebene.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in VMware Tanzu Spring Framework ausnutzen, um Informationen offenzulegen oder Sicherheitsma\u00dfnahmen zu umgehen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-3237 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3237.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-3237 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3237"
},
{
"category": "external",
"summary": "Spring blog vom 2024-10-17",
"url": "https://spring.io/blog/2024/10/17/spring-framework-cve-2024-38819-and-cve-2024-38820-published"
},
{
"category": "external",
"summary": "PDFreactor 12 Hotfix Release vom 2024-11-13",
"url": "https://www.pdfreactor.com/pdfreactor-12-hotfix-release-12-0-1-now-available/"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:10700 vom 2024-12-02",
"url": "https://access.redhat.com/errata/RHSA-2024:10700"
},
{
"category": "external",
"summary": "PoC auf GitHub vom 2024-12-17",
"url": "https://github.com/masa42/CVE-2024-38819-POC"
},
{
"category": "external",
"summary": "Atlassian Security Advisory CONFSERVER-98564 vom 2024-12-19",
"url": "https://jira.atlassian.com/browse/CONFSERVER-98564"
},
{
"category": "external",
"summary": "NetApp Security Advisory NTAP-20250110-0010 vom 2025-01-10",
"url": "https://security.netapp.com/advisory/ntap-20250110-0010/"
},
{
"category": "external",
"summary": "Atlassian Security Advisory BSERV-19781 vom 2025-01-21",
"url": "https://confluence.atlassian.com/security/security-bulletin-january-21-2025-1489803942.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7185046 vom 2025-03-28",
"url": "https://www.ibm.com/support/pages/node/7185046"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7229205 vom 2025-04-05",
"url": "https://www.ibm.com/support/pages/node/7229205"
},
{
"category": "external",
"summary": "Adobe Security Bulletin APSB25-27 vom 2025-04-08",
"url": "https://helpx.adobe.com/security/products/aem-forms/apsb25-27.html"
},
{
"category": "external",
"summary": "Hitachi Vulnerability Information HITACHI-SEC-2025-113 vom 2025-05-15",
"url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2025-113/index.html"
},
{
"category": "external",
"summary": "NetApp Security Advisory NTAP-20241129-0003 vom 2025-06-20",
"url": "https://security.netapp.com/advisory/NTAP-20241129-0003"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2025-258 vom 2025-06-30",
"url": "https://www.dell.com/support/kbdoc/de-de/000338043/dsa-2025-258-security-update-for-dell-networker-multiple-third-party-component-vulnerabilities"
},
{
"category": "external",
"summary": "HCL Security Bulletin vom 2025-08-28",
"url": "https://support.hcl-software.com/community?id=community_blog\u0026sys_id=d45b6a4b93636e901254f0cd1dba10f2"
},
{
"category": "external",
"summary": "Hitachi Vulnerability Information HITACHI-SEC-2025-127 vom 2025-09-30",
"url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2025-127/index.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7246096 vom 2025-09-29",
"url": "https://www.ibm.com/support/pages/node/7246096"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7183042 vom 2025-10-08",
"url": "https://www.ibm.com/support/pages/node/7247442"
},
{
"category": "external",
"summary": "Solarwinds SEM 2025.4 release notes vom 2025-10-14",
"url": "https://documentation.solarwinds.com/en/success_center/sem/content/release_notes/sem_2025-4_release_notes.htm"
},
{
"category": "external",
"summary": "Atlassian Security Bulletin - November 18 2025",
"url": "https://confluence.atlassian.com/security/security-bulletin-november-18-2025-1671463469.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7252567 vom 2025-11-26",
"url": "https://www.ibm.com/support/pages/node/7252567"
}
],
"source_lang": "en-US",
"title": "VMware Tanzu Spring Framework: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-11-30T23:00:00.000+00:00",
"generator": {
"date": "2025-12-01T08:47:13.206+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2024-3237",
"initial_release_date": "2024-10-17T22:00:00.000+00:00",
"revision_history": [
{
"date": "2024-10-17T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2024-11-13T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2024-12-02T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-12-17T23:00:00.000+00:00",
"number": "4",
"summary": "PoC aufgenommen"
},
{
"date": "2024-12-18T23:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Atlassian aufgenommen"
},
{
"date": "2025-01-09T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von NetApp aufgenommen"
},
{
"date": "2025-01-21T23:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Atlassian aufgenommen"
},
{
"date": "2025-03-30T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-04-06T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-04-08T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Adobe aufgenommen"
},
{
"date": "2025-04-09T22:00:00.000+00:00",
"number": "11",
"summary": "Doppelte Eintragung bereinigt"
},
{
"date": "2025-05-14T22:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von HITACHI aufgenommen"
},
{
"date": "2025-06-22T22:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von NetApp aufgenommen"
},
{
"date": "2025-06-29T22:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Dell aufgenommen"
},
{
"date": "2025-08-28T22:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2025-09-29T22:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von HITACHI und IBM aufgenommen"
},
{
"date": "2025-10-08T22:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-10-13T22:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2025-11-18T23:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2025-11-25T23:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-11-30T23:00:00.000+00:00",
"number": "21",
"summary": "Referenz(en) aufgenommen: 7253216"
}
],
"status": "final",
"version": "21"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c6.5.22.0 (AEMForms-6.5.0-0095)",
"product": {
"name": "Adobe Experience Manager Forms \u003c6.5.22.0 (AEMForms-6.5.0-0095)",
"product_id": "T042514"
}
},
{
"category": "product_version",
"name": "6.5.22.0 (AEMForms-6.5.0-0095)",
"product": {
"name": "Adobe Experience Manager Forms 6.5.22.0 (AEMForms-6.5.0-0095)",
"product_id": "T042514-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:adobe:aem_forms:6.5.22.0_%28aemforms-6.5.0-0095%29"
}
}
}
],
"category": "product_name",
"name": "Experience Manager Forms"
}
],
"category": "vendor",
"name": "Adobe"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "Data Center \u003c9.5.0",
"product": {
"name": "Atlassian Bitbucket Data Center \u003c9.5.0",
"product_id": "T040536"
}
},
{
"category": "product_version",
"name": "Data Center 9.5.0",
"product": {
"name": "Atlassian Bitbucket Data Center 9.5.0",
"product_id": "T040536-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bitbucket:data_center__9.5.0"
}
}
},
{
"category": "product_version_range",
"name": "Data Center \u003c9.4.2 (LTS)",
"product": {
"name": "Atlassian Bitbucket Data Center \u003c9.4.2 (LTS)",
"product_id": "T040537"
}
},
{
"category": "product_version",
"name": "Data Center 9.4.2 (LTS)",
"product": {
"name": "Atlassian Bitbucket Data Center 9.4.2 (LTS)",
"product_id": "T040537-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bitbucket:data_center__9.4.2_%28lts%29"
}
}
},
{
"category": "product_version_range",
"name": "Data Center \u003c8.9.24 (LTS)",
"product": {
"name": "Atlassian Bitbucket Data Center \u003c8.9.24 (LTS)",
"product_id": "T040538"
}
},
{
"category": "product_version",
"name": "Data Center 8.9.24 (LTS)",
"product": {
"name": "Atlassian Bitbucket Data Center 8.9.24 (LTS)",
"product_id": "T040538-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bitbucket:data_center__8.9.24_%28lts%29"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.0.2",
"product": {
"name": "Atlassian Bitbucket \u003c10.0.2",
"product_id": "T048675"
}
},
{
"category": "product_version",
"name": "10.0.2",
"product": {
"name": "Atlassian Bitbucket 10.0.2",
"product_id": "T048675-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bitbucket:10.0.2"
}
}
},
{
"category": "product_version_range",
"name": "\u003c8.19.25 (LTS)",
"product": {
"name": "Atlassian Bitbucket \u003c8.19.25 (LTS)",
"product_id": "T048676"
}
},
{
"category": "product_version",
"name": "8.19.25 (LTS)",
"product": {
"name": "Atlassian Bitbucket 8.19.25 (LTS)",
"product_id": "T048676-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bitbucket:8.19.25_%28lts%29"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.4.13 (LTS)",
"product": {
"name": "Atlassian Bitbucket \u003c9.4.13 (LTS)",
"product_id": "T048677"
}
},
{
"category": "product_version",
"name": "9.4.13 (LTS)",
"product": {
"name": "Atlassian Bitbucket 9.4.13 (LTS)",
"product_id": "T048677-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bitbucket:9.4.13_%28lts%29"
}
}
}
],
"category": "product_name",
"name": "Bitbucket"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c8.5.18",
"product": {
"name": "Atlassian Confluence \u003c8.5.18",
"product_id": "T039943"
}
},
{
"category": "product_version",
"name": "8.5.18",
"product": {
"name": "Atlassian Confluence 8.5.18",
"product_id": "T039943-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:confluence:8.5.18"
}
}
},
{
"category": "product_version_range",
"name": "\u003c7.19.30",
"product": {
"name": "Atlassian Confluence \u003c7.19.30",
"product_id": "T039944"
}
},
{
"category": "product_version",
"name": "7.19.30",
"product": {
"name": "Atlassian Confluence 7.19.30",
"product_id": "T039944-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:confluence:7.19.30"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.2.0 (LTS)",
"product": {
"name": "Atlassian Confluence \u003c9.2.0 (LTS)",
"product_id": "T040539"
}
},
{
"category": "product_version",
"name": "9.2.0 (LTS)",
"product": {
"name": "Atlassian Confluence 9.2.0 (LTS)",
"product_id": "T040539-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:confluence:9.2.0_%28lts%29"
}
}
},
{
"category": "product_version_range",
"name": "\u003c8.5.18 (LTS)",
"product": {
"name": "Atlassian Confluence \u003c8.5.18 (LTS)",
"product_id": "T040540"
}
},
{
"category": "product_version",
"name": "8.5.18 (LTS)",
"product": {
"name": "Atlassian Confluence 8.5.18 (LTS)",
"product_id": "T040540-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:confluence:8.5.18_%28lts%29"
}
}
},
{
"category": "product_version_range",
"name": "\u003c7.19.30 (LTS)",
"product": {
"name": "Atlassian Confluence \u003c7.19.30 (LTS)",
"product_id": "T040541"
}
},
{
"category": "product_version",
"name": "7.19.30 (LTS)",
"product": {
"name": "Atlassian Confluence 7.19.30 (LTS)",
"product_id": "T040541-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:confluence:7.19.30_%28lts%29"
}
}
}
],
"category": "product_name",
"name": "Confluence"
}
],
"category": "vendor",
"name": "Atlassian"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c19.13",
"product": {
"name": "Dell NetWorker \u003c19.13",
"product_id": "T044954"
}
},
{
"category": "product_version",
"name": "19.13",
"product": {
"name": "Dell NetWorker 19.13",
"product_id": "T044954-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:networker:19.13"
}
}
}
],
"category": "product_name",
"name": "NetWorker"
}
],
"category": "vendor",
"name": "Dell"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "Service Management",
"product": {
"name": "HCL BigFix Service Management",
"product_id": "T046595",
"product_identification_helper": {
"cpe": "cpe:/a:hcltech:bigfix:service_management"
}
}
}
],
"category": "product_name",
"name": "BigFix"
}
],
"category": "vendor",
"name": "HCL"
},
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Hitachi Ops Center",
"product": {
"name": "Hitachi Ops Center",
"product_id": "T038840",
"product_identification_helper": {
"cpe": "cpe:/a:hitachi:ops_center:-"
}
}
},
{
"category": "product_version_range",
"name": "\u003c11.0.4-00",
"product": {
"name": "Hitachi Ops Center \u003c11.0.4-00",
"product_id": "T043089"
}
},
{
"category": "product_version",
"name": "11.0.4-00",
"product": {
"name": "Hitachi Ops Center 11.0.4-00",
"product_id": "T043089-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:hitachi:ops_center:11.0.4-00"
}
}
}
],
"category": "product_name",
"name": "Ops Center"
}
],
"category": "vendor",
"name": "Hitachi"
},
{
"branches": [
{
"category": "product_name",
"name": "IBM Business Automation Workflow",
"product": {
"name": "IBM Business Automation Workflow",
"product_id": "T019704",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "11.7",
"product": {
"name": "IBM InfoSphere Information Server 11.7",
"product_id": "444803",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:infosphere_information_server:11.7"
}
}
},
{
"category": "product_name",
"name": "IBM InfoSphere Information Server",
"product": {
"name": "IBM InfoSphere Information Server",
"product_id": "T035705",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:infosphere_information_server:-"
}
}
}
],
"category": "product_name",
"name": "InfoSphere Information Server"
},
{
"category": "product_name",
"name": "IBM Operational Decision Manager",
"product": {
"name": "IBM Operational Decision Manager",
"product_id": "T005180",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:operational_decision_manager:-"
}
}
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "NetApp ActiveIQ Unified Manager",
"product": {
"name": "NetApp ActiveIQ Unified Manager",
"product_id": "T016960",
"product_identification_helper": {
"cpe": "cpe:/a:netapp:active_iq_unified_manager:-"
}
}
},
{
"category": "product_name",
"name": "NetApp ActiveIQ Unified Manager",
"product": {
"name": "NetApp ActiveIQ Unified Manager",
"product_id": "T023548",
"product_identification_helper": {
"cpe": "cpe:/a:netapp:active_iq_unified_manager:for_linux"
}
}
}
],
"category": "product_name",
"name": "ActiveIQ Unified Manager"
}
],
"category": "vendor",
"name": "NetApp"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c12.0.1",
"product": {
"name": "RealObjects PDFreactor \u003c12.0.1",
"product_id": "T039150"
}
},
{
"category": "product_version",
"name": "12.0.1",
"product": {
"name": "RealObjects PDFreactor 12.0.1",
"product_id": "T039150-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:realobjects:pdfreactor:12.0.1"
}
}
}
],
"category": "product_name",
"name": "PDFreactor"
}
],
"category": "vendor",
"name": "RealObjects"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "Camel for Spring Boot 1",
"product": {
"name": "Red Hat Integration Camel for Spring Boot 1",
"product_id": "T035240",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:integration:camel_for_spring_boot_1"
}
}
}
],
"category": "product_name",
"name": "Integration"
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c2025.4",
"product": {
"name": "SolarWinds Security Event Manager \u003c2025.4",
"product_id": "T047576"
}
},
{
"category": "product_version",
"name": "2025.4",
"product": {
"name": "SolarWinds Security Event Manager 2025.4",
"product_id": "T047576-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:solarwinds:security_event_manager:2025.4"
}
}
}
],
"category": "product_name",
"name": "Security Event Manager"
}
],
"category": "vendor",
"name": "SolarWinds"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c5.3.41",
"product": {
"name": "VMware Tanzu Spring Framework \u003c5.3.41",
"product_id": "T038499"
}
},
{
"category": "product_version",
"name": "5.3.41",
"product": {
"name": "VMware Tanzu Spring Framework 5.3.41",
"product_id": "T038499-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:vmware_tanzu:spring_framework:5.3.41"
}
}
},
{
"category": "product_version_range",
"name": "\u003c6.0.25",
"product": {
"name": "VMware Tanzu Spring Framework \u003c6.0.25",
"product_id": "T038500"
}
},
{
"category": "product_version",
"name": "6.0.25",
"product": {
"name": "VMware Tanzu Spring Framework 6.0.25",
"product_id": "T038500-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:vmware_tanzu:spring_framework:6.0.25"
}
}
},
{
"category": "product_version_range",
"name": "\u003c6.1.14",
"product": {
"name": "VMware Tanzu Spring Framework \u003c6.1.14",
"product_id": "T038501"
}
},
{
"category": "product_version",
"name": "6.1.14",
"product": {
"name": "VMware Tanzu Spring Framework 6.1.14",
"product_id": "T038501-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:vmware_tanzu:spring_framework:6.1.14"
}
}
}
],
"category": "product_name",
"name": "Spring Framework"
}
],
"category": "vendor",
"name": "VMware Tanzu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-38819",
"product_status": {
"known_affected": [
"T038500",
"T038501",
"T038840",
"T044954",
"T042514",
"T039150",
"T005180",
"T046595",
"T048677",
"T043089",
"T048676",
"T048675",
"T040539",
"T035705",
"T040538",
"T040537",
"T040536",
"T039944",
"T035240",
"T039943",
"T016960",
"T038499",
"T023548",
"444803",
"T019704",
"T040541",
"T040540",
"T047576"
]
},
"release_date": "2024-10-17T22:00:00.000+00:00",
"title": "CVE-2024-38819"
},
{
"cve": "CVE-2024-38820",
"product_status": {
"known_affected": [
"T038500",
"T038501",
"T038840",
"T044954",
"T042514",
"T039150",
"T005180",
"T046595",
"T048677",
"T043089",
"T048676",
"T048675",
"T040539",
"T035705",
"T040538",
"T040537",
"T040536",
"T039944",
"T035240",
"T039943",
"T016960",
"T038499",
"T023548",
"444803",
"T019704",
"T040541",
"T040540",
"T047576"
]
},
"release_date": "2024-10-17T22:00:00.000+00:00",
"title": "CVE-2024-38820"
}
]
}
WID-SEC-W-2025-0307
Vulnerability from csaf_certbund - Published: 2025-02-10 23:00 - Updated: 2025-02-10 23:00Summary
SAP Patchday Februar 2025: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: SAP stellt unternehmensweite Lösungen für Geschäftsprozesse wie Buchführung, Vertrieb, Einkauf und Lagerhaltung zur Verfügung.
Angriff: Ein Angreifer kann mehrere Schwachstellen in der SAP-Software ausnutzen, um erhöhte Berechtigungen zu erlangen, Sicherheitsmaßnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuführen, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen.
Betroffene Betriebssysteme: - Sonstiges
- UNIX
- Windows
Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungsprüfungen oder eine unsachgemäße Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsmaßnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuführen, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Maß an Berechtigungen, um erfolgreich ausgenutzt zu werden.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungsprüfungen oder eine unsachgemäße Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsmaßnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuführen, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Maß an Berechtigungen, um erfolgreich ausgenutzt zu werden.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungsprüfungen oder eine unsachgemäße Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsmaßnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuführen, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Maß an Berechtigungen, um erfolgreich ausgenutzt zu werden.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungsprüfungen oder eine unsachgemäße Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsmaßnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuführen, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Maß an Berechtigungen, um erfolgreich ausgenutzt zu werden.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungsprüfungen oder eine unsachgemäße Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsmaßnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuführen, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Maß an Berechtigungen, um erfolgreich ausgenutzt zu werden.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungsprüfungen oder eine unsachgemäße Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsmaßnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuführen, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Maß an Berechtigungen, um erfolgreich ausgenutzt zu werden.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungsprüfungen oder eine unsachgemäße Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsmaßnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuführen, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Maß an Berechtigungen, um erfolgreich ausgenutzt zu werden.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungsprüfungen oder eine unsachgemäße Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsmaßnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuführen, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Maß an Berechtigungen, um erfolgreich ausgenutzt zu werden.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungsprüfungen oder eine unsachgemäße Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsmaßnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuführen, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Maß an Berechtigungen, um erfolgreich ausgenutzt zu werden.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungsprüfungen oder eine unsachgemäße Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsmaßnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuführen, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Maß an Berechtigungen, um erfolgreich ausgenutzt zu werden.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungsprüfungen oder eine unsachgemäße Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsmaßnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuführen, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Maß an Berechtigungen, um erfolgreich ausgenutzt zu werden.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungsprüfungen oder eine unsachgemäße Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsmaßnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuführen, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Maß an Berechtigungen, um erfolgreich ausgenutzt zu werden.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungsprüfungen oder eine unsachgemäße Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsmaßnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuführen, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Maß an Berechtigungen, um erfolgreich ausgenutzt zu werden.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungsprüfungen oder eine unsachgemäße Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsmaßnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuführen, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Maß an Berechtigungen, um erfolgreich ausgenutzt zu werden.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungsprüfungen oder eine unsachgemäße Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsmaßnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuführen, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Maß an Berechtigungen, um erfolgreich ausgenutzt zu werden.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungsprüfungen oder eine unsachgemäße Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsmaßnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuführen, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Maß an Berechtigungen, um erfolgreich ausgenutzt zu werden.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungsprüfungen oder eine unsachgemäße Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsmaßnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuführen, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Maß an Berechtigungen, um erfolgreich ausgenutzt zu werden.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungsprüfungen oder eine unsachgemäße Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsmaßnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuführen, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Maß an Berechtigungen, um erfolgreich ausgenutzt zu werden.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungsprüfungen oder eine unsachgemäße Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsmaßnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuführen, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Maß an Berechtigungen, um erfolgreich ausgenutzt zu werden.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungsprüfungen oder eine unsachgemäße Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsmaßnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuführen, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Maß an Berechtigungen, um erfolgreich ausgenutzt zu werden.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungsprüfungen oder eine unsachgemäße Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsmaßnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuführen, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Maß an Berechtigungen, um erfolgreich ausgenutzt zu werden.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungsprüfungen oder eine unsachgemäße Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsmaßnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuführen, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Maß an Berechtigungen, um erfolgreich ausgenutzt zu werden.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungsprüfungen oder eine unsachgemäße Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsmaßnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuführen, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Maß an Berechtigungen, um erfolgreich ausgenutzt zu werden.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungsprüfungen oder eine unsachgemäße Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsmaßnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuführen, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Maß an Berechtigungen, um erfolgreich ausgenutzt zu werden.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
References
3 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "SAP stellt unternehmensweite L\u00f6sungen f\u00fcr Gesch\u00e4ftsprozesse wie Buchf\u00fchrung, Vertrieb, Einkauf und Lagerhaltung zur Verf\u00fcgung.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in der SAP-Software ausnutzen, um erh\u00f6hte Berechtigungen zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-0307 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0307.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-0307 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0307"
},
{
"category": "external",
"summary": "SAP Security Patch Day vom 2025-02-10",
"url": "https://support.sap.com/en/my-support/knowledge-base/security-notes-news/february-2025.html"
}
],
"source_lang": "en-US",
"title": "SAP Patchday Februar 2025: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-02-10T23:00:00.000+00:00",
"generator": {
"date": "2025-02-11T10:06:06.082+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.10"
}
},
"id": "WID-SEC-W-2025-0307",
"initial_release_date": "2025-02-10T23:00:00.000+00:00",
"revision_history": [
{
"date": "2025-02-10T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "SAP Software",
"product": {
"name": "SAP Software",
"product_id": "T040977",
"product_identification_helper": {
"cpe": "cpe:/a:sap:sap:-"
}
}
}
],
"category": "vendor",
"name": "SAP"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-24527",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T040977"
]
},
"release_date": "2025-02-10T23:00:00.000+00:00",
"title": "CVE-2023-24527"
},
{
"cve": "CVE-2024-22126",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T040977"
]
},
"release_date": "2025-02-10T23:00:00.000+00:00",
"title": "CVE-2024-22126"
},
{
"cve": "CVE-2024-38819",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T040977"
]
},
"release_date": "2025-02-10T23:00:00.000+00:00",
"title": "CVE-2024-38819"
},
{
"cve": "CVE-2024-38820",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T040977"
]
},
"release_date": "2025-02-10T23:00:00.000+00:00",
"title": "CVE-2024-38820"
},
{
"cve": "CVE-2024-38828",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T040977"
]
},
"release_date": "2025-02-10T23:00:00.000+00:00",
"title": "CVE-2024-38828"
},
{
"cve": "CVE-2024-45216",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T040977"
]
},
"release_date": "2025-02-10T23:00:00.000+00:00",
"title": "CVE-2024-45216"
},
{
"cve": "CVE-2024-45217",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T040977"
]
},
"release_date": "2025-02-10T23:00:00.000+00:00",
"title": "CVE-2024-45217"
},
{
"cve": "CVE-2025-0054",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T040977"
]
},
"release_date": "2025-02-10T23:00:00.000+00:00",
"title": "CVE-2025-0054"
},
{
"cve": "CVE-2025-0064",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T040977"
]
},
"release_date": "2025-02-10T23:00:00.000+00:00",
"title": "CVE-2025-0064"
},
{
"cve": "CVE-2025-23187",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T040977"
]
},
"release_date": "2025-02-10T23:00:00.000+00:00",
"title": "CVE-2025-23187"
},
{
"cve": "CVE-2025-23189",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T040977"
]
},
"release_date": "2025-02-10T23:00:00.000+00:00",
"title": "CVE-2025-23189"
},
{
"cve": "CVE-2025-23190",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T040977"
]
},
"release_date": "2025-02-10T23:00:00.000+00:00",
"title": "CVE-2025-23190"
},
{
"cve": "CVE-2025-23191",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T040977"
]
},
"release_date": "2025-02-10T23:00:00.000+00:00",
"title": "CVE-2025-23191"
},
{
"cve": "CVE-2025-23193",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T040977"
]
},
"release_date": "2025-02-10T23:00:00.000+00:00",
"title": "CVE-2025-23193"
},
{
"cve": "CVE-2025-24867",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T040977"
]
},
"release_date": "2025-02-10T23:00:00.000+00:00",
"title": "CVE-2025-24867"
},
{
"cve": "CVE-2025-24868",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T040977"
]
},
"release_date": "2025-02-10T23:00:00.000+00:00",
"title": "CVE-2025-24868"
},
{
"cve": "CVE-2025-24869",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T040977"
]
},
"release_date": "2025-02-10T23:00:00.000+00:00",
"title": "CVE-2025-24869"
},
{
"cve": "CVE-2025-24870",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T040977"
]
},
"release_date": "2025-02-10T23:00:00.000+00:00",
"title": "CVE-2025-24870"
},
{
"cve": "CVE-2025-24872",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T040977"
]
},
"release_date": "2025-02-10T23:00:00.000+00:00",
"title": "CVE-2025-24872"
},
{
"cve": "CVE-2025-24874",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T040977"
]
},
"release_date": "2025-02-10T23:00:00.000+00:00",
"title": "CVE-2025-24874"
},
{
"cve": "CVE-2025-24875",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T040977"
]
},
"release_date": "2025-02-10T23:00:00.000+00:00",
"title": "CVE-2025-24875"
},
{
"cve": "CVE-2025-24876",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T040977"
]
},
"release_date": "2025-02-10T23:00:00.000+00:00",
"title": "CVE-2025-24876"
},
{
"cve": "CVE-2025-25241",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T040977"
]
},
"release_date": "2025-02-10T23:00:00.000+00:00",
"title": "CVE-2025-25241"
},
{
"cve": "CVE-2025-25243",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T040977"
]
},
"release_date": "2025-02-10T23:00:00.000+00:00",
"title": "CVE-2025-25243"
}
]
}
WID-SEC-W-2025-0521
Vulnerability from csaf_certbund - Published: 2025-03-10 23:00 - Updated: 2025-03-10 23:00Summary
SAP Patchday März 2025: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: SAP stellt unternehmensweite Lösungen für Geschäftsprozesse wie Buchführung, Vertrieb, Einkauf und Lagerhaltung zur Verfügung.
Angriff: Ein Angreifer kann diese Schwachstellen ausnutzen, um erhöhte Privilegien zu erlangen, beliebigen Code auszuführen, Cross-Site-Scripting-Angriffe durchzuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und Daten zu manipulieren.
Betroffene Betriebssysteme: - Linux
- Sonstiges
- Windows
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
References
3 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "SAP stellt unternehmensweite L\u00f6sungen f\u00fcr Gesch\u00e4ftsprozesse wie Buchf\u00fchrung, Vertrieb, Einkauf und Lagerhaltung zur Verf\u00fcgung.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann diese Schwachstellen ausnutzen, um erh\u00f6hte Privilegien zu erlangen, beliebigen Code auszuf\u00fchren, Cross-Site-Scripting-Angriffe durchzuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und Daten zu manipulieren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- Sonstiges\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-0521 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0521.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-0521 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0521"
},
{
"category": "external",
"summary": "SAP Security Patch Day - March 2025 vom 2025-03-10",
"url": "https://support.sap.com/en/my-support/knowledge-base/security-notes-news/march-2025.html"
}
],
"source_lang": "en-US",
"title": "SAP Patchday M\u00e4rz 2025: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-03-10T23:00:00.000+00:00",
"generator": {
"date": "2025-03-11T11:40:17.201+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.12"
}
},
"id": "WID-SEC-W-2025-0521",
"initial_release_date": "2025-03-10T23:00:00.000+00:00",
"revision_history": [
{
"date": "2025-03-10T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "SAP Software",
"product": {
"name": "SAP Software",
"product_id": "T041721",
"product_identification_helper": {
"cpe": "cpe:/a:sap:sap:-"
}
}
}
],
"category": "vendor",
"name": "SAP"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-38286",
"product_status": {
"known_affected": [
"T041721"
]
},
"release_date": "2025-03-10T23:00:00.000+00:00",
"title": "CVE-2024-38286"
},
{
"cve": "CVE-2024-38819",
"product_status": {
"known_affected": [
"T041721"
]
},
"release_date": "2025-03-10T23:00:00.000+00:00",
"title": "CVE-2024-38819"
},
{
"cve": "CVE-2024-38820",
"product_status": {
"known_affected": [
"T041721"
]
},
"release_date": "2025-03-10T23:00:00.000+00:00",
"title": "CVE-2024-38820"
},
{
"cve": "CVE-2024-39592",
"product_status": {
"known_affected": [
"T041721"
]
},
"release_date": "2025-03-10T23:00:00.000+00:00",
"title": "CVE-2024-39592"
},
{
"cve": "CVE-2024-41736",
"product_status": {
"known_affected": [
"T041721"
]
},
"release_date": "2025-03-10T23:00:00.000+00:00",
"title": "CVE-2024-41736"
},
{
"cve": "CVE-2024-52316",
"product_status": {
"known_affected": [
"T041721"
]
},
"release_date": "2025-03-10T23:00:00.000+00:00",
"title": "CVE-2024-52316"
},
{
"cve": "CVE-2025-0062",
"product_status": {
"known_affected": [
"T041721"
]
},
"release_date": "2025-03-10T23:00:00.000+00:00",
"title": "CVE-2025-0062"
},
{
"cve": "CVE-2025-0071",
"product_status": {
"known_affected": [
"T041721"
]
},
"release_date": "2025-03-10T23:00:00.000+00:00",
"title": "CVE-2025-0071"
},
{
"cve": "CVE-2025-23185",
"product_status": {
"known_affected": [
"T041721"
]
},
"release_date": "2025-03-10T23:00:00.000+00:00",
"title": "CVE-2025-23185"
},
{
"cve": "CVE-2025-23188",
"product_status": {
"known_affected": [
"T041721"
]
},
"release_date": "2025-03-10T23:00:00.000+00:00",
"title": "CVE-2025-23188"
},
{
"cve": "CVE-2025-23194",
"product_status": {
"known_affected": [
"T041721"
]
},
"release_date": "2025-03-10T23:00:00.000+00:00",
"title": "CVE-2025-23194"
},
{
"cve": "CVE-2025-24876",
"product_status": {
"known_affected": [
"T041721"
]
},
"release_date": "2025-03-10T23:00:00.000+00:00",
"title": "CVE-2025-24876"
},
{
"cve": "CVE-2025-25242",
"product_status": {
"known_affected": [
"T041721"
]
},
"release_date": "2025-03-10T23:00:00.000+00:00",
"title": "CVE-2025-25242"
},
{
"cve": "CVE-2025-25244",
"product_status": {
"known_affected": [
"T041721"
]
},
"release_date": "2025-03-10T23:00:00.000+00:00",
"title": "CVE-2025-25244"
},
{
"cve": "CVE-2025-25245",
"product_status": {
"known_affected": [
"T041721"
]
},
"release_date": "2025-03-10T23:00:00.000+00:00",
"title": "CVE-2025-25245"
},
{
"cve": "CVE-2025-26655",
"product_status": {
"known_affected": [
"T041721"
]
},
"release_date": "2025-03-10T23:00:00.000+00:00",
"title": "CVE-2025-26655"
},
{
"cve": "CVE-2025-26656",
"product_status": {
"known_affected": [
"T041721"
]
},
"release_date": "2025-03-10T23:00:00.000+00:00",
"title": "CVE-2025-26656"
},
{
"cve": "CVE-2025-26658",
"product_status": {
"known_affected": [
"T041721"
]
},
"release_date": "2025-03-10T23:00:00.000+00:00",
"title": "CVE-2025-26658"
},
{
"cve": "CVE-2025-26659",
"product_status": {
"known_affected": [
"T041721"
]
},
"release_date": "2025-03-10T23:00:00.000+00:00",
"title": "CVE-2025-26659"
},
{
"cve": "CVE-2025-26660",
"product_status": {
"known_affected": [
"T041721"
]
},
"release_date": "2025-03-10T23:00:00.000+00:00",
"title": "CVE-2025-26660"
},
{
"cve": "CVE-2025-26661",
"product_status": {
"known_affected": [
"T041721"
]
},
"release_date": "2025-03-10T23:00:00.000+00:00",
"title": "CVE-2025-26661"
},
{
"cve": "CVE-2025-27430",
"product_status": {
"known_affected": [
"T041721"
]
},
"release_date": "2025-03-10T23:00:00.000+00:00",
"title": "CVE-2025-27430"
},
{
"cve": "CVE-2025-27431",
"product_status": {
"known_affected": [
"T041721"
]
},
"release_date": "2025-03-10T23:00:00.000+00:00",
"title": "CVE-2025-27431"
},
{
"cve": "CVE-2025-27432",
"product_status": {
"known_affected": [
"T041721"
]
},
"release_date": "2025-03-10T23:00:00.000+00:00",
"title": "CVE-2025-27432"
},
{
"cve": "CVE-2025-27433",
"product_status": {
"known_affected": [
"T041721"
]
},
"release_date": "2025-03-10T23:00:00.000+00:00",
"title": "CVE-2025-27433"
},
{
"cve": "CVE-2025-27434",
"product_status": {
"known_affected": [
"T041721"
]
},
"release_date": "2025-03-10T23:00:00.000+00:00",
"title": "CVE-2025-27434"
},
{
"cve": "CVE-2025-27436",
"product_status": {
"known_affected": [
"T041721"
]
},
"release_date": "2025-03-10T23:00:00.000+00:00",
"title": "CVE-2025-27436"
}
]
}
WID-SEC-W-2025-0819
Vulnerability from csaf_certbund - Published: 2025-04-15 22:00 - Updated: 2025-04-15 22:00Summary
Oracle Financial Services Applications: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Oracle Financial Services ist eine Zusammenstellung von Anwendungen für den Finanzsektor und eine Technologiebasis zur Erfüllung von IT- und Geschäftsanforderungen.
Angriff: Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Financial Services Applications ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme: - Linux
- UNIX
- Windows
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0
|
2.9.0.0.0-7.0.0.0.0 | |
|
Oracle Financial Services Applications 6.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:6.1.0.0.0
|
6.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.7.0
|
8.1.2.7.0 | |
|
Oracle Financial Services Applications 8.1.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.4
|
8.1.1.4 | |
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
8.0.8 | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
8.0.8.1 | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
8.1.2.5 | |
|
Oracle Financial Services Applications 5.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:5.1.0.0.0
|
5.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.9
|
8.1.2.9 | |
|
Oracle Financial Services Applications 8.1.2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.8
|
8.1.2.8 | |
|
Oracle Financial Services Applications 14.7.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.7.0
|
14.7.0.7.0 | |
|
Oracle Financial Services Applications 14.5.0.0.0-14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
14.5.0.0.0-14.7.0.0.0 | |
|
Oracle Financial Services Applications 22.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2.0.0.0
|
22.2.0.0.0 | |
|
Oracle Financial Services Applications 8.0.8.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.6
|
8.0.8.6 | |
|
Oracle Financial Services Applications 8.0.7.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8
|
8.0.7.8 | |
|
Oracle Financial Services Applications 21.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1.0.0.0
|
21.1.0.0.0 | |
|
Oracle Financial Services Applications 7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:7.0.0.0.0
|
7.0.0.0.0 | |
|
Oracle Financial Services Applications 22.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1.0.0.0
|
22.1.0.0.0 |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0
|
2.9.0.0.0-7.0.0.0.0 | |
|
Oracle Financial Services Applications 6.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:6.1.0.0.0
|
6.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.7.0
|
8.1.2.7.0 | |
|
Oracle Financial Services Applications 8.1.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.4
|
8.1.1.4 | |
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
8.0.8 | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
8.0.8.1 | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
8.1.2.5 | |
|
Oracle Financial Services Applications 5.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:5.1.0.0.0
|
5.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.9
|
8.1.2.9 | |
|
Oracle Financial Services Applications 8.1.2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.8
|
8.1.2.8 | |
|
Oracle Financial Services Applications 14.7.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.7.0
|
14.7.0.7.0 | |
|
Oracle Financial Services Applications 14.5.0.0.0-14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
14.5.0.0.0-14.7.0.0.0 | |
|
Oracle Financial Services Applications 22.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2.0.0.0
|
22.2.0.0.0 | |
|
Oracle Financial Services Applications 8.0.8.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.6
|
8.0.8.6 | |
|
Oracle Financial Services Applications 8.0.7.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8
|
8.0.7.8 | |
|
Oracle Financial Services Applications 21.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1.0.0.0
|
21.1.0.0.0 | |
|
Oracle Financial Services Applications 7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:7.0.0.0.0
|
7.0.0.0.0 | |
|
Oracle Financial Services Applications 22.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1.0.0.0
|
22.1.0.0.0 |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0
|
2.9.0.0.0-7.0.0.0.0 | |
|
Oracle Financial Services Applications 6.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:6.1.0.0.0
|
6.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.7.0
|
8.1.2.7.0 | |
|
Oracle Financial Services Applications 8.1.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.4
|
8.1.1.4 | |
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
8.0.8 | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
8.0.8.1 | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
8.1.2.5 | |
|
Oracle Financial Services Applications 5.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:5.1.0.0.0
|
5.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.9
|
8.1.2.9 | |
|
Oracle Financial Services Applications 8.1.2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.8
|
8.1.2.8 | |
|
Oracle Financial Services Applications 14.7.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.7.0
|
14.7.0.7.0 | |
|
Oracle Financial Services Applications 14.5.0.0.0-14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
14.5.0.0.0-14.7.0.0.0 | |
|
Oracle Financial Services Applications 22.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2.0.0.0
|
22.2.0.0.0 | |
|
Oracle Financial Services Applications 8.0.8.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.6
|
8.0.8.6 | |
|
Oracle Financial Services Applications 8.0.7.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8
|
8.0.7.8 | |
|
Oracle Financial Services Applications 21.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1.0.0.0
|
21.1.0.0.0 | |
|
Oracle Financial Services Applications 7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:7.0.0.0.0
|
7.0.0.0.0 | |
|
Oracle Financial Services Applications 22.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1.0.0.0
|
22.1.0.0.0 |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0
|
2.9.0.0.0-7.0.0.0.0 | |
|
Oracle Financial Services Applications 6.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:6.1.0.0.0
|
6.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.7.0
|
8.1.2.7.0 | |
|
Oracle Financial Services Applications 8.1.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.4
|
8.1.1.4 | |
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
8.0.8 | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
8.0.8.1 | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
8.1.2.5 | |
|
Oracle Financial Services Applications 5.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:5.1.0.0.0
|
5.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.9
|
8.1.2.9 | |
|
Oracle Financial Services Applications 8.1.2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.8
|
8.1.2.8 | |
|
Oracle Financial Services Applications 14.7.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.7.0
|
14.7.0.7.0 | |
|
Oracle Financial Services Applications 14.5.0.0.0-14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
14.5.0.0.0-14.7.0.0.0 | |
|
Oracle Financial Services Applications 22.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2.0.0.0
|
22.2.0.0.0 | |
|
Oracle Financial Services Applications 8.0.8.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.6
|
8.0.8.6 | |
|
Oracle Financial Services Applications 8.0.7.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8
|
8.0.7.8 | |
|
Oracle Financial Services Applications 21.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1.0.0.0
|
21.1.0.0.0 | |
|
Oracle Financial Services Applications 7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:7.0.0.0.0
|
7.0.0.0.0 | |
|
Oracle Financial Services Applications 22.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1.0.0.0
|
22.1.0.0.0 |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0
|
2.9.0.0.0-7.0.0.0.0 | |
|
Oracle Financial Services Applications 6.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:6.1.0.0.0
|
6.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.7.0
|
8.1.2.7.0 | |
|
Oracle Financial Services Applications 8.1.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.4
|
8.1.1.4 | |
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
8.0.8 | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
8.0.8.1 | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
8.1.2.5 | |
|
Oracle Financial Services Applications 5.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:5.1.0.0.0
|
5.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.9
|
8.1.2.9 | |
|
Oracle Financial Services Applications 8.1.2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.8
|
8.1.2.8 | |
|
Oracle Financial Services Applications 14.7.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.7.0
|
14.7.0.7.0 | |
|
Oracle Financial Services Applications 14.5.0.0.0-14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
14.5.0.0.0-14.7.0.0.0 | |
|
Oracle Financial Services Applications 22.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2.0.0.0
|
22.2.0.0.0 | |
|
Oracle Financial Services Applications 8.0.8.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.6
|
8.0.8.6 | |
|
Oracle Financial Services Applications 8.0.7.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8
|
8.0.7.8 | |
|
Oracle Financial Services Applications 21.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1.0.0.0
|
21.1.0.0.0 | |
|
Oracle Financial Services Applications 7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:7.0.0.0.0
|
7.0.0.0.0 | |
|
Oracle Financial Services Applications 22.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1.0.0.0
|
22.1.0.0.0 |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0
|
2.9.0.0.0-7.0.0.0.0 | |
|
Oracle Financial Services Applications 6.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:6.1.0.0.0
|
6.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.7.0
|
8.1.2.7.0 | |
|
Oracle Financial Services Applications 8.1.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.4
|
8.1.1.4 | |
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
8.0.8 | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
8.0.8.1 | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
8.1.2.5 | |
|
Oracle Financial Services Applications 5.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:5.1.0.0.0
|
5.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.9
|
8.1.2.9 | |
|
Oracle Financial Services Applications 8.1.2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.8
|
8.1.2.8 | |
|
Oracle Financial Services Applications 14.7.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.7.0
|
14.7.0.7.0 | |
|
Oracle Financial Services Applications 14.5.0.0.0-14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
14.5.0.0.0-14.7.0.0.0 | |
|
Oracle Financial Services Applications 22.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2.0.0.0
|
22.2.0.0.0 | |
|
Oracle Financial Services Applications 8.0.8.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.6
|
8.0.8.6 | |
|
Oracle Financial Services Applications 8.0.7.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8
|
8.0.7.8 | |
|
Oracle Financial Services Applications 21.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1.0.0.0
|
21.1.0.0.0 | |
|
Oracle Financial Services Applications 7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:7.0.0.0.0
|
7.0.0.0.0 | |
|
Oracle Financial Services Applications 22.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1.0.0.0
|
22.1.0.0.0 |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0
|
2.9.0.0.0-7.0.0.0.0 | |
|
Oracle Financial Services Applications 6.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:6.1.0.0.0
|
6.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.7.0
|
8.1.2.7.0 | |
|
Oracle Financial Services Applications 8.1.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.4
|
8.1.1.4 | |
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
8.0.8 | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
8.0.8.1 | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
8.1.2.5 | |
|
Oracle Financial Services Applications 5.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:5.1.0.0.0
|
5.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.9
|
8.1.2.9 | |
|
Oracle Financial Services Applications 8.1.2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.8
|
8.1.2.8 | |
|
Oracle Financial Services Applications 14.7.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.7.0
|
14.7.0.7.0 | |
|
Oracle Financial Services Applications 14.5.0.0.0-14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
14.5.0.0.0-14.7.0.0.0 | |
|
Oracle Financial Services Applications 22.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2.0.0.0
|
22.2.0.0.0 | |
|
Oracle Financial Services Applications 8.0.8.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.6
|
8.0.8.6 | |
|
Oracle Financial Services Applications 8.0.7.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8
|
8.0.7.8 | |
|
Oracle Financial Services Applications 21.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1.0.0.0
|
21.1.0.0.0 | |
|
Oracle Financial Services Applications 7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:7.0.0.0.0
|
7.0.0.0.0 | |
|
Oracle Financial Services Applications 22.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1.0.0.0
|
22.1.0.0.0 |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0
|
2.9.0.0.0-7.0.0.0.0 | |
|
Oracle Financial Services Applications 6.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:6.1.0.0.0
|
6.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.7.0
|
8.1.2.7.0 | |
|
Oracle Financial Services Applications 8.1.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.4
|
8.1.1.4 | |
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
8.0.8 | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
8.0.8.1 | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
8.1.2.5 | |
|
Oracle Financial Services Applications 5.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:5.1.0.0.0
|
5.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.9
|
8.1.2.9 | |
|
Oracle Financial Services Applications 8.1.2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.8
|
8.1.2.8 | |
|
Oracle Financial Services Applications 14.7.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.7.0
|
14.7.0.7.0 | |
|
Oracle Financial Services Applications 14.5.0.0.0-14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
14.5.0.0.0-14.7.0.0.0 | |
|
Oracle Financial Services Applications 22.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2.0.0.0
|
22.2.0.0.0 | |
|
Oracle Financial Services Applications 8.0.8.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.6
|
8.0.8.6 | |
|
Oracle Financial Services Applications 8.0.7.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8
|
8.0.7.8 | |
|
Oracle Financial Services Applications 21.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1.0.0.0
|
21.1.0.0.0 | |
|
Oracle Financial Services Applications 7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:7.0.0.0.0
|
7.0.0.0.0 | |
|
Oracle Financial Services Applications 22.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1.0.0.0
|
22.1.0.0.0 |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0
|
2.9.0.0.0-7.0.0.0.0 | |
|
Oracle Financial Services Applications 6.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:6.1.0.0.0
|
6.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.7.0
|
8.1.2.7.0 | |
|
Oracle Financial Services Applications 8.1.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.4
|
8.1.1.4 | |
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
8.0.8 | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
8.0.8.1 | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
8.1.2.5 | |
|
Oracle Financial Services Applications 5.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:5.1.0.0.0
|
5.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.9
|
8.1.2.9 | |
|
Oracle Financial Services Applications 8.1.2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.8
|
8.1.2.8 | |
|
Oracle Financial Services Applications 14.7.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.7.0
|
14.7.0.7.0 | |
|
Oracle Financial Services Applications 14.5.0.0.0-14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
14.5.0.0.0-14.7.0.0.0 | |
|
Oracle Financial Services Applications 22.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2.0.0.0
|
22.2.0.0.0 | |
|
Oracle Financial Services Applications 8.0.8.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.6
|
8.0.8.6 | |
|
Oracle Financial Services Applications 8.0.7.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8
|
8.0.7.8 | |
|
Oracle Financial Services Applications 21.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1.0.0.0
|
21.1.0.0.0 | |
|
Oracle Financial Services Applications 7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:7.0.0.0.0
|
7.0.0.0.0 | |
|
Oracle Financial Services Applications 22.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1.0.0.0
|
22.1.0.0.0 |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0
|
2.9.0.0.0-7.0.0.0.0 | |
|
Oracle Financial Services Applications 6.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:6.1.0.0.0
|
6.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.7.0
|
8.1.2.7.0 | |
|
Oracle Financial Services Applications 8.1.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.4
|
8.1.1.4 | |
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
8.0.8 | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
8.0.8.1 | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
8.1.2.5 | |
|
Oracle Financial Services Applications 5.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:5.1.0.0.0
|
5.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.9
|
8.1.2.9 | |
|
Oracle Financial Services Applications 8.1.2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.8
|
8.1.2.8 | |
|
Oracle Financial Services Applications 14.7.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.7.0
|
14.7.0.7.0 | |
|
Oracle Financial Services Applications 14.5.0.0.0-14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
14.5.0.0.0-14.7.0.0.0 | |
|
Oracle Financial Services Applications 22.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2.0.0.0
|
22.2.0.0.0 | |
|
Oracle Financial Services Applications 8.0.8.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.6
|
8.0.8.6 | |
|
Oracle Financial Services Applications 8.0.7.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8
|
8.0.7.8 | |
|
Oracle Financial Services Applications 21.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1.0.0.0
|
21.1.0.0.0 | |
|
Oracle Financial Services Applications 7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:7.0.0.0.0
|
7.0.0.0.0 | |
|
Oracle Financial Services Applications 22.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1.0.0.0
|
22.1.0.0.0 |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0
|
2.9.0.0.0-7.0.0.0.0 | |
|
Oracle Financial Services Applications 6.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:6.1.0.0.0
|
6.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.7.0
|
8.1.2.7.0 | |
|
Oracle Financial Services Applications 8.1.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.4
|
8.1.1.4 | |
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
8.0.8 | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
8.0.8.1 | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
8.1.2.5 | |
|
Oracle Financial Services Applications 5.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:5.1.0.0.0
|
5.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.9
|
8.1.2.9 | |
|
Oracle Financial Services Applications 8.1.2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.8
|
8.1.2.8 | |
|
Oracle Financial Services Applications 14.7.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.7.0
|
14.7.0.7.0 | |
|
Oracle Financial Services Applications 14.5.0.0.0-14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
14.5.0.0.0-14.7.0.0.0 | |
|
Oracle Financial Services Applications 22.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2.0.0.0
|
22.2.0.0.0 | |
|
Oracle Financial Services Applications 8.0.8.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.6
|
8.0.8.6 | |
|
Oracle Financial Services Applications 8.0.7.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8
|
8.0.7.8 | |
|
Oracle Financial Services Applications 21.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1.0.0.0
|
21.1.0.0.0 | |
|
Oracle Financial Services Applications 7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:7.0.0.0.0
|
7.0.0.0.0 | |
|
Oracle Financial Services Applications 22.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1.0.0.0
|
22.1.0.0.0 |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0
|
2.9.0.0.0-7.0.0.0.0 | |
|
Oracle Financial Services Applications 6.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:6.1.0.0.0
|
6.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.7.0
|
8.1.2.7.0 | |
|
Oracle Financial Services Applications 8.1.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.4
|
8.1.1.4 | |
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
8.0.8 | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
8.0.8.1 | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
8.1.2.5 | |
|
Oracle Financial Services Applications 5.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:5.1.0.0.0
|
5.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.9
|
8.1.2.9 | |
|
Oracle Financial Services Applications 8.1.2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.8
|
8.1.2.8 | |
|
Oracle Financial Services Applications 14.7.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.7.0
|
14.7.0.7.0 | |
|
Oracle Financial Services Applications 14.5.0.0.0-14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
14.5.0.0.0-14.7.0.0.0 | |
|
Oracle Financial Services Applications 22.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2.0.0.0
|
22.2.0.0.0 | |
|
Oracle Financial Services Applications 8.0.8.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.6
|
8.0.8.6 | |
|
Oracle Financial Services Applications 8.0.7.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8
|
8.0.7.8 | |
|
Oracle Financial Services Applications 21.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1.0.0.0
|
21.1.0.0.0 | |
|
Oracle Financial Services Applications 7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:7.0.0.0.0
|
7.0.0.0.0 | |
|
Oracle Financial Services Applications 22.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1.0.0.0
|
22.1.0.0.0 |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0
|
2.9.0.0.0-7.0.0.0.0 | |
|
Oracle Financial Services Applications 6.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:6.1.0.0.0
|
6.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.7.0
|
8.1.2.7.0 | |
|
Oracle Financial Services Applications 8.1.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.4
|
8.1.1.4 | |
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
8.0.8 | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
8.0.8.1 | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
8.1.2.5 | |
|
Oracle Financial Services Applications 5.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:5.1.0.0.0
|
5.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.9
|
8.1.2.9 | |
|
Oracle Financial Services Applications 8.1.2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.8
|
8.1.2.8 | |
|
Oracle Financial Services Applications 14.7.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.7.0
|
14.7.0.7.0 | |
|
Oracle Financial Services Applications 14.5.0.0.0-14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
14.5.0.0.0-14.7.0.0.0 | |
|
Oracle Financial Services Applications 22.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2.0.0.0
|
22.2.0.0.0 | |
|
Oracle Financial Services Applications 8.0.8.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.6
|
8.0.8.6 | |
|
Oracle Financial Services Applications 8.0.7.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8
|
8.0.7.8 | |
|
Oracle Financial Services Applications 21.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1.0.0.0
|
21.1.0.0.0 | |
|
Oracle Financial Services Applications 7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:7.0.0.0.0
|
7.0.0.0.0 | |
|
Oracle Financial Services Applications 22.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1.0.0.0
|
22.1.0.0.0 |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0
|
2.9.0.0.0-7.0.0.0.0 | |
|
Oracle Financial Services Applications 6.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:6.1.0.0.0
|
6.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.7.0
|
8.1.2.7.0 | |
|
Oracle Financial Services Applications 8.1.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.4
|
8.1.1.4 | |
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
8.0.8 | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
8.0.8.1 | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
8.1.2.5 | |
|
Oracle Financial Services Applications 5.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:5.1.0.0.0
|
5.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.9
|
8.1.2.9 | |
|
Oracle Financial Services Applications 8.1.2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.8
|
8.1.2.8 | |
|
Oracle Financial Services Applications 14.7.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.7.0
|
14.7.0.7.0 | |
|
Oracle Financial Services Applications 14.5.0.0.0-14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
14.5.0.0.0-14.7.0.0.0 | |
|
Oracle Financial Services Applications 22.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2.0.0.0
|
22.2.0.0.0 | |
|
Oracle Financial Services Applications 8.0.8.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.6
|
8.0.8.6 | |
|
Oracle Financial Services Applications 8.0.7.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8
|
8.0.7.8 | |
|
Oracle Financial Services Applications 21.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1.0.0.0
|
21.1.0.0.0 | |
|
Oracle Financial Services Applications 7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:7.0.0.0.0
|
7.0.0.0.0 | |
|
Oracle Financial Services Applications 22.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1.0.0.0
|
22.1.0.0.0 |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0
|
2.9.0.0.0-7.0.0.0.0 | |
|
Oracle Financial Services Applications 6.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:6.1.0.0.0
|
6.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.7.0
|
8.1.2.7.0 | |
|
Oracle Financial Services Applications 8.1.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.4
|
8.1.1.4 | |
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
8.0.8 | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
8.0.8.1 | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
8.1.2.5 | |
|
Oracle Financial Services Applications 5.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:5.1.0.0.0
|
5.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.9
|
8.1.2.9 | |
|
Oracle Financial Services Applications 8.1.2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.8
|
8.1.2.8 | |
|
Oracle Financial Services Applications 14.7.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.7.0
|
14.7.0.7.0 | |
|
Oracle Financial Services Applications 14.5.0.0.0-14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
14.5.0.0.0-14.7.0.0.0 | |
|
Oracle Financial Services Applications 22.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2.0.0.0
|
22.2.0.0.0 | |
|
Oracle Financial Services Applications 8.0.8.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.6
|
8.0.8.6 | |
|
Oracle Financial Services Applications 8.0.7.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8
|
8.0.7.8 | |
|
Oracle Financial Services Applications 21.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1.0.0.0
|
21.1.0.0.0 | |
|
Oracle Financial Services Applications 7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:7.0.0.0.0
|
7.0.0.0.0 | |
|
Oracle Financial Services Applications 22.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1.0.0.0
|
22.1.0.0.0 |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0
|
2.9.0.0.0-7.0.0.0.0 | |
|
Oracle Financial Services Applications 6.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:6.1.0.0.0
|
6.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.7.0
|
8.1.2.7.0 | |
|
Oracle Financial Services Applications 8.1.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.4
|
8.1.1.4 | |
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
8.0.8 | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
8.0.8.1 | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
8.1.2.5 | |
|
Oracle Financial Services Applications 5.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:5.1.0.0.0
|
5.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.9
|
8.1.2.9 | |
|
Oracle Financial Services Applications 8.1.2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.8
|
8.1.2.8 | |
|
Oracle Financial Services Applications 14.7.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.7.0
|
14.7.0.7.0 | |
|
Oracle Financial Services Applications 14.5.0.0.0-14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
14.5.0.0.0-14.7.0.0.0 | |
|
Oracle Financial Services Applications 22.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2.0.0.0
|
22.2.0.0.0 | |
|
Oracle Financial Services Applications 8.0.8.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.6
|
8.0.8.6 | |
|
Oracle Financial Services Applications 8.0.7.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8
|
8.0.7.8 | |
|
Oracle Financial Services Applications 21.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1.0.0.0
|
21.1.0.0.0 | |
|
Oracle Financial Services Applications 7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:7.0.0.0.0
|
7.0.0.0.0 | |
|
Oracle Financial Services Applications 22.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1.0.0.0
|
22.1.0.0.0 |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0
|
2.9.0.0.0-7.0.0.0.0 | |
|
Oracle Financial Services Applications 6.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:6.1.0.0.0
|
6.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.7.0
|
8.1.2.7.0 | |
|
Oracle Financial Services Applications 8.1.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.4
|
8.1.1.4 | |
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
8.0.8 | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
8.0.8.1 | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
8.1.2.5 | |
|
Oracle Financial Services Applications 5.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:5.1.0.0.0
|
5.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.9
|
8.1.2.9 | |
|
Oracle Financial Services Applications 8.1.2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.8
|
8.1.2.8 | |
|
Oracle Financial Services Applications 14.7.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.7.0
|
14.7.0.7.0 | |
|
Oracle Financial Services Applications 14.5.0.0.0-14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
14.5.0.0.0-14.7.0.0.0 | |
|
Oracle Financial Services Applications 22.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2.0.0.0
|
22.2.0.0.0 | |
|
Oracle Financial Services Applications 8.0.8.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.6
|
8.0.8.6 | |
|
Oracle Financial Services Applications 8.0.7.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8
|
8.0.7.8 | |
|
Oracle Financial Services Applications 21.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1.0.0.0
|
21.1.0.0.0 | |
|
Oracle Financial Services Applications 7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:7.0.0.0.0
|
7.0.0.0.0 | |
|
Oracle Financial Services Applications 22.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1.0.0.0
|
22.1.0.0.0 |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0
|
2.9.0.0.0-7.0.0.0.0 | |
|
Oracle Financial Services Applications 6.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:6.1.0.0.0
|
6.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.7.0
|
8.1.2.7.0 | |
|
Oracle Financial Services Applications 8.1.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.4
|
8.1.1.4 | |
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
8.0.8 | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
8.0.8.1 | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
8.1.2.5 | |
|
Oracle Financial Services Applications 5.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:5.1.0.0.0
|
5.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.9
|
8.1.2.9 | |
|
Oracle Financial Services Applications 8.1.2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.8
|
8.1.2.8 | |
|
Oracle Financial Services Applications 14.7.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.7.0
|
14.7.0.7.0 | |
|
Oracle Financial Services Applications 14.5.0.0.0-14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
14.5.0.0.0-14.7.0.0.0 | |
|
Oracle Financial Services Applications 22.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2.0.0.0
|
22.2.0.0.0 | |
|
Oracle Financial Services Applications 8.0.8.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.6
|
8.0.8.6 | |
|
Oracle Financial Services Applications 8.0.7.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8
|
8.0.7.8 | |
|
Oracle Financial Services Applications 21.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1.0.0.0
|
21.1.0.0.0 | |
|
Oracle Financial Services Applications 7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:7.0.0.0.0
|
7.0.0.0.0 | |
|
Oracle Financial Services Applications 22.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1.0.0.0
|
22.1.0.0.0 |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0
|
2.9.0.0.0-7.0.0.0.0 | |
|
Oracle Financial Services Applications 6.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:6.1.0.0.0
|
6.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.7.0
|
8.1.2.7.0 | |
|
Oracle Financial Services Applications 8.1.1.4
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.1.4
|
8.1.1.4 | |
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
8.0.8 | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
8.0.8.1 | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
8.1.2.5 | |
|
Oracle Financial Services Applications 5.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:5.1.0.0.0
|
5.1.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.9
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.9
|
8.1.2.9 | |
|
Oracle Financial Services Applications 8.1.2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.8
|
8.1.2.8 | |
|
Oracle Financial Services Applications 14.7.0.7.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.7.0
|
14.7.0.7.0 | |
|
Oracle Financial Services Applications 14.5.0.0.0-14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
14.5.0.0.0-14.7.0.0.0 | |
|
Oracle Financial Services Applications 22.2.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.2.0.0.0
|
22.2.0.0.0 | |
|
Oracle Financial Services Applications 8.0.8.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.6
|
8.0.8.6 | |
|
Oracle Financial Services Applications 8.0.7.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8
|
8.0.7.8 | |
|
Oracle Financial Services Applications 21.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:21.1.0.0.0
|
21.1.0.0.0 | |
|
Oracle Financial Services Applications 7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:7.0.0.0.0
|
7.0.0.0.0 | |
|
Oracle Financial Services Applications 22.1.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:22.1.0.0.0
|
22.1.0.0.0 |
References
3 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Oracle Financial Services ist eine Zusammenstellung von Anwendungen f\u00fcr den Finanzsektor und eine Technologiebasis zur Erf\u00fcllung von IT- und Gesch\u00e4ftsanforderungen.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Financial Services Applications ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-0819 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0819.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-0819 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0819"
},
{
"category": "external",
"summary": "Oracle Critical Patch Update Advisory - April 2025 - Appendix Oracle Financial Services Applications vom 2025-04-15",
"url": "https://www.oracle.com/security-alerts/cpuapr2025.html#AppendixIFLX"
}
],
"source_lang": "en-US",
"title": "Oracle Financial Services Applications: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-04-15T22:00:00.000+00:00",
"generator": {
"date": "2025-04-16T09:16:23.001+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.12"
}
},
"id": "WID-SEC-W-2025-0819",
"initial_release_date": "2025-04-15T22:00:00.000+00:00",
"revision_history": [
{
"date": "2025-04-15T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "8.0.8",
"product": {
"name": "Oracle Financial Services Applications 8.0.8",
"product_id": "T021677",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.0.8"
}
}
},
{
"category": "product_version",
"name": "8.0.8.1",
"product": {
"name": "Oracle Financial Services Applications 8.0.8.1",
"product_id": "T022844",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.0.8.1"
}
}
},
{
"category": "product_version",
"name": "21.1.0.0.0",
"product": {
"name": "Oracle Financial Services Applications 21.1.0.0.0",
"product_id": "T028695",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:21.1.0.0.0"
}
}
},
{
"category": "product_version",
"name": "22.1.0.0.0",
"product": {
"name": "Oracle Financial Services Applications 22.1.0.0.0",
"product_id": "T028696",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:22.1.0.0.0"
}
}
},
{
"category": "product_version",
"name": "22.2.0.0.0",
"product": {
"name": "Oracle Financial Services Applications 22.2.0.0.0",
"product_id": "T028697",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:22.2.0.0.0"
}
}
},
{
"category": "product_version",
"name": "14.5.0.0.0-14.7.0.0.0",
"product": {
"name": "Oracle Financial Services Applications 14.5.0.0.0-14.7.0.0.0",
"product_id": "T028702",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:14.7.0.0.0"
}
}
},
{
"category": "product_version",
"name": "8.1.2.5",
"product": {
"name": "Oracle Financial Services Applications 8.1.2.5",
"product_id": "T028706",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.1.2.5"
}
}
},
{
"category": "product_version",
"name": "6.1.0.0.0",
"product": {
"name": "Oracle Financial Services Applications 6.1.0.0.0",
"product_id": "T036223",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:6.1.0.0.0"
}
}
},
{
"category": "product_version",
"name": "8.1.2.8",
"product": {
"name": "Oracle Financial Services Applications 8.1.2.8",
"product_id": "T038392",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.1.2.8"
}
}
},
{
"category": "product_version",
"name": "7.0.0.0.0",
"product": {
"name": "Oracle Financial Services Applications 7.0.0.0.0",
"product_id": "T040463",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:7.0.0.0.0"
}
}
},
{
"category": "product_version",
"name": "8.0.7.8",
"product": {
"name": "Oracle Financial Services Applications 8.0.7.8",
"product_id": "T040464",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.0.7.8"
}
}
},
{
"category": "product_version",
"name": "8.0.8.6",
"product": {
"name": "Oracle Financial Services Applications 8.0.8.6",
"product_id": "T040465",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.0.8.6"
}
}
},
{
"category": "product_version",
"name": "2.9.0.0.0-7.0.0.0.0",
"product": {
"name": "Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0",
"product_id": "T040516",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0"
}
}
},
{
"category": "product_version",
"name": "8.1.2.7.0",
"product": {
"name": "Oracle Financial Services Applications 8.1.2.7.0",
"product_id": "T042808",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.1.2.7.0"
}
}
},
{
"category": "product_version",
"name": "8.1.1.4",
"product": {
"name": "Oracle Financial Services Applications 8.1.1.4",
"product_id": "T042809",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.1.1.4"
}
}
},
{
"category": "product_version",
"name": "5.1.0.0.0",
"product": {
"name": "Oracle Financial Services Applications 5.1.0.0.0",
"product_id": "T042810",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:5.1.0.0.0"
}
}
},
{
"category": "product_version",
"name": "8.1.2.9",
"product": {
"name": "Oracle Financial Services Applications 8.1.2.9",
"product_id": "T042811",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.1.2.9"
}
}
},
{
"category": "product_version",
"name": "14.7.0.7.0",
"product": {
"name": "Oracle Financial Services Applications 14.7.0.7.0",
"product_id": "T042812",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:14.7.0.7.0"
}
}
}
],
"category": "product_name",
"name": "Financial Services Applications"
}
],
"category": "vendor",
"name": "Oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-28170",
"product_status": {
"known_affected": [
"T040516",
"T036223",
"T042808",
"T042809",
"T021677",
"T022844",
"T028706",
"T042810",
"T042811",
"T038392",
"T042812",
"T028702",
"T028697",
"T040465",
"T040464",
"T028695",
"T040463",
"T028696"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2021-28170"
},
{
"cve": "CVE-2023-39410",
"product_status": {
"known_affected": [
"T040516",
"T036223",
"T042808",
"T042809",
"T021677",
"T022844",
"T028706",
"T042810",
"T042811",
"T038392",
"T042812",
"T028702",
"T028697",
"T040465",
"T040464",
"T028695",
"T040463",
"T028696"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2023-39410"
},
{
"cve": "CVE-2023-49582",
"product_status": {
"known_affected": [
"T040516",
"T036223",
"T042808",
"T042809",
"T021677",
"T022844",
"T028706",
"T042810",
"T042811",
"T038392",
"T042812",
"T028702",
"T028697",
"T040465",
"T040464",
"T028695",
"T040463",
"T028696"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2023-49582"
},
{
"cve": "CVE-2024-28168",
"product_status": {
"known_affected": [
"T040516",
"T036223",
"T042808",
"T042809",
"T021677",
"T022844",
"T028706",
"T042810",
"T042811",
"T038392",
"T042812",
"T028702",
"T028697",
"T040465",
"T040464",
"T028695",
"T040463",
"T028696"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2024-28168"
},
{
"cve": "CVE-2024-28219",
"product_status": {
"known_affected": [
"T040516",
"T036223",
"T042808",
"T042809",
"T021677",
"T022844",
"T028706",
"T042810",
"T042811",
"T038392",
"T042812",
"T028702",
"T028697",
"T040465",
"T040464",
"T028695",
"T040463",
"T028696"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2024-28219"
},
{
"cve": "CVE-2024-35195",
"product_status": {
"known_affected": [
"T040516",
"T036223",
"T042808",
"T042809",
"T021677",
"T022844",
"T028706",
"T042810",
"T042811",
"T038392",
"T042812",
"T028702",
"T028697",
"T040465",
"T040464",
"T028695",
"T040463",
"T028696"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2024-35195"
},
{
"cve": "CVE-2024-37891",
"product_status": {
"known_affected": [
"T040516",
"T036223",
"T042808",
"T042809",
"T021677",
"T022844",
"T028706",
"T042810",
"T042811",
"T038392",
"T042812",
"T028702",
"T028697",
"T040465",
"T040464",
"T028695",
"T040463",
"T028696"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2024-37891"
},
{
"cve": "CVE-2024-38819",
"product_status": {
"known_affected": [
"T040516",
"T036223",
"T042808",
"T042809",
"T021677",
"T022844",
"T028706",
"T042810",
"T042811",
"T038392",
"T042812",
"T028702",
"T028697",
"T040465",
"T040464",
"T028695",
"T040463",
"T028696"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2024-38819"
},
{
"cve": "CVE-2024-38820",
"product_status": {
"known_affected": [
"T040516",
"T036223",
"T042808",
"T042809",
"T021677",
"T022844",
"T028706",
"T042810",
"T042811",
"T038392",
"T042812",
"T028702",
"T028697",
"T040465",
"T040464",
"T028695",
"T040463",
"T028696"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2024-38820"
},
{
"cve": "CVE-2024-38827",
"product_status": {
"known_affected": [
"T040516",
"T036223",
"T042808",
"T042809",
"T021677",
"T022844",
"T028706",
"T042810",
"T042811",
"T038392",
"T042812",
"T028702",
"T028697",
"T040465",
"T040464",
"T028695",
"T040463",
"T028696"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2024-38827"
},
{
"cve": "CVE-2024-47072",
"product_status": {
"known_affected": [
"T040516",
"T036223",
"T042808",
"T042809",
"T021677",
"T022844",
"T028706",
"T042810",
"T042811",
"T038392",
"T042812",
"T028702",
"T028697",
"T040465",
"T040464",
"T028695",
"T040463",
"T028696"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2024-47072"
},
{
"cve": "CVE-2024-47554",
"product_status": {
"known_affected": [
"T040516",
"T036223",
"T042808",
"T042809",
"T021677",
"T022844",
"T028706",
"T042810",
"T042811",
"T038392",
"T042812",
"T028702",
"T028697",
"T040465",
"T040464",
"T028695",
"T040463",
"T028696"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2024-47554"
},
{
"cve": "CVE-2024-5206",
"product_status": {
"known_affected": [
"T040516",
"T036223",
"T042808",
"T042809",
"T021677",
"T022844",
"T028706",
"T042810",
"T042811",
"T038392",
"T042812",
"T028702",
"T028697",
"T040465",
"T040464",
"T028695",
"T040463",
"T028696"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2024-5206"
},
{
"cve": "CVE-2024-56128",
"product_status": {
"known_affected": [
"T040516",
"T036223",
"T042808",
"T042809",
"T021677",
"T022844",
"T028706",
"T042810",
"T042811",
"T038392",
"T042812",
"T028702",
"T028697",
"T040465",
"T040464",
"T028695",
"T040463",
"T028696"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2024-56128"
},
{
"cve": "CVE-2024-56337",
"product_status": {
"known_affected": [
"T040516",
"T036223",
"T042808",
"T042809",
"T021677",
"T022844",
"T028706",
"T042810",
"T042811",
"T038392",
"T042812",
"T028702",
"T028697",
"T040465",
"T040464",
"T028695",
"T040463",
"T028696"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2024-56337"
},
{
"cve": "CVE-2024-57699",
"product_status": {
"known_affected": [
"T040516",
"T036223",
"T042808",
"T042809",
"T021677",
"T022844",
"T028706",
"T042810",
"T042811",
"T038392",
"T042812",
"T028702",
"T028697",
"T040465",
"T040464",
"T028695",
"T040463",
"T028696"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2024-57699"
},
{
"cve": "CVE-2025-21573",
"product_status": {
"known_affected": [
"T040516",
"T036223",
"T042808",
"T042809",
"T021677",
"T022844",
"T028706",
"T042810",
"T042811",
"T038392",
"T042812",
"T028702",
"T028697",
"T040465",
"T040464",
"T028695",
"T040463",
"T028696"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2025-21573"
},
{
"cve": "CVE-2025-23184",
"product_status": {
"known_affected": [
"T040516",
"T036223",
"T042808",
"T042809",
"T021677",
"T022844",
"T028706",
"T042810",
"T042811",
"T038392",
"T042812",
"T028702",
"T028697",
"T040465",
"T040464",
"T028695",
"T040463",
"T028696"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2025-23184"
},
{
"cve": "CVE-2025-24970",
"product_status": {
"known_affected": [
"T040516",
"T036223",
"T042808",
"T042809",
"T021677",
"T022844",
"T028706",
"T042810",
"T042811",
"T038392",
"T042812",
"T028702",
"T028697",
"T040465",
"T040464",
"T028695",
"T040463",
"T028696"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2025-24970"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…