Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2024-52046 (GCVE-0-2024-52046)
Vulnerability from cvelistv5 – Published: 2024-12-25 10:06 – Updated: 2025-08-02 03:55
VLAI
EPSS
Title
Apache MINA: MINA applications using unbounded deserialization may allow RCE
Summary
The ObjectSerializationDecoder in Apache MINA uses Java’s native deserialization protocol to process
incoming serialized data but lacks the necessary security checks and defenses. This vulnerability allows
attackers to exploit the deserialization process by sending specially crafted malicious serialized data,
potentially leading to remote code execution (RCE) attacks.
This issue affects MINA core versions 2.0.X, 2.1.X and 2.2.X, and will be fixed by the releases 2.0.27, 2.1.10 and 2.2.4.
It's also important to note that an application using MINA core library will only be affected if the IoBuffer#getObject() method is called, and this specific method is potentially called when adding a ProtocolCodecFilter instance using the ObjectSerializationCodecFactory class in the filter chain. If your application is specifically using those classes, you have to upgrade to the latest version of MINA core library.
Upgrading will not be enough: you also need to explicitly allow the classes the decoder will accept in the ObjectSerializationDecoder instance, using one of the three new methods:
/**
* Accept class names where the supplied ClassNameMatcher matches for
* deserialization, unless they are otherwise rejected.
*
* @param classNameMatcher the matcher to use
*/
public void accept(ClassNameMatcher classNameMatcher)
/**
* Accept class names that match the supplied pattern for
* deserialization, unless they are otherwise rejected.
*
* @param pattern standard Java regexp
*/
public void accept(Pattern pattern)
/**
* Accept the wildcard specified classes for deserialization,
* unless they are otherwise rejected.
*
* @param patterns Wildcard file name patterns as defined by
* {@link org.apache.commons.io.FilenameUtils#wildcardMatch(String, String) FilenameUtils.wildcardMatch}
*/
public void accept(String... patterns)
By default, the decoder will reject *all* classes that will be present in the incoming data.
Note: The FtpServer, SSHd and Vysper sub-project are not affected by this issue.
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-502 - Deserialization of Untrusted Data
Assigner
References
3 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache MINA |
Unknown:
2.0 , ≤ 2.0.26
(semver)
Affected: 2.1 , ≤ 2.1.9 (semver) Affected: 2.2 , ≤ 2.2.3 (semver) |
Credits
The initial report was submitted by Bofei Chen, with all the necessary bits to reproduce the RCE
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-01-03T12:04:29.831Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2024/12/25/1"
},
{
"url": "https://security.netapp.com/advisory/ntap-20250103-0001/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-52046",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-01T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-02T03:55:42.727Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://repo.maven.apache.org/maven2",
"defaultStatus": "unaffected",
"packageName": "org.apache.mina:mina-core",
"product": "Apache MINA",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "2.0.26",
"status": "unknown",
"version": "2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "2.1.9",
"status": "affected",
"version": "2.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "2.2.3",
"status": "affected",
"version": "2.2",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "The initial report was submitted by Bofei Chen, with all the necessary bits to reproduce the RCE"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\n\t\t\t\u003cdiv\u003e\n\t\t\t\t\u003cdiv\u003e\n\t\t\t\t\t\u003cdiv\u003e\n\t\t\t\t\t\t\u003cp\u003eThe ObjectSerializationDecoder in Apache MINA uses Java\u2019s native deserialization protocol to process\nincoming serialized data but lacks the necessary security checks and defenses. This vulnerability allows\nattackers to exploit the deserialization process by sending specially crafted malicious serialized data,\npotentially leading to remote code execution (RCE) attacks.\n\u003c/p\u003e\n\t\t\t\t\t\u003c/div\u003e\n\t\t\t\t\u003c/div\u003e\n\t\t\t\u003c/div\u003e\n\t\t\u003c/div\u003e\u003cdiv\u003e\n\t\nThis issue affects MINA core versions 2.0.X, 2.1.X and 2.2.X, and will be fixed by the releases 2.0.27, 2.1.10 and 2.2.4.\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003eIt\u0027s also important to note that an application using MINA core library will only be affected if the \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eIoBuffer#getObject\u003c/span\u003e\u003c/span\u003e() method is called, and this specific method is potentially called when adding a ProtocolCodecFilter instance using the \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(212, 212, 212);\"\u003eObjectSerializationCodecFactory\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e class in the filter chain. If your application is specifically using those classes, you have to upgrade to the latest version of MINA core library.\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003eUpgrading will\u0026nbsp; not be enough: you also need to explicitly allow the classes the decoder will accept in the \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(212, 212, 212);\"\u003eObjectSerializationDecoder\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e instance, using one of the three new methods:\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003e /**\u003c/p\u003e\u003cp\u003e\u0026nbsp; \u0026nbsp;\u0026nbsp; * Accept class names where the supplied ClassNameMatcher matches for\u003c/p\u003e\u003cp\u003e * deserialization, unless they are otherwise rejected.\u003c/p\u003e\u003cp\u003e *\u003c/p\u003e\u003cp\u003e * @param classNameMatcher the matcher to use\u003c/p\u003e\u003cp\u003e */\u003c/p\u003e\u003cp\u003e public void \u003cspan style=\"background-color: rgb(212, 212, 212);\"\u003eaccept\u003c/span\u003e(ClassNameMatcher classNameMatcher)\u003c/p\u003e\u003cp\u003e\u003cbr\u003e\u003c/p\u003e\u003cp\u003e /**\u003c/p\u003e\u003cp\u003e * Accept class names that match the supplied pattern for\u003c/p\u003e\u003cp\u003e * deserialization, unless they are otherwise rejected.\u003c/p\u003e\u003cp\u003e *\u003c/p\u003e\u003cp\u003e * @param pattern standard Java regexp\u003c/p\u003e\u003cp\u003e */\u003c/p\u003e\u003cp\u003e public void accept(Pattern pattern) \u003cbr\u003e\u003c/p\u003e\u003cp\u003e\u003cbr\u003e\u003c/p\u003e\u003cp\u003e /**\u003c/p\u003e\u003cp\u003e * Accept the wildcard specified classes for deserialization,\u003c/p\u003e\u003cp\u003e * unless they are otherwise rejected.\u003c/p\u003e\u003cp\u003e *\u003c/p\u003e\u003cp\u003e * @param patterns Wildcard file name patterns as defined by\u003c/p\u003e\u003cp\u003e * {@link org.apache.commons.io.FilenameUtils#wildcardMatch(String, String) FilenameUtils.wildcardMatch}\u003c/p\u003e\u003cp\u003e */\u003c/p\u003e\u003cp\u003e public void accept(String... patterns)\u003cbr\u003e\u003c/p\u003e\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003eBy default, the decoder will reject *all* classes that will be present in the incoming data.\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003eNote: The FtpServer, SSHd and Vysper sub-project are not affected by this issue.\u003cbr\u003e\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e"
}
],
"value": "The ObjectSerializationDecoder in Apache MINA uses Java\u2019s native deserialization protocol to process\nincoming serialized data but lacks the necessary security checks and defenses. This vulnerability allows\nattackers to exploit the deserialization process by sending specially crafted malicious serialized data,\npotentially leading to remote code execution (RCE) attacks.\n\n\n\n\t\t\t\t\t\n\n\n\t\t\t\t\n\n\n\t\t\t\n\n\n\t\t\n\n\n\t\nThis issue affects MINA core versions 2.0.X, 2.1.X and 2.2.X, and will be fixed by the releases 2.0.27, 2.1.10 and 2.2.4.\n\n\n\n\n\nIt\u0027s also important to note that an application using MINA core library will only be affected if the IoBuffer#getObject() method is called, and this specific method is potentially called when adding a ProtocolCodecFilter instance using the ObjectSerializationCodecFactory class in the filter chain. If your application is specifically using those classes, you have to upgrade to the latest version of MINA core library.\n\n\n\n\nUpgrading will\u00a0 not be enough: you also need to explicitly allow the classes the decoder will accept in the ObjectSerializationDecoder instance, using one of the three new methods:\n\n\n\n\n /**\n\n\u00a0 \u00a0\u00a0 * Accept class names where the supplied ClassNameMatcher matches for\n\n * deserialization, unless they are otherwise rejected.\n\n *\n\n * @param classNameMatcher the matcher to use\n\n */\n\n public void accept(ClassNameMatcher classNameMatcher)\n\n\n\n\n /**\n\n * Accept class names that match the supplied pattern for\n\n * deserialization, unless they are otherwise rejected.\n\n *\n\n * @param pattern standard Java regexp\n\n */\n\n public void accept(Pattern pattern) \n\n\n\n\n\n /**\n\n * Accept the wildcard specified classes for deserialization,\n\n * unless they are otherwise rejected.\n\n *\n\n * @param patterns Wildcard file name patterns as defined by\n\n * {@link org.apache.commons.io.FilenameUtils#wildcardMatch(String, String) FilenameUtils.wildcardMatch}\n\n */\n\n public void accept(String... patterns)\n\n\n\n\n\n\n\nBy default, the decoder will reject *all* classes that will be present in the incoming data.\n\n\n\n\n\n\n\nNote: The FtpServer, SSHd and Vysper sub-project are not affected by this issue."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502 Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T09:33:36.380Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/4wxktgjpggdbto15d515wdctohb0qmv8"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Apache MINA: MINA applications using unbounded deserialization may allow RCE",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2024-52046",
"datePublished": "2024-12-25T10:06:23.887Z",
"dateReserved": "2024-11-05T13:13:06.944Z",
"dateUpdated": "2025-08-02T03:55:42.727Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2024-52046",
"date": "2026-06-04",
"epss": "0.55384",
"percentile": "0.98108"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-52046\",\"sourceIdentifier\":\"security@apache.org\",\"published\":\"2024-12-25T10:15:05.437\",\"lastModified\":\"2025-02-12T10:15:13.573\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The ObjectSerializationDecoder in Apache MINA uses Java\u2019s native deserialization protocol to process\\nincoming serialized data but lacks the necessary security checks and defenses. This vulnerability allows\\nattackers to exploit the deserialization process by sending specially crafted malicious serialized data,\\npotentially leading to remote code execution (RCE) attacks.\\n\\n\\n\\n\\t\\t\\t\\t\\t\\n\\n\\n\\t\\t\\t\\t\\n\\n\\n\\t\\t\\t\\n\\n\\n\\t\\t\\n\\n\\n\\t\\nThis issue affects MINA core versions 2.0.X, 2.1.X and 2.2.X, and will be fixed by the releases 2.0.27, 2.1.10 and 2.2.4.\\n\\n\\n\\n\\n\\nIt\u0027s also important to note that an application using MINA core library will only be affected if the IoBuffer#getObject() method is called, and this specific method is potentially called when adding a ProtocolCodecFilter instance using the ObjectSerializationCodecFactory class in the filter chain. If your application is specifically using those classes, you have to upgrade to the latest version of MINA core library.\\n\\n\\n\\n\\nUpgrading will\u00a0 not be enough: you also need to explicitly allow the classes the decoder will accept in the ObjectSerializationDecoder instance, using one of the three new methods:\\n\\n\\n\\n\\n /**\\n\\n\u00a0 \u00a0\u00a0 * Accept class names where the supplied ClassNameMatcher matches for\\n\\n * deserialization, unless they are otherwise rejected.\\n\\n *\\n\\n * @param classNameMatcher the matcher to use\\n\\n */\\n\\n public void accept(ClassNameMatcher classNameMatcher)\\n\\n\\n\\n\\n /**\\n\\n * Accept class names that match the supplied pattern for\\n\\n * deserialization, unless they are otherwise rejected.\\n\\n *\\n\\n * @param pattern standard Java regexp\\n\\n */\\n\\n public void accept(Pattern pattern) \\n\\n\\n\\n\\n\\n /**\\n\\n * Accept the wildcard specified classes for deserialization,\\n\\n * unless they are otherwise rejected.\\n\\n *\\n\\n * @param patterns Wildcard file name patterns as defined by\\n\\n * {@link org.apache.commons.io.FilenameUtils#wildcardMatch(String, String) FilenameUtils.wildcardMatch}\\n\\n */\\n\\n public void accept(String... patterns)\\n\\n\\n\\n\\n\\n\\n\\nBy default, the decoder will reject *all* classes that will be present in the incoming data.\\n\\n\\n\\n\\n\\n\\n\\nNote: The FtpServer, SSHd and Vysper sub-project are not affected by this issue.\"},{\"lang\":\"es\",\"value\":\"ObjectSerializationDecoder en Apache MINA utiliza el protocolo de deserializaci\u00f3n nativo de Java para procesar datos serializados entrantes, pero carece de las defensas y controles de seguridad necesarios. Esta vulnerabilidad permite a los atacantes aprovechar el proceso de deserializaci\u00f3n enviando datos serializados maliciosos especialmente manipulados, lo que podr\u00eda provocar ataques de ejecuci\u00f3n remota de c\u00f3digo (RCE). Este problema afecta a las versiones principales de MINA 2.0.X, 2.1.X y 2.2.X y se solucionar\u00e1 con las versiones 2.0.27, 2.1.10 y 2.2.4. Tambi\u00e9n es importante tener en cuenta que una aplicaci\u00f3n que utiliza la librer\u00eda central MINA solo se ver\u00e1 afectada si se llama al m\u00e9todo IoBuffer#getObject(), y este m\u00e9todo espec\u00edfico se llama potencialmente al agregar una instancia de ProtocolCodecFilter usando la clase ObjectSerializationCodecFactory en la cadena de filtros. Si su aplicaci\u00f3n utiliza espec\u00edficamente esas clases, debe actualizar a la \u00faltima versi\u00f3n de la librer\u00eda principal de MINA. La actualizaci\u00f3n no ser\u00e1 suficiente: tambi\u00e9n necesitar\u00e1 permitir expl\u00edcitamente las clases que el descodificador aceptar\u00e1 en la instancia de ObjectSerializationDecoder, usando uno de los tres nuevos m\u00e9todos: /** * Aceptar nombres de clase donde el ClassNameMatcher suministrado coincida para * la deserializaci\u00f3n, a menos que sean de lo contrario rechazado. * * @param classNameMatcher el comparador a usar */ public void Accept(ClassNameMatcher classNameMatcher) /** * Acepta nombres de clase que coincidan con el patr\u00f3n proporcionado para * la deserializaci\u00f3n, a menos que se rechacen de otra manera. * * @param patr\u00f3n est\u00e1ndar Java regexp */ public void aceptar(Patr\u00f3n de patr\u00f3n) /** * Acepte las clases especificadas como comod\u00edn para la deserializaci\u00f3n, * a menos que se rechacen de otra manera. * * @param patrones Patrones de nombres de archivos comod\u00edn definidos por * {@link org.apache.commons.io.FilenameUtils#wildcardMatch(String, String) FilenameUtils.wildcardMatch} */ public void Accept(String... patrones) De forma predeterminada , el decodificador rechazar\u00e1 *todas* las clases que estar\u00e1n presentes en los datos entrantes. Nota: Los subproyectos FtpServer, SSHd y Vysper no se ven afectados por este problema.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"security@apache.org\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":10.0,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"HIGH\",\"vulnIntegrityImpact\":\"HIGH\",\"vulnAvailabilityImpact\":\"HIGH\",\"subConfidentialityImpact\":\"HIGH\",\"subIntegrityImpact\":\"HIGH\",\"subAvailabilityImpact\":\"HIGH\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"security@apache.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-502\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-502\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:mina:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.0.0\",\"versionEndExcluding\":\"2.0.27\",\"matchCriteriaId\":\"F82D7D4E-546B-41CC-8B5B-8456319E2FB0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:mina:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.1.0\",\"versionEndExcluding\":\"2.1.10\",\"matchCriteriaId\":\"9EC85FF7-169C-418D-86C7-D9FDC8A27E93\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:mina:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.2.0\",\"versionEndExcluding\":\"2.2.4\",\"matchCriteriaId\":\"E75343C5-A12C-4E79-B292-3ED290E0F039\"}]}]}],\"references\":[{\"url\":\"https://lists.apache.org/thread/4wxktgjpggdbto15d515wdctohb0qmv8\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/12/25/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20250103-0001/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"http://www.openwall.com/lists/oss-security/2024/12/25/1\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20250103-0001/\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-01-03T12:04:29.831Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-52046\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-12-26T18:13:45.274032Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-12-26T18:13:51.315Z\"}}], \"cna\": {\"title\": \"Apache MINA: MINA applications using unbounded deserialization may allow RCE\", \"source\": {\"discovery\": \"EXTERNAL\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"The initial report was submitted by Bofei Chen, with all the necessary bits to reproduce the RCE\"}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NOT_DEFINED\", \"version\": \"4.0\", \"Recovery\": \"NOT_DEFINED\", \"baseScore\": 10, \"Automatable\": \"NOT_DEFINED\", \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"valueDensity\": \"NOT_DEFINED\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H\", \"providerUrgency\": \"NOT_DEFINED\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"NONE\", \"subIntegrityImpact\": \"HIGH\", \"vulnIntegrityImpact\": \"HIGH\", \"subAvailabilityImpact\": \"HIGH\", \"vulnAvailabilityImpact\": \"HIGH\", \"subConfidentialityImpact\": \"HIGH\", \"vulnConfidentialityImpact\": \"HIGH\", \"vulnerabilityResponseEffort\": \"NOT_DEFINED\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Apache Software Foundation\", \"product\": \"Apache MINA\", \"versions\": [{\"status\": \"unknown\", \"version\": \"2.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"2.0.26\"}, {\"status\": \"affected\", \"version\": \"2.1\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"2.1.9\"}, {\"status\": \"affected\", \"version\": \"2.2\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"2.2.3\"}], \"packageName\": \"org.apache.mina:mina-core\", \"collectionURL\": \"https://repo.maven.apache.org/maven2\", \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://lists.apache.org/thread/4wxktgjpggdbto15d515wdctohb0qmv8\", \"tags\": [\"vendor-advisory\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"The ObjectSerializationDecoder in Apache MINA uses Java\\u2019s native deserialization protocol to process\\nincoming serialized data but lacks the necessary security checks and defenses. This vulnerability allows\\nattackers to exploit the deserialization process by sending specially crafted malicious serialized data,\\npotentially leading to remote code execution (RCE) attacks.\\n\\n\\n\\n\\t\\t\\t\\t\\t\\n\\n\\n\\t\\t\\t\\t\\n\\n\\n\\t\\t\\t\\n\\n\\n\\t\\t\\n\\n\\n\\t\\nThis issue affects MINA core versions 2.0.X, 2.1.X and 2.2.X, and will be fixed by the releases 2.0.27, 2.1.10 and 2.2.4.\\n\\n\\n\\n\\n\\nIt\u0027s also important to note that an application using MINA core library will only be affected if the IoBuffer#getObject() method is called, and this specific method is potentially called when adding a ProtocolCodecFilter instance using the ObjectSerializationCodecFactory class in the filter chain. If your application is specifically using those classes, you have to upgrade to the latest version of MINA core library.\\n\\n\\n\\n\\nUpgrading will\\u00a0 not be enough: you also need to explicitly allow the classes the decoder will accept in the ObjectSerializationDecoder instance, using one of the three new methods:\\n\\n\\n\\n\\n /**\\n\\n\\u00a0 \\u00a0\\u00a0 * Accept class names where the supplied ClassNameMatcher matches for\\n\\n * deserialization, unless they are otherwise rejected.\\n\\n *\\n\\n * @param classNameMatcher the matcher to use\\n\\n */\\n\\n public void accept(ClassNameMatcher classNameMatcher)\\n\\n\\n\\n\\n /**\\n\\n * Accept class names that match the supplied pattern for\\n\\n * deserialization, unless they are otherwise rejected.\\n\\n *\\n\\n * @param pattern standard Java regexp\\n\\n */\\n\\n public void accept(Pattern pattern) \\n\\n\\n\\n\\n\\n /**\\n\\n * Accept the wildcard specified classes for deserialization,\\n\\n * unless they are otherwise rejected.\\n\\n *\\n\\n * @param patterns Wildcard file name patterns as defined by\\n\\n * {@link org.apache.commons.io.FilenameUtils#wildcardMatch(String, String) FilenameUtils.wildcardMatch}\\n\\n */\\n\\n public void accept(String... patterns)\\n\\n\\n\\n\\n\\n\\n\\nBy default, the decoder will reject *all* classes that will be present in the incoming data.\\n\\n\\n\\n\\n\\n\\n\\nNote: The FtpServer, SSHd and Vysper sub-project are not affected by this issue.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cdiv\u003e\\n\\t\\t\\t\u003cdiv\u003e\\n\\t\\t\\t\\t\u003cdiv\u003e\\n\\t\\t\\t\\t\\t\u003cdiv\u003e\\n\\t\\t\\t\\t\\t\\t\u003cp\u003eThe ObjectSerializationDecoder in Apache MINA uses Java\\u2019s native deserialization protocol to process\\nincoming serialized data but lacks the necessary security checks and defenses. This vulnerability allows\\nattackers to exploit the deserialization process by sending specially crafted malicious serialized data,\\npotentially leading to remote code execution (RCE) attacks.\\n\u003c/p\u003e\\n\\t\\t\\t\\t\\t\u003c/div\u003e\\n\\t\\t\\t\\t\u003c/div\u003e\\n\\t\\t\\t\u003c/div\u003e\\n\\t\\t\u003c/div\u003e\u003cdiv\u003e\\n\\t\\nThis issue affects MINA core versions 2.0.X, 2.1.X and 2.2.X, and will be fixed by the releases 2.0.27, 2.1.10 and 2.2.4.\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003eIt\u0027s also important to note that an application using MINA core library will only be affected if the \u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003e\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003eIoBuffer#getObject\u003c/span\u003e\u003c/span\u003e() method is called, and this specific method is potentially called when adding a ProtocolCodecFilter instance using the \u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003e\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003e\u003cspan style=\\\"background-color: rgb(212, 212, 212);\\\"\u003eObjectSerializationCodecFactory\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e class in the filter chain. If your application is specifically using those classes, you have to upgrade to the latest version of MINA core library.\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003eUpgrading will\u0026nbsp; not be enough: you also need to explicitly allow the classes the decoder will accept in the \u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003e\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003e\u003cspan style=\\\"background-color: rgb(212, 212, 212);\\\"\u003eObjectSerializationDecoder\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e instance, using one of the three new methods:\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003e /**\u003c/p\u003e\u003cp\u003e\u0026nbsp; \u0026nbsp;\u0026nbsp; * Accept class names where the supplied ClassNameMatcher matches for\u003c/p\u003e\u003cp\u003e * deserialization, unless they are otherwise rejected.\u003c/p\u003e\u003cp\u003e *\u003c/p\u003e\u003cp\u003e * @param classNameMatcher the matcher to use\u003c/p\u003e\u003cp\u003e */\u003c/p\u003e\u003cp\u003e public void \u003cspan style=\\\"background-color: rgb(212, 212, 212);\\\"\u003eaccept\u003c/span\u003e(ClassNameMatcher classNameMatcher)\u003c/p\u003e\u003cp\u003e\u003cbr\u003e\u003c/p\u003e\u003cp\u003e /**\u003c/p\u003e\u003cp\u003e * Accept class names that match the supplied pattern for\u003c/p\u003e\u003cp\u003e * deserialization, unless they are otherwise rejected.\u003c/p\u003e\u003cp\u003e *\u003c/p\u003e\u003cp\u003e * @param pattern standard Java regexp\u003c/p\u003e\u003cp\u003e */\u003c/p\u003e\u003cp\u003e public void accept(Pattern pattern) \u003cbr\u003e\u003c/p\u003e\u003cp\u003e\u003cbr\u003e\u003c/p\u003e\u003cp\u003e /**\u003c/p\u003e\u003cp\u003e * Accept the wildcard specified classes for deserialization,\u003c/p\u003e\u003cp\u003e * unless they are otherwise rejected.\u003c/p\u003e\u003cp\u003e *\u003c/p\u003e\u003cp\u003e * @param patterns Wildcard file name patterns as defined by\u003c/p\u003e\u003cp\u003e * {@link org.apache.commons.io.FilenameUtils#wildcardMatch(String, String) FilenameUtils.wildcardMatch}\u003c/p\u003e\u003cp\u003e */\u003c/p\u003e\u003cp\u003e public void accept(String... patterns)\u003cbr\u003e\u003c/p\u003e\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003eBy default, the decoder will reject *all* classes that will be present in the incoming data.\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003eNote: The FtpServer, SSHd and Vysper sub-project are not affected by this issue.\u003cbr\u003e\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-502\", \"description\": \"CWE-502 Deserialization of Untrusted Data\"}]}], \"providerMetadata\": {\"orgId\": \"f0158376-9dc2-43b6-827c-5f631a4d8d09\", \"shortName\": \"apache\", \"dateUpdated\": \"2025-02-12T09:33:36.380Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-52046\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-08-02T03:55:42.727Z\", \"dateReserved\": \"2024-11-05T13:13:06.944Z\", \"assignerOrgId\": \"f0158376-9dc2-43b6-827c-5f631a4d8d09\", \"datePublished\": \"2024-12-25T10:06:23.887Z\", \"assignerShortName\": \"apache\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
WID-SEC-W-2025-0824
Vulnerability from csaf_certbund - Published: 2025-04-15 22:00 - Updated: 2025-04-15 22:00Summary
Oracle Communications Applications: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Communications Applications umfasst eine Sammlung von Werkzeugen zur Verwaltung von Messaging-, Kommunikationsdiensten und -ressourcen.
Angriff: Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Communications Applications ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme: - Linux
- UNIX
- Windows
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Applications 15.0.0.0.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications Applications 7.5.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.5.0
|
7.5.0 | |
|
Oracle Communications Applications 8.1.0.26.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.1.0.26.0
|
8.1.0.26.0 | |
|
Oracle Communications Applications 8.0.0.4.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.0.0.4.0
|
8.0.0.4.0 | |
|
Oracle Communications Applications 7.3.6
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.3.6
|
7.3.6 | |
|
Oracle Communications Applications 8.1.0.2.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.1.0.2.0
|
8.1.0.2.0 | |
|
Oracle Communications Applications 6.3.1
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:6.3.1
|
6.3.1 | |
|
Oracle Communications Applications 7.4.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.4.0
|
7.4.0 | |
|
Oracle Communications Applications 12.0.6.0.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:12.0.6.0.0
|
12.0.6.0.0 | |
|
Oracle Communications Applications 7.4.1
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.4.1
|
7.4.1 | |
|
Oracle Communications Applications 6.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:6.0
|
6 | |
|
Oracle Communications Applications 7.6.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.6.0
|
7.6.0 | |
|
Oracle Communications Applications 7.7.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.7.0
|
7.7.0 |
Last affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Applications <=6.1
Oracle / Communications Applications
|
<=6.1 | ||
|
Oracle Communications Applications <=15.0.1.0.0
Oracle / Communications Applications
|
<=15.0.1.0.0 | ||
|
Oracle Communications Applications <=12.0.0.8.0
Oracle / Communications Applications
|
<=12.0.0.8.0 | ||
|
Oracle Communications Applications <=7.5.1
Oracle / Communications Applications
|
<=7.5.1 | ||
|
Oracle Communications Applications <=7.4.2
Oracle / Communications Applications
|
<=7.4.2 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Applications 15.0.0.0.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications Applications 7.5.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.5.0
|
7.5.0 | |
|
Oracle Communications Applications 8.1.0.26.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.1.0.26.0
|
8.1.0.26.0 | |
|
Oracle Communications Applications 8.0.0.4.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.0.0.4.0
|
8.0.0.4.0 | |
|
Oracle Communications Applications 7.3.6
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.3.6
|
7.3.6 | |
|
Oracle Communications Applications 8.1.0.2.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.1.0.2.0
|
8.1.0.2.0 | |
|
Oracle Communications Applications 6.3.1
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:6.3.1
|
6.3.1 | |
|
Oracle Communications Applications 7.4.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.4.0
|
7.4.0 | |
|
Oracle Communications Applications 12.0.6.0.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:12.0.6.0.0
|
12.0.6.0.0 | |
|
Oracle Communications Applications 7.4.1
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.4.1
|
7.4.1 | |
|
Oracle Communications Applications 6.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:6.0
|
6 | |
|
Oracle Communications Applications 7.6.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.6.0
|
7.6.0 | |
|
Oracle Communications Applications 7.7.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.7.0
|
7.7.0 |
Last affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Applications <=6.1
Oracle / Communications Applications
|
<=6.1 | ||
|
Oracle Communications Applications <=15.0.1.0.0
Oracle / Communications Applications
|
<=15.0.1.0.0 | ||
|
Oracle Communications Applications <=12.0.0.8.0
Oracle / Communications Applications
|
<=12.0.0.8.0 | ||
|
Oracle Communications Applications <=7.5.1
Oracle / Communications Applications
|
<=7.5.1 | ||
|
Oracle Communications Applications <=7.4.2
Oracle / Communications Applications
|
<=7.4.2 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Applications 15.0.0.0.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications Applications 7.5.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.5.0
|
7.5.0 | |
|
Oracle Communications Applications 8.1.0.26.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.1.0.26.0
|
8.1.0.26.0 | |
|
Oracle Communications Applications 8.0.0.4.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.0.0.4.0
|
8.0.0.4.0 | |
|
Oracle Communications Applications 7.3.6
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.3.6
|
7.3.6 | |
|
Oracle Communications Applications 8.1.0.2.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.1.0.2.0
|
8.1.0.2.0 | |
|
Oracle Communications Applications 6.3.1
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:6.3.1
|
6.3.1 | |
|
Oracle Communications Applications 7.4.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.4.0
|
7.4.0 | |
|
Oracle Communications Applications 12.0.6.0.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:12.0.6.0.0
|
12.0.6.0.0 | |
|
Oracle Communications Applications 7.4.1
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.4.1
|
7.4.1 | |
|
Oracle Communications Applications 6.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:6.0
|
6 | |
|
Oracle Communications Applications 7.6.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.6.0
|
7.6.0 | |
|
Oracle Communications Applications 7.7.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.7.0
|
7.7.0 |
Last affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Applications <=6.1
Oracle / Communications Applications
|
<=6.1 | ||
|
Oracle Communications Applications <=15.0.1.0.0
Oracle / Communications Applications
|
<=15.0.1.0.0 | ||
|
Oracle Communications Applications <=12.0.0.8.0
Oracle / Communications Applications
|
<=12.0.0.8.0 | ||
|
Oracle Communications Applications <=7.5.1
Oracle / Communications Applications
|
<=7.5.1 | ||
|
Oracle Communications Applications <=7.4.2
Oracle / Communications Applications
|
<=7.4.2 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Applications 15.0.0.0.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications Applications 7.5.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.5.0
|
7.5.0 | |
|
Oracle Communications Applications 8.1.0.26.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.1.0.26.0
|
8.1.0.26.0 | |
|
Oracle Communications Applications 8.0.0.4.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.0.0.4.0
|
8.0.0.4.0 | |
|
Oracle Communications Applications 7.3.6
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.3.6
|
7.3.6 | |
|
Oracle Communications Applications 8.1.0.2.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.1.0.2.0
|
8.1.0.2.0 | |
|
Oracle Communications Applications 6.3.1
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:6.3.1
|
6.3.1 | |
|
Oracle Communications Applications 7.4.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.4.0
|
7.4.0 | |
|
Oracle Communications Applications 12.0.6.0.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:12.0.6.0.0
|
12.0.6.0.0 | |
|
Oracle Communications Applications 7.4.1
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.4.1
|
7.4.1 | |
|
Oracle Communications Applications 6.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:6.0
|
6 | |
|
Oracle Communications Applications 7.6.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.6.0
|
7.6.0 | |
|
Oracle Communications Applications 7.7.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.7.0
|
7.7.0 |
Last affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Applications <=6.1
Oracle / Communications Applications
|
<=6.1 | ||
|
Oracle Communications Applications <=15.0.1.0.0
Oracle / Communications Applications
|
<=15.0.1.0.0 | ||
|
Oracle Communications Applications <=12.0.0.8.0
Oracle / Communications Applications
|
<=12.0.0.8.0 | ||
|
Oracle Communications Applications <=7.5.1
Oracle / Communications Applications
|
<=7.5.1 | ||
|
Oracle Communications Applications <=7.4.2
Oracle / Communications Applications
|
<=7.4.2 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Applications 15.0.0.0.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications Applications 7.5.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.5.0
|
7.5.0 | |
|
Oracle Communications Applications 8.1.0.26.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.1.0.26.0
|
8.1.0.26.0 | |
|
Oracle Communications Applications 8.0.0.4.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.0.0.4.0
|
8.0.0.4.0 | |
|
Oracle Communications Applications 7.3.6
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.3.6
|
7.3.6 | |
|
Oracle Communications Applications 8.1.0.2.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.1.0.2.0
|
8.1.0.2.0 | |
|
Oracle Communications Applications 6.3.1
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:6.3.1
|
6.3.1 | |
|
Oracle Communications Applications 7.4.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.4.0
|
7.4.0 | |
|
Oracle Communications Applications 12.0.6.0.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:12.0.6.0.0
|
12.0.6.0.0 | |
|
Oracle Communications Applications 7.4.1
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.4.1
|
7.4.1 | |
|
Oracle Communications Applications 6.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:6.0
|
6 | |
|
Oracle Communications Applications 7.6.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.6.0
|
7.6.0 | |
|
Oracle Communications Applications 7.7.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.7.0
|
7.7.0 |
Last affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Applications <=6.1
Oracle / Communications Applications
|
<=6.1 | ||
|
Oracle Communications Applications <=15.0.1.0.0
Oracle / Communications Applications
|
<=15.0.1.0.0 | ||
|
Oracle Communications Applications <=12.0.0.8.0
Oracle / Communications Applications
|
<=12.0.0.8.0 | ||
|
Oracle Communications Applications <=7.5.1
Oracle / Communications Applications
|
<=7.5.1 | ||
|
Oracle Communications Applications <=7.4.2
Oracle / Communications Applications
|
<=7.4.2 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Applications 15.0.0.0.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications Applications 7.5.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.5.0
|
7.5.0 | |
|
Oracle Communications Applications 8.1.0.26.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.1.0.26.0
|
8.1.0.26.0 | |
|
Oracle Communications Applications 8.0.0.4.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.0.0.4.0
|
8.0.0.4.0 | |
|
Oracle Communications Applications 7.3.6
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.3.6
|
7.3.6 | |
|
Oracle Communications Applications 8.1.0.2.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.1.0.2.0
|
8.1.0.2.0 | |
|
Oracle Communications Applications 6.3.1
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:6.3.1
|
6.3.1 | |
|
Oracle Communications Applications 7.4.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.4.0
|
7.4.0 | |
|
Oracle Communications Applications 12.0.6.0.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:12.0.6.0.0
|
12.0.6.0.0 | |
|
Oracle Communications Applications 7.4.1
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.4.1
|
7.4.1 | |
|
Oracle Communications Applications 6.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:6.0
|
6 | |
|
Oracle Communications Applications 7.6.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.6.0
|
7.6.0 | |
|
Oracle Communications Applications 7.7.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.7.0
|
7.7.0 |
Last affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Applications <=6.1
Oracle / Communications Applications
|
<=6.1 | ||
|
Oracle Communications Applications <=15.0.1.0.0
Oracle / Communications Applications
|
<=15.0.1.0.0 | ||
|
Oracle Communications Applications <=12.0.0.8.0
Oracle / Communications Applications
|
<=12.0.0.8.0 | ||
|
Oracle Communications Applications <=7.5.1
Oracle / Communications Applications
|
<=7.5.1 | ||
|
Oracle Communications Applications <=7.4.2
Oracle / Communications Applications
|
<=7.4.2 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Applications 15.0.0.0.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications Applications 7.5.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.5.0
|
7.5.0 | |
|
Oracle Communications Applications 8.1.0.26.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.1.0.26.0
|
8.1.0.26.0 | |
|
Oracle Communications Applications 8.0.0.4.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.0.0.4.0
|
8.0.0.4.0 | |
|
Oracle Communications Applications 7.3.6
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.3.6
|
7.3.6 | |
|
Oracle Communications Applications 8.1.0.2.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.1.0.2.0
|
8.1.0.2.0 | |
|
Oracle Communications Applications 6.3.1
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:6.3.1
|
6.3.1 | |
|
Oracle Communications Applications 7.4.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.4.0
|
7.4.0 | |
|
Oracle Communications Applications 12.0.6.0.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:12.0.6.0.0
|
12.0.6.0.0 | |
|
Oracle Communications Applications 7.4.1
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.4.1
|
7.4.1 | |
|
Oracle Communications Applications 6.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:6.0
|
6 | |
|
Oracle Communications Applications 7.6.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.6.0
|
7.6.0 | |
|
Oracle Communications Applications 7.7.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.7.0
|
7.7.0 |
Last affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Applications <=6.1
Oracle / Communications Applications
|
<=6.1 | ||
|
Oracle Communications Applications <=15.0.1.0.0
Oracle / Communications Applications
|
<=15.0.1.0.0 | ||
|
Oracle Communications Applications <=12.0.0.8.0
Oracle / Communications Applications
|
<=12.0.0.8.0 | ||
|
Oracle Communications Applications <=7.5.1
Oracle / Communications Applications
|
<=7.5.1 | ||
|
Oracle Communications Applications <=7.4.2
Oracle / Communications Applications
|
<=7.4.2 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Applications 15.0.0.0.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications Applications 7.5.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.5.0
|
7.5.0 | |
|
Oracle Communications Applications 8.1.0.26.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.1.0.26.0
|
8.1.0.26.0 | |
|
Oracle Communications Applications 8.0.0.4.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.0.0.4.0
|
8.0.0.4.0 | |
|
Oracle Communications Applications 7.3.6
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.3.6
|
7.3.6 | |
|
Oracle Communications Applications 8.1.0.2.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.1.0.2.0
|
8.1.0.2.0 | |
|
Oracle Communications Applications 6.3.1
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:6.3.1
|
6.3.1 | |
|
Oracle Communications Applications 7.4.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.4.0
|
7.4.0 | |
|
Oracle Communications Applications 12.0.6.0.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:12.0.6.0.0
|
12.0.6.0.0 | |
|
Oracle Communications Applications 7.4.1
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.4.1
|
7.4.1 | |
|
Oracle Communications Applications 6.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:6.0
|
6 | |
|
Oracle Communications Applications 7.6.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.6.0
|
7.6.0 | |
|
Oracle Communications Applications 7.7.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.7.0
|
7.7.0 |
Last affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Applications <=6.1
Oracle / Communications Applications
|
<=6.1 | ||
|
Oracle Communications Applications <=15.0.1.0.0
Oracle / Communications Applications
|
<=15.0.1.0.0 | ||
|
Oracle Communications Applications <=12.0.0.8.0
Oracle / Communications Applications
|
<=12.0.0.8.0 | ||
|
Oracle Communications Applications <=7.5.1
Oracle / Communications Applications
|
<=7.5.1 | ||
|
Oracle Communications Applications <=7.4.2
Oracle / Communications Applications
|
<=7.4.2 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Applications 15.0.0.0.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications Applications 7.5.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.5.0
|
7.5.0 | |
|
Oracle Communications Applications 8.1.0.26.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.1.0.26.0
|
8.1.0.26.0 | |
|
Oracle Communications Applications 8.0.0.4.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.0.0.4.0
|
8.0.0.4.0 | |
|
Oracle Communications Applications 7.3.6
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.3.6
|
7.3.6 | |
|
Oracle Communications Applications 8.1.0.2.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.1.0.2.0
|
8.1.0.2.0 | |
|
Oracle Communications Applications 6.3.1
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:6.3.1
|
6.3.1 | |
|
Oracle Communications Applications 7.4.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.4.0
|
7.4.0 | |
|
Oracle Communications Applications 12.0.6.0.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:12.0.6.0.0
|
12.0.6.0.0 | |
|
Oracle Communications Applications 7.4.1
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.4.1
|
7.4.1 | |
|
Oracle Communications Applications 6.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:6.0
|
6 | |
|
Oracle Communications Applications 7.6.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.6.0
|
7.6.0 | |
|
Oracle Communications Applications 7.7.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.7.0
|
7.7.0 |
Last affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Applications <=6.1
Oracle / Communications Applications
|
<=6.1 | ||
|
Oracle Communications Applications <=15.0.1.0.0
Oracle / Communications Applications
|
<=15.0.1.0.0 | ||
|
Oracle Communications Applications <=12.0.0.8.0
Oracle / Communications Applications
|
<=12.0.0.8.0 | ||
|
Oracle Communications Applications <=7.5.1
Oracle / Communications Applications
|
<=7.5.1 | ||
|
Oracle Communications Applications <=7.4.2
Oracle / Communications Applications
|
<=7.4.2 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Applications 15.0.0.0.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications Applications 7.5.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.5.0
|
7.5.0 | |
|
Oracle Communications Applications 8.1.0.26.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.1.0.26.0
|
8.1.0.26.0 | |
|
Oracle Communications Applications 8.0.0.4.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.0.0.4.0
|
8.0.0.4.0 | |
|
Oracle Communications Applications 7.3.6
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.3.6
|
7.3.6 | |
|
Oracle Communications Applications 8.1.0.2.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.1.0.2.0
|
8.1.0.2.0 | |
|
Oracle Communications Applications 6.3.1
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:6.3.1
|
6.3.1 | |
|
Oracle Communications Applications 7.4.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.4.0
|
7.4.0 | |
|
Oracle Communications Applications 12.0.6.0.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:12.0.6.0.0
|
12.0.6.0.0 | |
|
Oracle Communications Applications 7.4.1
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.4.1
|
7.4.1 | |
|
Oracle Communications Applications 6.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:6.0
|
6 | |
|
Oracle Communications Applications 7.6.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.6.0
|
7.6.0 | |
|
Oracle Communications Applications 7.7.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.7.0
|
7.7.0 |
Last affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Applications <=6.1
Oracle / Communications Applications
|
<=6.1 | ||
|
Oracle Communications Applications <=15.0.1.0.0
Oracle / Communications Applications
|
<=15.0.1.0.0 | ||
|
Oracle Communications Applications <=12.0.0.8.0
Oracle / Communications Applications
|
<=12.0.0.8.0 | ||
|
Oracle Communications Applications <=7.5.1
Oracle / Communications Applications
|
<=7.5.1 | ||
|
Oracle Communications Applications <=7.4.2
Oracle / Communications Applications
|
<=7.4.2 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Applications 15.0.0.0.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications Applications 7.5.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.5.0
|
7.5.0 | |
|
Oracle Communications Applications 8.1.0.26.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.1.0.26.0
|
8.1.0.26.0 | |
|
Oracle Communications Applications 8.0.0.4.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.0.0.4.0
|
8.0.0.4.0 | |
|
Oracle Communications Applications 7.3.6
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.3.6
|
7.3.6 | |
|
Oracle Communications Applications 8.1.0.2.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.1.0.2.0
|
8.1.0.2.0 | |
|
Oracle Communications Applications 6.3.1
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:6.3.1
|
6.3.1 | |
|
Oracle Communications Applications 7.4.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.4.0
|
7.4.0 | |
|
Oracle Communications Applications 12.0.6.0.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:12.0.6.0.0
|
12.0.6.0.0 | |
|
Oracle Communications Applications 7.4.1
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.4.1
|
7.4.1 | |
|
Oracle Communications Applications 6.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:6.0
|
6 | |
|
Oracle Communications Applications 7.6.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.6.0
|
7.6.0 | |
|
Oracle Communications Applications 7.7.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.7.0
|
7.7.0 |
Last affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Applications <=6.1
Oracle / Communications Applications
|
<=6.1 | ||
|
Oracle Communications Applications <=15.0.1.0.0
Oracle / Communications Applications
|
<=15.0.1.0.0 | ||
|
Oracle Communications Applications <=12.0.0.8.0
Oracle / Communications Applications
|
<=12.0.0.8.0 | ||
|
Oracle Communications Applications <=7.5.1
Oracle / Communications Applications
|
<=7.5.1 | ||
|
Oracle Communications Applications <=7.4.2
Oracle / Communications Applications
|
<=7.4.2 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Applications 15.0.0.0.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications Applications 7.5.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.5.0
|
7.5.0 | |
|
Oracle Communications Applications 8.1.0.26.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.1.0.26.0
|
8.1.0.26.0 | |
|
Oracle Communications Applications 8.0.0.4.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.0.0.4.0
|
8.0.0.4.0 | |
|
Oracle Communications Applications 7.3.6
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.3.6
|
7.3.6 | |
|
Oracle Communications Applications 8.1.0.2.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.1.0.2.0
|
8.1.0.2.0 | |
|
Oracle Communications Applications 6.3.1
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:6.3.1
|
6.3.1 | |
|
Oracle Communications Applications 7.4.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.4.0
|
7.4.0 | |
|
Oracle Communications Applications 12.0.6.0.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:12.0.6.0.0
|
12.0.6.0.0 | |
|
Oracle Communications Applications 7.4.1
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.4.1
|
7.4.1 | |
|
Oracle Communications Applications 6.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:6.0
|
6 | |
|
Oracle Communications Applications 7.6.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.6.0
|
7.6.0 | |
|
Oracle Communications Applications 7.7.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.7.0
|
7.7.0 |
Last affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Applications <=6.1
Oracle / Communications Applications
|
<=6.1 | ||
|
Oracle Communications Applications <=15.0.1.0.0
Oracle / Communications Applications
|
<=15.0.1.0.0 | ||
|
Oracle Communications Applications <=12.0.0.8.0
Oracle / Communications Applications
|
<=12.0.0.8.0 | ||
|
Oracle Communications Applications <=7.5.1
Oracle / Communications Applications
|
<=7.5.1 | ||
|
Oracle Communications Applications <=7.4.2
Oracle / Communications Applications
|
<=7.4.2 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Applications 15.0.0.0.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications Applications 7.5.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.5.0
|
7.5.0 | |
|
Oracle Communications Applications 8.1.0.26.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.1.0.26.0
|
8.1.0.26.0 | |
|
Oracle Communications Applications 8.0.0.4.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.0.0.4.0
|
8.0.0.4.0 | |
|
Oracle Communications Applications 7.3.6
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.3.6
|
7.3.6 | |
|
Oracle Communications Applications 8.1.0.2.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.1.0.2.0
|
8.1.0.2.0 | |
|
Oracle Communications Applications 6.3.1
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:6.3.1
|
6.3.1 | |
|
Oracle Communications Applications 7.4.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.4.0
|
7.4.0 | |
|
Oracle Communications Applications 12.0.6.0.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:12.0.6.0.0
|
12.0.6.0.0 | |
|
Oracle Communications Applications 7.4.1
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.4.1
|
7.4.1 | |
|
Oracle Communications Applications 6.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:6.0
|
6 | |
|
Oracle Communications Applications 7.6.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.6.0
|
7.6.0 | |
|
Oracle Communications Applications 7.7.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.7.0
|
7.7.0 |
Last affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Applications <=6.1
Oracle / Communications Applications
|
<=6.1 | ||
|
Oracle Communications Applications <=15.0.1.0.0
Oracle / Communications Applications
|
<=15.0.1.0.0 | ||
|
Oracle Communications Applications <=12.0.0.8.0
Oracle / Communications Applications
|
<=12.0.0.8.0 | ||
|
Oracle Communications Applications <=7.5.1
Oracle / Communications Applications
|
<=7.5.1 | ||
|
Oracle Communications Applications <=7.4.2
Oracle / Communications Applications
|
<=7.4.2 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Applications 15.0.0.0.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications Applications 7.5.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.5.0
|
7.5.0 | |
|
Oracle Communications Applications 8.1.0.26.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.1.0.26.0
|
8.1.0.26.0 | |
|
Oracle Communications Applications 8.0.0.4.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.0.0.4.0
|
8.0.0.4.0 | |
|
Oracle Communications Applications 7.3.6
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.3.6
|
7.3.6 | |
|
Oracle Communications Applications 8.1.0.2.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.1.0.2.0
|
8.1.0.2.0 | |
|
Oracle Communications Applications 6.3.1
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:6.3.1
|
6.3.1 | |
|
Oracle Communications Applications 7.4.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.4.0
|
7.4.0 | |
|
Oracle Communications Applications 12.0.6.0.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:12.0.6.0.0
|
12.0.6.0.0 | |
|
Oracle Communications Applications 7.4.1
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.4.1
|
7.4.1 | |
|
Oracle Communications Applications 6.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:6.0
|
6 | |
|
Oracle Communications Applications 7.6.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.6.0
|
7.6.0 | |
|
Oracle Communications Applications 7.7.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.7.0
|
7.7.0 |
Last affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Applications <=6.1
Oracle / Communications Applications
|
<=6.1 | ||
|
Oracle Communications Applications <=15.0.1.0.0
Oracle / Communications Applications
|
<=15.0.1.0.0 | ||
|
Oracle Communications Applications <=12.0.0.8.0
Oracle / Communications Applications
|
<=12.0.0.8.0 | ||
|
Oracle Communications Applications <=7.5.1
Oracle / Communications Applications
|
<=7.5.1 | ||
|
Oracle Communications Applications <=7.4.2
Oracle / Communications Applications
|
<=7.4.2 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Applications 15.0.0.0.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications Applications 7.5.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.5.0
|
7.5.0 | |
|
Oracle Communications Applications 8.1.0.26.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.1.0.26.0
|
8.1.0.26.0 | |
|
Oracle Communications Applications 8.0.0.4.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.0.0.4.0
|
8.0.0.4.0 | |
|
Oracle Communications Applications 7.3.6
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.3.6
|
7.3.6 | |
|
Oracle Communications Applications 8.1.0.2.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.1.0.2.0
|
8.1.0.2.0 | |
|
Oracle Communications Applications 6.3.1
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:6.3.1
|
6.3.1 | |
|
Oracle Communications Applications 7.4.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.4.0
|
7.4.0 | |
|
Oracle Communications Applications 12.0.6.0.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:12.0.6.0.0
|
12.0.6.0.0 | |
|
Oracle Communications Applications 7.4.1
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.4.1
|
7.4.1 | |
|
Oracle Communications Applications 6.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:6.0
|
6 | |
|
Oracle Communications Applications 7.6.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.6.0
|
7.6.0 | |
|
Oracle Communications Applications 7.7.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.7.0
|
7.7.0 |
Last affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Applications <=6.1
Oracle / Communications Applications
|
<=6.1 | ||
|
Oracle Communications Applications <=15.0.1.0.0
Oracle / Communications Applications
|
<=15.0.1.0.0 | ||
|
Oracle Communications Applications <=12.0.0.8.0
Oracle / Communications Applications
|
<=12.0.0.8.0 | ||
|
Oracle Communications Applications <=7.5.1
Oracle / Communications Applications
|
<=7.5.1 | ||
|
Oracle Communications Applications <=7.4.2
Oracle / Communications Applications
|
<=7.4.2 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Applications 15.0.0.0.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications Applications 7.5.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.5.0
|
7.5.0 | |
|
Oracle Communications Applications 8.1.0.26.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.1.0.26.0
|
8.1.0.26.0 | |
|
Oracle Communications Applications 8.0.0.4.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.0.0.4.0
|
8.0.0.4.0 | |
|
Oracle Communications Applications 7.3.6
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.3.6
|
7.3.6 | |
|
Oracle Communications Applications 8.1.0.2.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.1.0.2.0
|
8.1.0.2.0 | |
|
Oracle Communications Applications 6.3.1
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:6.3.1
|
6.3.1 | |
|
Oracle Communications Applications 7.4.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.4.0
|
7.4.0 | |
|
Oracle Communications Applications 12.0.6.0.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:12.0.6.0.0
|
12.0.6.0.0 | |
|
Oracle Communications Applications 7.4.1
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.4.1
|
7.4.1 | |
|
Oracle Communications Applications 6.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:6.0
|
6 | |
|
Oracle Communications Applications 7.6.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.6.0
|
7.6.0 | |
|
Oracle Communications Applications 7.7.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.7.0
|
7.7.0 |
Last affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Applications <=6.1
Oracle / Communications Applications
|
<=6.1 | ||
|
Oracle Communications Applications <=15.0.1.0.0
Oracle / Communications Applications
|
<=15.0.1.0.0 | ||
|
Oracle Communications Applications <=12.0.0.8.0
Oracle / Communications Applications
|
<=12.0.0.8.0 | ||
|
Oracle Communications Applications <=7.5.1
Oracle / Communications Applications
|
<=7.5.1 | ||
|
Oracle Communications Applications <=7.4.2
Oracle / Communications Applications
|
<=7.4.2 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Applications 15.0.0.0.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications Applications 7.5.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.5.0
|
7.5.0 | |
|
Oracle Communications Applications 8.1.0.26.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.1.0.26.0
|
8.1.0.26.0 | |
|
Oracle Communications Applications 8.0.0.4.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.0.0.4.0
|
8.0.0.4.0 | |
|
Oracle Communications Applications 7.3.6
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.3.6
|
7.3.6 | |
|
Oracle Communications Applications 8.1.0.2.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.1.0.2.0
|
8.1.0.2.0 | |
|
Oracle Communications Applications 6.3.1
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:6.3.1
|
6.3.1 | |
|
Oracle Communications Applications 7.4.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.4.0
|
7.4.0 | |
|
Oracle Communications Applications 12.0.6.0.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:12.0.6.0.0
|
12.0.6.0.0 | |
|
Oracle Communications Applications 7.4.1
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.4.1
|
7.4.1 | |
|
Oracle Communications Applications 6.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:6.0
|
6 | |
|
Oracle Communications Applications 7.6.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.6.0
|
7.6.0 | |
|
Oracle Communications Applications 7.7.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.7.0
|
7.7.0 |
Last affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Applications <=6.1
Oracle / Communications Applications
|
<=6.1 | ||
|
Oracle Communications Applications <=15.0.1.0.0
Oracle / Communications Applications
|
<=15.0.1.0.0 | ||
|
Oracle Communications Applications <=12.0.0.8.0
Oracle / Communications Applications
|
<=12.0.0.8.0 | ||
|
Oracle Communications Applications <=7.5.1
Oracle / Communications Applications
|
<=7.5.1 | ||
|
Oracle Communications Applications <=7.4.2
Oracle / Communications Applications
|
<=7.4.2 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Applications 15.0.0.0.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications Applications 7.5.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.5.0
|
7.5.0 | |
|
Oracle Communications Applications 8.1.0.26.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.1.0.26.0
|
8.1.0.26.0 | |
|
Oracle Communications Applications 8.0.0.4.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.0.0.4.0
|
8.0.0.4.0 | |
|
Oracle Communications Applications 7.3.6
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.3.6
|
7.3.6 | |
|
Oracle Communications Applications 8.1.0.2.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.1.0.2.0
|
8.1.0.2.0 | |
|
Oracle Communications Applications 6.3.1
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:6.3.1
|
6.3.1 | |
|
Oracle Communications Applications 7.4.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.4.0
|
7.4.0 | |
|
Oracle Communications Applications 12.0.6.0.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:12.0.6.0.0
|
12.0.6.0.0 | |
|
Oracle Communications Applications 7.4.1
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.4.1
|
7.4.1 | |
|
Oracle Communications Applications 6.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:6.0
|
6 | |
|
Oracle Communications Applications 7.6.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.6.0
|
7.6.0 | |
|
Oracle Communications Applications 7.7.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.7.0
|
7.7.0 |
Last affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Applications <=6.1
Oracle / Communications Applications
|
<=6.1 | ||
|
Oracle Communications Applications <=15.0.1.0.0
Oracle / Communications Applications
|
<=15.0.1.0.0 | ||
|
Oracle Communications Applications <=12.0.0.8.0
Oracle / Communications Applications
|
<=12.0.0.8.0 | ||
|
Oracle Communications Applications <=7.5.1
Oracle / Communications Applications
|
<=7.5.1 | ||
|
Oracle Communications Applications <=7.4.2
Oracle / Communications Applications
|
<=7.4.2 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Applications 15.0.0.0.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications Applications 7.5.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.5.0
|
7.5.0 | |
|
Oracle Communications Applications 8.1.0.26.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.1.0.26.0
|
8.1.0.26.0 | |
|
Oracle Communications Applications 8.0.0.4.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.0.0.4.0
|
8.0.0.4.0 | |
|
Oracle Communications Applications 7.3.6
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.3.6
|
7.3.6 | |
|
Oracle Communications Applications 8.1.0.2.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.1.0.2.0
|
8.1.0.2.0 | |
|
Oracle Communications Applications 6.3.1
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:6.3.1
|
6.3.1 | |
|
Oracle Communications Applications 7.4.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.4.0
|
7.4.0 | |
|
Oracle Communications Applications 12.0.6.0.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:12.0.6.0.0
|
12.0.6.0.0 | |
|
Oracle Communications Applications 7.4.1
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.4.1
|
7.4.1 | |
|
Oracle Communications Applications 6.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:6.0
|
6 | |
|
Oracle Communications Applications 7.6.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.6.0
|
7.6.0 | |
|
Oracle Communications Applications 7.7.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.7.0
|
7.7.0 |
Last affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Applications <=6.1
Oracle / Communications Applications
|
<=6.1 | ||
|
Oracle Communications Applications <=15.0.1.0.0
Oracle / Communications Applications
|
<=15.0.1.0.0 | ||
|
Oracle Communications Applications <=12.0.0.8.0
Oracle / Communications Applications
|
<=12.0.0.8.0 | ||
|
Oracle Communications Applications <=7.5.1
Oracle / Communications Applications
|
<=7.5.1 | ||
|
Oracle Communications Applications <=7.4.2
Oracle / Communications Applications
|
<=7.4.2 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Applications 15.0.0.0.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications Applications 7.5.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.5.0
|
7.5.0 | |
|
Oracle Communications Applications 8.1.0.26.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.1.0.26.0
|
8.1.0.26.0 | |
|
Oracle Communications Applications 8.0.0.4.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.0.0.4.0
|
8.0.0.4.0 | |
|
Oracle Communications Applications 7.3.6
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.3.6
|
7.3.6 | |
|
Oracle Communications Applications 8.1.0.2.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.1.0.2.0
|
8.1.0.2.0 | |
|
Oracle Communications Applications 6.3.1
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:6.3.1
|
6.3.1 | |
|
Oracle Communications Applications 7.4.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.4.0
|
7.4.0 | |
|
Oracle Communications Applications 12.0.6.0.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:12.0.6.0.0
|
12.0.6.0.0 | |
|
Oracle Communications Applications 7.4.1
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.4.1
|
7.4.1 | |
|
Oracle Communications Applications 6.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:6.0
|
6 | |
|
Oracle Communications Applications 7.6.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.6.0
|
7.6.0 | |
|
Oracle Communications Applications 7.7.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.7.0
|
7.7.0 |
Last affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Applications <=6.1
Oracle / Communications Applications
|
<=6.1 | ||
|
Oracle Communications Applications <=15.0.1.0.0
Oracle / Communications Applications
|
<=15.0.1.0.0 | ||
|
Oracle Communications Applications <=12.0.0.8.0
Oracle / Communications Applications
|
<=12.0.0.8.0 | ||
|
Oracle Communications Applications <=7.5.1
Oracle / Communications Applications
|
<=7.5.1 | ||
|
Oracle Communications Applications <=7.4.2
Oracle / Communications Applications
|
<=7.4.2 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Applications 15.0.0.0.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications Applications 7.5.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.5.0
|
7.5.0 | |
|
Oracle Communications Applications 8.1.0.26.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.1.0.26.0
|
8.1.0.26.0 | |
|
Oracle Communications Applications 8.0.0.4.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.0.0.4.0
|
8.0.0.4.0 | |
|
Oracle Communications Applications 7.3.6
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.3.6
|
7.3.6 | |
|
Oracle Communications Applications 8.1.0.2.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.1.0.2.0
|
8.1.0.2.0 | |
|
Oracle Communications Applications 6.3.1
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:6.3.1
|
6.3.1 | |
|
Oracle Communications Applications 7.4.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.4.0
|
7.4.0 | |
|
Oracle Communications Applications 12.0.6.0.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:12.0.6.0.0
|
12.0.6.0.0 | |
|
Oracle Communications Applications 7.4.1
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.4.1
|
7.4.1 | |
|
Oracle Communications Applications 6.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:6.0
|
6 | |
|
Oracle Communications Applications 7.6.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.6.0
|
7.6.0 | |
|
Oracle Communications Applications 7.7.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.7.0
|
7.7.0 |
Last affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Applications <=6.1
Oracle / Communications Applications
|
<=6.1 | ||
|
Oracle Communications Applications <=15.0.1.0.0
Oracle / Communications Applications
|
<=15.0.1.0.0 | ||
|
Oracle Communications Applications <=12.0.0.8.0
Oracle / Communications Applications
|
<=12.0.0.8.0 | ||
|
Oracle Communications Applications <=7.5.1
Oracle / Communications Applications
|
<=7.5.1 | ||
|
Oracle Communications Applications <=7.4.2
Oracle / Communications Applications
|
<=7.4.2 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Applications 15.0.0.0.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications Applications 7.5.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.5.0
|
7.5.0 | |
|
Oracle Communications Applications 8.1.0.26.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.1.0.26.0
|
8.1.0.26.0 | |
|
Oracle Communications Applications 8.0.0.4.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.0.0.4.0
|
8.0.0.4.0 | |
|
Oracle Communications Applications 7.3.6
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.3.6
|
7.3.6 | |
|
Oracle Communications Applications 8.1.0.2.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.1.0.2.0
|
8.1.0.2.0 | |
|
Oracle Communications Applications 6.3.1
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:6.3.1
|
6.3.1 | |
|
Oracle Communications Applications 7.4.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.4.0
|
7.4.0 | |
|
Oracle Communications Applications 12.0.6.0.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:12.0.6.0.0
|
12.0.6.0.0 | |
|
Oracle Communications Applications 7.4.1
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.4.1
|
7.4.1 | |
|
Oracle Communications Applications 6.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:6.0
|
6 | |
|
Oracle Communications Applications 7.6.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.6.0
|
7.6.0 | |
|
Oracle Communications Applications 7.7.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.7.0
|
7.7.0 |
Last affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Applications <=6.1
Oracle / Communications Applications
|
<=6.1 | ||
|
Oracle Communications Applications <=15.0.1.0.0
Oracle / Communications Applications
|
<=15.0.1.0.0 | ||
|
Oracle Communications Applications <=12.0.0.8.0
Oracle / Communications Applications
|
<=12.0.0.8.0 | ||
|
Oracle Communications Applications <=7.5.1
Oracle / Communications Applications
|
<=7.5.1 | ||
|
Oracle Communications Applications <=7.4.2
Oracle / Communications Applications
|
<=7.4.2 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Applications 15.0.0.0.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications Applications 7.5.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.5.0
|
7.5.0 | |
|
Oracle Communications Applications 8.1.0.26.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.1.0.26.0
|
8.1.0.26.0 | |
|
Oracle Communications Applications 8.0.0.4.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.0.0.4.0
|
8.0.0.4.0 | |
|
Oracle Communications Applications 7.3.6
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.3.6
|
7.3.6 | |
|
Oracle Communications Applications 8.1.0.2.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.1.0.2.0
|
8.1.0.2.0 | |
|
Oracle Communications Applications 6.3.1
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:6.3.1
|
6.3.1 | |
|
Oracle Communications Applications 7.4.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.4.0
|
7.4.0 | |
|
Oracle Communications Applications 12.0.6.0.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:12.0.6.0.0
|
12.0.6.0.0 | |
|
Oracle Communications Applications 7.4.1
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.4.1
|
7.4.1 | |
|
Oracle Communications Applications 6.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:6.0
|
6 | |
|
Oracle Communications Applications 7.6.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.6.0
|
7.6.0 | |
|
Oracle Communications Applications 7.7.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.7.0
|
7.7.0 |
Last affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Applications <=6.1
Oracle / Communications Applications
|
<=6.1 | ||
|
Oracle Communications Applications <=15.0.1.0.0
Oracle / Communications Applications
|
<=15.0.1.0.0 | ||
|
Oracle Communications Applications <=12.0.0.8.0
Oracle / Communications Applications
|
<=12.0.0.8.0 | ||
|
Oracle Communications Applications <=7.5.1
Oracle / Communications Applications
|
<=7.5.1 | ||
|
Oracle Communications Applications <=7.4.2
Oracle / Communications Applications
|
<=7.4.2 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Applications 15.0.0.0.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications Applications 7.5.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.5.0
|
7.5.0 | |
|
Oracle Communications Applications 8.1.0.26.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.1.0.26.0
|
8.1.0.26.0 | |
|
Oracle Communications Applications 8.0.0.4.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.0.0.4.0
|
8.0.0.4.0 | |
|
Oracle Communications Applications 7.3.6
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.3.6
|
7.3.6 | |
|
Oracle Communications Applications 8.1.0.2.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.1.0.2.0
|
8.1.0.2.0 | |
|
Oracle Communications Applications 6.3.1
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:6.3.1
|
6.3.1 | |
|
Oracle Communications Applications 7.4.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.4.0
|
7.4.0 | |
|
Oracle Communications Applications 12.0.6.0.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:12.0.6.0.0
|
12.0.6.0.0 | |
|
Oracle Communications Applications 7.4.1
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.4.1
|
7.4.1 | |
|
Oracle Communications Applications 6.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:6.0
|
6 | |
|
Oracle Communications Applications 7.6.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.6.0
|
7.6.0 | |
|
Oracle Communications Applications 7.7.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.7.0
|
7.7.0 |
Last affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Applications <=6.1
Oracle / Communications Applications
|
<=6.1 | ||
|
Oracle Communications Applications <=15.0.1.0.0
Oracle / Communications Applications
|
<=15.0.1.0.0 | ||
|
Oracle Communications Applications <=12.0.0.8.0
Oracle / Communications Applications
|
<=12.0.0.8.0 | ||
|
Oracle Communications Applications <=7.5.1
Oracle / Communications Applications
|
<=7.5.1 | ||
|
Oracle Communications Applications <=7.4.2
Oracle / Communications Applications
|
<=7.4.2 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Applications 15.0.0.0.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications Applications 7.5.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.5.0
|
7.5.0 | |
|
Oracle Communications Applications 8.1.0.26.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.1.0.26.0
|
8.1.0.26.0 | |
|
Oracle Communications Applications 8.0.0.4.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.0.0.4.0
|
8.0.0.4.0 | |
|
Oracle Communications Applications 7.3.6
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.3.6
|
7.3.6 | |
|
Oracle Communications Applications 8.1.0.2.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:8.1.0.2.0
|
8.1.0.2.0 | |
|
Oracle Communications Applications 6.3.1
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:6.3.1
|
6.3.1 | |
|
Oracle Communications Applications 7.4.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.4.0
|
7.4.0 | |
|
Oracle Communications Applications 12.0.6.0.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:12.0.6.0.0
|
12.0.6.0.0 | |
|
Oracle Communications Applications 7.4.1
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.4.1
|
7.4.1 | |
|
Oracle Communications Applications 6.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:6.0
|
6 | |
|
Oracle Communications Applications 7.6.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.6.0
|
7.6.0 | |
|
Oracle Communications Applications 7.7.0
Oracle / Communications Applications
|
cpe:/a:oracle:communications_applications:7.7.0
|
7.7.0 |
Last affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Applications <=6.1
Oracle / Communications Applications
|
<=6.1 | ||
|
Oracle Communications Applications <=15.0.1.0.0
Oracle / Communications Applications
|
<=15.0.1.0.0 | ||
|
Oracle Communications Applications <=12.0.0.8.0
Oracle / Communications Applications
|
<=12.0.0.8.0 | ||
|
Oracle Communications Applications <=7.5.1
Oracle / Communications Applications
|
<=7.5.1 | ||
|
Oracle Communications Applications <=7.4.2
Oracle / Communications Applications
|
<=7.4.2 |
References
3 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Communications Applications umfasst eine Sammlung von Werkzeugen zur Verwaltung von Messaging-, Kommunikationsdiensten und -ressourcen.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Communications Applications ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-0824 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0824.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-0824 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0824"
},
{
"category": "external",
"summary": "Oracle Critical Patch Update Advisory - April 2025 - Appendix Oracle Communications Applications vom 2025-04-15",
"url": "https://www.oracle.com/security-alerts/cpuapr2025.html#AppendixCAGBU"
}
],
"source_lang": "en-US",
"title": "Oracle Communications Applications: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-04-15T22:00:00.000+00:00",
"generator": {
"date": "2025-04-16T09:16:25.183+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.12"
}
},
"id": "WID-SEC-W-2025-0824",
"initial_release_date": "2025-04-15T22:00:00.000+00:00",
"revision_history": [
{
"date": "2025-04-15T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "6.3.1",
"product": {
"name": "Oracle Communications Applications 6.3.1",
"product_id": "T018935",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_applications:6.3.1"
}
}
},
{
"category": "product_version",
"name": "7.4.0",
"product": {
"name": "Oracle Communications Applications 7.4.0",
"product_id": "T018938",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_applications:7.4.0"
}
}
},
{
"category": "product_version",
"name": "7.4.1",
"product": {
"name": "Oracle Communications Applications 7.4.1",
"product_id": "T018939",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_applications:7.4.1"
}
}
},
{
"category": "product_version",
"name": "7.3.6",
"product": {
"name": "Oracle Communications Applications 7.3.6",
"product_id": "T021635",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_applications:7.3.6"
}
}
},
{
"category": "product_version",
"name": "12.0.6.0.0",
"product": {
"name": "Oracle Communications Applications 12.0.6.0.0",
"product_id": "T027325",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_applications:12.0.6.0.0"
}
}
},
{
"category": "product_version_range",
"name": "\u003c=12.0.0.8.0",
"product": {
"name": "Oracle Communications Applications \u003c=12.0.0.8.0",
"product_id": "T028669"
}
},
{
"category": "product_version_range",
"name": "\u003c=12.0.0.8.0",
"product": {
"name": "Oracle Communications Applications \u003c=12.0.0.8.0",
"product_id": "T028669-fixed"
}
},
{
"category": "product_version",
"name": "15.0.0.0.0",
"product": {
"name": "Oracle Communications Applications 15.0.0.0.0",
"product_id": "T032084",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_applications:15.0.0.0.0"
}
}
},
{
"category": "product_version_range",
"name": "\u003c=7.4.2",
"product": {
"name": "Oracle Communications Applications \u003c=7.4.2",
"product_id": "T034254"
}
},
{
"category": "product_version_range",
"name": "\u003c=7.4.2",
"product": {
"name": "Oracle Communications Applications \u003c=7.4.2",
"product_id": "T034254-fixed"
}
},
{
"category": "product_version",
"name": "7.5.0",
"product": {
"name": "Oracle Communications Applications 7.5.0",
"product_id": "T034255",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_applications:7.5.0"
}
}
},
{
"category": "product_version_range",
"name": "\u003c=7.5.1",
"product": {
"name": "Oracle Communications Applications \u003c=7.5.1",
"product_id": "T034256"
}
},
{
"category": "product_version_range",
"name": "\u003c=7.5.1",
"product": {
"name": "Oracle Communications Applications \u003c=7.5.1",
"product_id": "T034256-fixed"
}
},
{
"category": "product_version_range",
"name": "\u003c=6.1",
"product": {
"name": "Oracle Communications Applications \u003c=6.1",
"product_id": "T042785"
}
},
{
"category": "product_version_range",
"name": "\u003c=6.1",
"product": {
"name": "Oracle Communications Applications \u003c=6.1",
"product_id": "T042785-fixed"
}
},
{
"category": "product_version_range",
"name": "\u003c=15.0.1.0.0",
"product": {
"name": "Oracle Communications Applications \u003c=15.0.1.0.0",
"product_id": "T042786"
}
},
{
"category": "product_version_range",
"name": "\u003c=15.0.1.0.0",
"product": {
"name": "Oracle Communications Applications \u003c=15.0.1.0.0",
"product_id": "T042786-fixed"
}
},
{
"category": "product_version",
"name": "8.1.0.26.0",
"product": {
"name": "Oracle Communications Applications 8.1.0.26.0",
"product_id": "T042787",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_applications:8.1.0.26.0"
}
}
},
{
"category": "product_version",
"name": "8.0.0.4.0",
"product": {
"name": "Oracle Communications Applications 8.0.0.4.0",
"product_id": "T042788",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_applications:8.0.0.4.0"
}
}
},
{
"category": "product_version",
"name": "8.1.0.2.0",
"product": {
"name": "Oracle Communications Applications 8.1.0.2.0",
"product_id": "T042789",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_applications:8.1.0.2.0"
}
}
},
{
"category": "product_version",
"name": "6",
"product": {
"name": "Oracle Communications Applications 6.0",
"product_id": "T042790",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_applications:6.0"
}
}
},
{
"category": "product_version",
"name": "7.6.0",
"product": {
"name": "Oracle Communications Applications 7.6.0",
"product_id": "T042791",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_applications:7.6.0"
}
}
},
{
"category": "product_version",
"name": "7.7.0",
"product": {
"name": "Oracle Communications Applications 7.7.0",
"product_id": "T042792",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_applications:7.7.0"
}
}
}
],
"category": "product_name",
"name": "Communications Applications"
}
],
"category": "vendor",
"name": "Oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-49582",
"product_status": {
"known_affected": [
"T032084",
"T034255",
"T042787",
"T042788",
"T021635",
"T042789",
"T018935",
"T018938",
"T027325",
"T018939",
"T042790",
"T042791",
"T042792"
],
"last_affected": [
"T042785",
"T042786",
"T028669",
"T034256",
"T034254"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2023-49582"
},
{
"cve": "CVE-2023-51074",
"product_status": {
"known_affected": [
"T032084",
"T034255",
"T042787",
"T042788",
"T021635",
"T042789",
"T018935",
"T018938",
"T027325",
"T018939",
"T042790",
"T042791",
"T042792"
],
"last_affected": [
"T042785",
"T042786",
"T028669",
"T034256",
"T034254"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2023-51074"
},
{
"cve": "CVE-2023-5388",
"product_status": {
"known_affected": [
"T032084",
"T034255",
"T042787",
"T042788",
"T021635",
"T042789",
"T018935",
"T018938",
"T027325",
"T018939",
"T042790",
"T042791",
"T042792"
],
"last_affected": [
"T042785",
"T042786",
"T028669",
"T034256",
"T034254"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2023-5388"
},
{
"cve": "CVE-2024-11053",
"product_status": {
"known_affected": [
"T032084",
"T034255",
"T042787",
"T042788",
"T021635",
"T042789",
"T018935",
"T018938",
"T027325",
"T018939",
"T042790",
"T042791",
"T042792"
],
"last_affected": [
"T042785",
"T042786",
"T028669",
"T034256",
"T034254"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2024-11053"
},
{
"cve": "CVE-2024-12798",
"product_status": {
"known_affected": [
"T032084",
"T034255",
"T042787",
"T042788",
"T021635",
"T042789",
"T018935",
"T018938",
"T027325",
"T018939",
"T042790",
"T042791",
"T042792"
],
"last_affected": [
"T042785",
"T042786",
"T028669",
"T034256",
"T034254"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2024-12798"
},
{
"cve": "CVE-2024-28168",
"product_status": {
"known_affected": [
"T032084",
"T034255",
"T042787",
"T042788",
"T021635",
"T042789",
"T018935",
"T018938",
"T027325",
"T018939",
"T042790",
"T042791",
"T042792"
],
"last_affected": [
"T042785",
"T042786",
"T028669",
"T034256",
"T034254"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2024-28168"
},
{
"cve": "CVE-2024-31141",
"product_status": {
"known_affected": [
"T032084",
"T034255",
"T042787",
"T042788",
"T021635",
"T042789",
"T018935",
"T018938",
"T027325",
"T018939",
"T042790",
"T042791",
"T042792"
],
"last_affected": [
"T042785",
"T042786",
"T028669",
"T034256",
"T034254"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2024-31141"
},
{
"cve": "CVE-2024-34064",
"product_status": {
"known_affected": [
"T032084",
"T034255",
"T042787",
"T042788",
"T021635",
"T042789",
"T018935",
"T018938",
"T027325",
"T018939",
"T042790",
"T042791",
"T042792"
],
"last_affected": [
"T042785",
"T042786",
"T028669",
"T034256",
"T034254"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2024-34064"
},
{
"cve": "CVE-2024-35195",
"product_status": {
"known_affected": [
"T032084",
"T034255",
"T042787",
"T042788",
"T021635",
"T042789",
"T018935",
"T018938",
"T027325",
"T018939",
"T042790",
"T042791",
"T042792"
],
"last_affected": [
"T042785",
"T042786",
"T028669",
"T034256",
"T034254"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2024-35195"
},
{
"cve": "CVE-2024-38819",
"product_status": {
"known_affected": [
"T032084",
"T034255",
"T042787",
"T042788",
"T021635",
"T042789",
"T018935",
"T018938",
"T027325",
"T018939",
"T042790",
"T042791",
"T042792"
],
"last_affected": [
"T042785",
"T042786",
"T028669",
"T034256",
"T034254"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2024-38819"
},
{
"cve": "CVE-2024-40896",
"product_status": {
"known_affected": [
"T032084",
"T034255",
"T042787",
"T042788",
"T021635",
"T042789",
"T018935",
"T018938",
"T027325",
"T018939",
"T042790",
"T042791",
"T042792"
],
"last_affected": [
"T042785",
"T042786",
"T028669",
"T034256",
"T034254"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2024-40896"
},
{
"cve": "CVE-2024-43709",
"product_status": {
"known_affected": [
"T032084",
"T034255",
"T042787",
"T042788",
"T021635",
"T042789",
"T018935",
"T018938",
"T027325",
"T018939",
"T042790",
"T042791",
"T042792"
],
"last_affected": [
"T042785",
"T042786",
"T028669",
"T034256",
"T034254"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2024-43709"
},
{
"cve": "CVE-2024-43796",
"product_status": {
"known_affected": [
"T032084",
"T034255",
"T042787",
"T042788",
"T021635",
"T042789",
"T018935",
"T018938",
"T027325",
"T018939",
"T042790",
"T042791",
"T042792"
],
"last_affected": [
"T042785",
"T042786",
"T028669",
"T034256",
"T034254"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2024-43796"
},
{
"cve": "CVE-2024-47072",
"product_status": {
"known_affected": [
"T032084",
"T034255",
"T042787",
"T042788",
"T021635",
"T042789",
"T018935",
"T018938",
"T027325",
"T018939",
"T042790",
"T042791",
"T042792"
],
"last_affected": [
"T042785",
"T042786",
"T028669",
"T034256",
"T034254"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2024-47072"
},
{
"cve": "CVE-2024-47554",
"product_status": {
"known_affected": [
"T032084",
"T034255",
"T042787",
"T042788",
"T021635",
"T042789",
"T018935",
"T018938",
"T027325",
"T018939",
"T042790",
"T042791",
"T042792"
],
"last_affected": [
"T042785",
"T042786",
"T028669",
"T034256",
"T034254"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2024-47554"
},
{
"cve": "CVE-2024-50602",
"product_status": {
"known_affected": [
"T032084",
"T034255",
"T042787",
"T042788",
"T021635",
"T042789",
"T018935",
"T018938",
"T027325",
"T018939",
"T042790",
"T042791",
"T042792"
],
"last_affected": [
"T042785",
"T042786",
"T028669",
"T034256",
"T034254"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2024-50602"
},
{
"cve": "CVE-2024-52046",
"product_status": {
"known_affected": [
"T032084",
"T034255",
"T042787",
"T042788",
"T021635",
"T042789",
"T018935",
"T018938",
"T027325",
"T018939",
"T042790",
"T042791",
"T042792"
],
"last_affected": [
"T042785",
"T042786",
"T028669",
"T034256",
"T034254"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2024-52046"
},
{
"cve": "CVE-2024-53122",
"product_status": {
"known_affected": [
"T032084",
"T034255",
"T042787",
"T042788",
"T021635",
"T042789",
"T018935",
"T018938",
"T027325",
"T018939",
"T042790",
"T042791",
"T042792"
],
"last_affected": [
"T042785",
"T042786",
"T028669",
"T034256",
"T034254"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2024-53122"
},
{
"cve": "CVE-2024-56128",
"product_status": {
"known_affected": [
"T032084",
"T034255",
"T042787",
"T042788",
"T021635",
"T042789",
"T018935",
"T018938",
"T027325",
"T018939",
"T042790",
"T042791",
"T042792"
],
"last_affected": [
"T042785",
"T042786",
"T028669",
"T034256",
"T034254"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2024-56128"
},
{
"cve": "CVE-2024-57699",
"product_status": {
"known_affected": [
"T032084",
"T034255",
"T042787",
"T042788",
"T021635",
"T042789",
"T018935",
"T018938",
"T027325",
"T018939",
"T042790",
"T042791",
"T042792"
],
"last_affected": [
"T042785",
"T042786",
"T028669",
"T034256",
"T034254"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2024-57699"
},
{
"cve": "CVE-2024-7254",
"product_status": {
"known_affected": [
"T032084",
"T034255",
"T042787",
"T042788",
"T021635",
"T042789",
"T018935",
"T018938",
"T027325",
"T018939",
"T042790",
"T042791",
"T042792"
],
"last_affected": [
"T042785",
"T042786",
"T028669",
"T034256",
"T034254"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2024-7254"
},
{
"cve": "CVE-2025-23084",
"product_status": {
"known_affected": [
"T032084",
"T034255",
"T042787",
"T042788",
"T021635",
"T042789",
"T018935",
"T018938",
"T027325",
"T018939",
"T042790",
"T042791",
"T042792"
],
"last_affected": [
"T042785",
"T042786",
"T028669",
"T034256",
"T034254"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2025-23084"
},
{
"cve": "CVE-2025-24813",
"product_status": {
"known_affected": [
"T032084",
"T034255",
"T042787",
"T042788",
"T021635",
"T042789",
"T018935",
"T018938",
"T027325",
"T018939",
"T042790",
"T042791",
"T042792"
],
"last_affected": [
"T042785",
"T042786",
"T028669",
"T034256",
"T034254"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2025-24813"
},
{
"cve": "CVE-2025-24970",
"product_status": {
"known_affected": [
"T032084",
"T034255",
"T042787",
"T042788",
"T021635",
"T042789",
"T018935",
"T018938",
"T027325",
"T018939",
"T042790",
"T042791",
"T042792"
],
"last_affected": [
"T042785",
"T042786",
"T028669",
"T034256",
"T034254"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2025-24970"
},
{
"cve": "CVE-2025-30729",
"product_status": {
"known_affected": [
"T032084",
"T034255",
"T042787",
"T042788",
"T021635",
"T042789",
"T018935",
"T018938",
"T027325",
"T018939",
"T042790",
"T042791",
"T042792"
],
"last_affected": [
"T042785",
"T042786",
"T028669",
"T034256",
"T034254"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2025-30729"
}
]
}
WID-SEC-W-2025-1572
Vulnerability from csaf_certbund - Published: 2025-07-15 22:00 - Updated: 2025-07-15 22:00Summary
Oracle Fusion Middleware: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Oracle Fusion Middleware bündelt mehrere Produkte zur Erstellung, Betrieb und Management von intelligenten Business Anwendungen.
Angriff: Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Fusion Middleware ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme: - Linux
- UNIX
- Windows
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
References
3 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Oracle Fusion Middleware b\u00fcndelt mehrere Produkte zur Erstellung, Betrieb und Management von intelligenten Business Anwendungen.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Fusion Middleware ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-1572 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-1572.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-1572 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1572"
},
{
"category": "external",
"summary": "Oracle Critical Patch Update Advisory - July 2025 - Appendix Oracle Fusion Middleware vom 2025-07-15",
"url": "https://www.oracle.com/security-alerts/cpujul2025.html#AppendixFMW"
}
],
"source_lang": "en-US",
"title": "Oracle Fusion Middleware: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-07-15T22:00:00.000+00:00",
"generator": {
"date": "2025-07-16T08:31:59.092+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2025-1572",
"initial_release_date": "2025-07-15T22:00:00.000+00:00",
"revision_history": [
{
"date": "2025-07-15T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "12.2.1.4.0",
"product": {
"name": "Oracle Fusion Middleware 12.2.1.4.0",
"product_id": "751674",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:fusion_middleware:12.2.1.4.0"
}
}
},
{
"category": "product_version",
"name": "14.1.1.0.0",
"product": {
"name": "Oracle Fusion Middleware 14.1.1.0.0",
"product_id": "829576",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:fusion_middleware:14.1.1.0.0"
}
}
},
{
"category": "product_version",
"name": "8.5.7",
"product": {
"name": "Oracle Fusion Middleware 8.5.7",
"product_id": "T034057",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:fusion_middleware:8.5.7"
}
}
},
{
"category": "product_version",
"name": "14.1.2.0.0",
"product": {
"name": "Oracle Fusion Middleware 14.1.2.0.0",
"product_id": "T040467",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:fusion_middleware:14.1.2.0.0"
}
}
}
],
"category": "product_name",
"name": "Fusion Middleware"
}
],
"category": "vendor",
"name": "Oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-45693",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2022-45693"
},
{
"cve": "CVE-2023-42917",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2023-42917"
},
{
"cve": "CVE-2024-12801",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2024-12801"
},
{
"cve": "CVE-2024-26308",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2024-26308"
},
{
"cve": "CVE-2024-38477",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2024-38477"
},
{
"cve": "CVE-2024-38819",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2024-38819"
},
{
"cve": "CVE-2024-38828",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2024-38828"
},
{
"cve": "CVE-2024-47072",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2024-47072"
},
{
"cve": "CVE-2024-47554",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2024-47554"
},
{
"cve": "CVE-2024-52046",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2024-52046"
},
{
"cve": "CVE-2024-57699",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2024-57699"
},
{
"cve": "CVE-2024-6763",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2024-6763"
},
{
"cve": "CVE-2024-8176",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2024-8176"
},
{
"cve": "CVE-2024-8184",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2024-8184"
},
{
"cve": "CVE-2024-9143",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2024-9143"
},
{
"cve": "CVE-2025-0725",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-0725"
},
{
"cve": "CVE-2025-24928",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-24928"
},
{
"cve": "CVE-2025-27553",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-27553"
},
{
"cve": "CVE-2025-27817",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-27817"
},
{
"cve": "CVE-2025-29482",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-29482"
},
{
"cve": "CVE-2025-30753",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-30753"
},
{
"cve": "CVE-2025-30762",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-30762"
},
{
"cve": "CVE-2025-31651",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-31651"
},
{
"cve": "CVE-2025-31672",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-31672"
},
{
"cve": "CVE-2025-48734",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-48734"
},
{
"cve": "CVE-2025-49146",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-49146"
},
{
"cve": "CVE-2025-50064",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-50064"
},
{
"cve": "CVE-2025-50072",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-50072"
},
{
"cve": "CVE-2025-50073",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-50073"
}
]
}
WID-SEC-W-2025-2364
Vulnerability from csaf_certbund - Published: 2025-10-21 22:00 - Updated: 2025-10-22 22:00Summary
Oracle JD Edwards: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Die Komponenten der Oracle JDEdwards sind vollständig integrierte und komplette Lösungen geschäftlicher Anwendungen (ERP) für Unternehmen.
Angriff: Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle JD Edwards ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme: - Linux
- Sonstiges
- Windows
Affected products
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle JD Edwards <=9.2.9.4
Oracle / JD Edwards
|
<=9.2.9.4 |
Affected products
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle JD Edwards <=9.2.9.4
Oracle / JD Edwards
|
<=9.2.9.4 |
Affected products
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle JD Edwards <=9.2.9.4
Oracle / JD Edwards
|
<=9.2.9.4 |
Affected products
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle JD Edwards <=9.2.9.4
Oracle / JD Edwards
|
<=9.2.9.4 |
Affected products
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle JD Edwards <=9.2.9.4
Oracle / JD Edwards
|
<=9.2.9.4 |
Affected products
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle JD Edwards <=9.2.9.4
Oracle / JD Edwards
|
<=9.2.9.4 |
Affected products
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle JD Edwards <=9.2.9.4
Oracle / JD Edwards
|
<=9.2.9.4 |
Affected products
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle JD Edwards <=9.2.9.4
Oracle / JD Edwards
|
<=9.2.9.4 |
References
3 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Die Komponenten der Oracle JDEdwards sind vollst\u00e4ndig integrierte und komplette L\u00f6sungen gesch\u00e4ftlicher Anwendungen (ERP) f\u00fcr Unternehmen.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle JD Edwards ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- Sonstiges\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-2364 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-2364.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-2364 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2364"
},
{
"category": "external",
"summary": "Oracle Critical Patch Update Advisory - October 2025 - Appendix Oracle JD Edwards vom 2025-10-21",
"url": "https://www.oracle.com/security-alerts/cpuoct2025.html#AppendixJDE"
}
],
"source_lang": "en-US",
"title": "Oracle JD Edwards: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-10-22T22:00:00.000+00:00",
"generator": {
"date": "2025-10-23T08:39:21.262+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2025-2364",
"initial_release_date": "2025-10-21T22:00:00.000+00:00",
"revision_history": [
{
"date": "2025-10-21T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-10-22T22:00:00.000+00:00",
"number": "2",
"summary": "Referenz(en) aufgenommen: EUVD-2025-35278, EUVD-2025-35274"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=9.2.9.4",
"product": {
"name": "Oracle JD Edwards \u003c=9.2.9.4",
"product_id": "T047955"
}
},
{
"category": "product_version_range",
"name": "\u003c=9.2.9.4",
"product": {
"name": "Oracle JD Edwards \u003c=9.2.9.4",
"product_id": "T047955-fixed"
}
}
],
"category": "product_name",
"name": "JD Edwards"
}
],
"category": "vendor",
"name": "Oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-22897",
"product_status": {
"last_affected": [
"T047955"
]
},
"release_date": "2025-10-21T22:00:00.000+00:00",
"title": "CVE-2021-22897"
},
{
"cve": "CVE-2024-13009",
"product_status": {
"last_affected": [
"T047955"
]
},
"release_date": "2025-10-21T22:00:00.000+00:00",
"title": "CVE-2024-13009"
},
{
"cve": "CVE-2024-52046",
"product_status": {
"last_affected": [
"T047955"
]
},
"release_date": "2025-10-21T22:00:00.000+00:00",
"title": "CVE-2024-52046"
},
{
"cve": "CVE-2024-9143",
"product_status": {
"last_affected": [
"T047955"
]
},
"release_date": "2025-10-21T22:00:00.000+00:00",
"title": "CVE-2024-9143"
},
{
"cve": "CVE-2025-31672",
"product_status": {
"last_affected": [
"T047955"
]
},
"release_date": "2025-10-21T22:00:00.000+00:00",
"title": "CVE-2025-31672"
},
{
"cve": "CVE-2025-48734",
"product_status": {
"last_affected": [
"T047955"
]
},
"release_date": "2025-10-21T22:00:00.000+00:00",
"title": "CVE-2025-48734"
},
{
"cve": "CVE-2025-53056",
"product_status": {
"last_affected": [
"T047955"
]
},
"release_date": "2025-10-21T22:00:00.000+00:00",
"title": "CVE-2025-53056"
},
{
"cve": "CVE-2025-53060",
"product_status": {
"last_affected": [
"T047955"
]
},
"release_date": "2025-10-21T22:00:00.000+00:00",
"title": "CVE-2025-53060"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…