WID-SEC-W-2025-1169
Vulnerability from csaf_certbund - Published: 2025-05-29 22:00 - Updated: 2026-03-26 23:00Summary
Apache Commons BeanUtils: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Apache Commons ist ein Apache-Projekt, das alle Aspekte der wiederverwendbaren Java-Komponenten behandelt.
Angriff: Ein entfernter, authentisierter Angreifer kann eine Schwachstelle in Apache Commons BeanUtils ausnutzen, um Sicherheitsvorkehrungen zu umgehen.
Betroffene Betriebssysteme: - Sonstiges
References
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Apache Commons ist ein Apache-Projekt, das alle Aspekte der wiederverwendbaren Java-Komponenten behandelt.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, authentisierter Angreifer kann eine Schwachstelle in Apache Commons BeanUtils ausnutzen, um Sicherheitsvorkehrungen zu umgehen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-1169 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-1169.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-1169 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1169"
},
{
"category": "external",
"summary": "Red Hat Bugtracker vom 2025-05-29",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368956"
},
{
"category": "external",
"summary": "GitHub Advisory Database vom 2025-05-29",
"url": "https://github.com/advisories/GHSA-wxr5-93ph-8wr9"
},
{
"category": "external",
"summary": "OSS Security Mailing List vom 2025-05-29",
"url": "https://seclists.org/oss-sec/2025/q2/175"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01815-1 vom 2025-06-04",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021416.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:8265 vom 2025-06-05",
"url": "https://access.redhat.com/errata/RHSA-2025:8265"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:8919 vom 2025-06-11",
"url": "https://access.redhat.com/errata/RHSA-2025:8919"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2025-3EB7C0066F vom 2025-06-13",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2025-3eb7c0066f"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2025-48E8E5F8ED vom 2025-06-13",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2025-48e8e5f8ed"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:9115 vom 2025-06-16",
"url": "https://access.redhat.com/errata/RHSA-2025:9115"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:9114 vom 2025-06-16",
"url": "https://access.redhat.com/errata/RHSA-2025:9114"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:9117 vom 2025-06-16",
"url": "https://access.redhat.com/errata/RHSA-2025:9117"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:9166 vom 2025-06-17",
"url": "https://access.redhat.com/errata/RHSA-2025:9166"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-9114 vom 2025-06-19",
"url": "https://linux.oracle.com/errata/ELSA-2025-9114.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02056-1 vom 2025-06-20",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021617.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:9318 vom 2025-06-23",
"url": "https://access.redhat.com/errata/RHSA-2025:9318"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2025-2899 vom 2025-06-24",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2025-2899.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:9697 vom 2025-06-26",
"url": "https://access.redhat.com/errata/RHSA-2025:9697"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:9696 vom 2025-06-26",
"url": "https://access.redhat.com/errata/RHSA-2025:9696"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-9166 vom 2025-06-28",
"url": "http://linux.oracle.com/errata/ELSA-2025-9166.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-4229 vom 2025-06-25",
"url": "https://lists.debian.org/debian-lts-announce/2025/06/msg00027.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:9922 vom 2025-06-30",
"url": "https://access.redhat.com/errata/RHSA-2025:9922"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2025-2899 vom 2025-06-30",
"url": "https://alas.aws.amazon.com/AL2/ALAS2-2025-2899.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7238747 vom 2025-07-02",
"url": "https://www.ibm.com/support/pages/node/7238747"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:10459 vom 2025-07-08",
"url": "https://access.redhat.com/errata/RHSA-2025:10459"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:10452 vom 2025-07-08",
"url": "https://access.redhat.com/errata/RHSA-2025:10452"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:10453 vom 2025-07-07",
"url": "https://access.redhat.com/errata/RHSA-2025:10453"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-9318 vom 2025-07-09",
"url": "https://linux.oracle.com/errata/ELSA-2025-9318.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:10814 vom 2025-07-10",
"url": "https://access.redhat.com/errata/RHSA-2025:10814"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:10925 vom 2025-07-15",
"url": "https://access.redhat.com/errata/RHSA-2025:10925"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:10931 vom 2025-07-15",
"url": "https://access.redhat.com/errata/RHSA-2025:10931"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:10926 vom 2025-07-14",
"url": "https://access.redhat.com/errata/RHSA-2025:10926"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:10924 vom 2025-07-14",
"url": "https://access.redhat.com/errata/RHSA-2025:10924"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7239757 vom 2025-07-15",
"url": "https://www.ibm.com/support/pages/node/7239757"
},
{
"category": "external",
"summary": "Atlassian Security Bulletin - July 15 2025",
"url": "https://confluence.atlassian.com/security/security-bulletin-july-15-2025-1590658642.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-10814 vom 2025-07-30",
"url": "https://linux.oracle.com/errata/ELSA-2025-10814.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:12511 vom 2025-08-03",
"url": "https://access.redhat.com/errata/RHSA-2025:12511"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7241547 vom 2025-08-06",
"url": "https://www.ibm.com/support/pages/node/7241547"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:13274 vom 2025-08-06",
"url": "https://access.redhat.com/errata/RHSA-2025:13274"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7242967 vom 2025-08-23",
"url": "https://www.ibm.com/support/pages/node/7242967"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7243781 vom 2025-09-02",
"url": "https://www.ibm.com/support/pages/node/7243781"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7244384 vom 2025-09-09",
"url": "https://www.ibm.com/support/pages/node/7244384"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:15811 vom 2025-09-15",
"url": "https://access.redhat.com/errata/RHSA-2025:15811"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:15812 vom 2025-09-15",
"url": "https://access.redhat.com/errata/RHSA-2025:15812"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:15810 vom 2025-09-15",
"url": "https://access.redhat.com/errata/RHSA-2025:15810"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:15814 vom 2025-09-15",
"url": "https://access.redhat.com/errata/RHSA-2025:15814"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:15813 vom 2025-09-15",
"url": "https://access.redhat.com/errata/RHSA-2025:15813"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:15817 vom 2025-09-15",
"url": "https://access.redhat.com/errata/RHSA-2025:15817"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:15816 vom 2025-09-15",
"url": "https://access.redhat.com/errata/RHSA-2025:15816"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:15815 vom 2025-09-15",
"url": "https://access.redhat.com/errata/RHSA-2025:15815"
},
{
"category": "external",
"summary": "Atlassian Security Advisory",
"url": "https://jira.atlassian.com/browse/CONFSERVER-100795"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:16409 vom 2025-09-23",
"url": "https://access.redhat.com/errata/RHSA-2025:16409"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:16668 vom 2025-09-25",
"url": "https://access.redhat.com/errata/RHSA-2025:16668"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:16667 vom 2025-09-25",
"url": "https://access.redhat.com/errata/RHSA-2025:16667"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7246098 vom 2025-09-29",
"url": "https://www.ibm.com/support/pages/node/7246098"
},
{
"category": "external",
"summary": "SAS Security Update vom 2025-10-02",
"url": "https://support.sas.com/en/security-bulletins/sas-security-update-for-sas-94m9-ts1m9.html"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2025:9114 vom 2025-10-04",
"url": "https://errata.build.resf.org/RLSA-2025:9114"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2025:9166 vom 2025-10-03",
"url": "https://errata.build.resf.org/RLSA-2025:9166"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7247346 vom 2025-10-07",
"url": "https://www.ibm.com/support/pages/node/7247346"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7249058 vom 2025-10-24",
"url": "https://www.ibm.com/support/pages/node/7249058"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7249358 vom 2025-10-28",
"url": "https://www.ibm.com/support/pages/node/7249358"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7249815 vom 2025-10-31",
"url": "https://www.ibm.com/support/pages/node/7249815"
},
{
"category": "external",
"summary": "Atlassian Security Bulletin - November 18 2025",
"url": "https://confluence.atlassian.com/security/security-bulletin-november-18-2025-1671463469.html"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2025-415 vom 2025-12-22",
"url": "https://www.dell.com/support/kbdoc/000405813"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7255296 vom 2026-01-21",
"url": "https://www.ibm.com/support/pages/node/7255296"
},
{
"category": "external",
"summary": "Gentoo Linux Security Advisory GLSA-202601-05 vom 2026-01-26",
"url": "https://security.gentoo.org/glsa/202601-05"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2026-152 vom 2026-03-23",
"url": "https://www.dell.com/support/kbdoc/de-de/000443243/dsa-2026-152-dell-secure-connect-gateway-security-update-for-multiple-third-party-component-vulnerabilities"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7267699 vom 2026-03-27",
"url": "https://www.ibm.com/support/pages/node/7267699"
}
],
"source_lang": "en-US",
"title": "Apache Commons BeanUtils: Schwachstelle erm\u00f6glicht Umgehen von Sicherheitsvorkehrungen",
"tracking": {
"current_release_date": "2026-03-26T23:00:00.000+00:00",
"generator": {
"date": "2026-03-27T09:41:59.131+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2025-1169",
"initial_release_date": "2025-05-29T22:00:00.000+00:00",
"revision_history": [
{
"date": "2025-05-29T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-06-04T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von SUSE und Red Hat aufgenommen"
},
{
"date": "2025-06-11T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-06-12T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Fedora aufgenommen"
},
{
"date": "2025-06-16T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-06-19T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-06-22T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-06-24T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2025-06-25T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-06-29T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Oracle Linux und Debian aufgenommen"
},
{
"date": "2025-06-30T22:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Red Hat und Amazon aufgenommen"
},
{
"date": "2025-07-02T22:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-07-07T22:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-07-08T22:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-07-10T22:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-07-14T22:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-07-15T22:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-07-30T22:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-08-03T22:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-08-06T22:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von IBM und Red Hat aufgenommen"
},
{
"date": "2025-08-24T22:00:00.000+00:00",
"number": "21",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-09-02T22:00:00.000+00:00",
"number": "22",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-09-09T22:00:00.000+00:00",
"number": "23",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-09-15T22:00:00.000+00:00",
"number": "24",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-09-16T22:00:00.000+00:00",
"number": "25",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2025-09-22T22:00:00.000+00:00",
"number": "26",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-09-24T22:00:00.000+00:00",
"number": "27",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-09-29T22:00:00.000+00:00",
"number": "28",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-10-05T22:00:00.000+00:00",
"number": "29",
"summary": "Neue Updates von Rocky Enterprise Software Foundation aufgenommen"
},
{
"date": "2025-10-07T22:00:00.000+00:00",
"number": "30",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-10-23T22:00:00.000+00:00",
"number": "31",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-10-27T23:00:00.000+00:00",
"number": "32",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-10-30T23:00:00.000+00:00",
"number": "33",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-11-18T23:00:00.000+00:00",
"number": "34",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2025-12-21T23:00:00.000+00:00",
"number": "35",
"summary": "Neue Updates von Dell aufgenommen"
},
{
"date": "2026-01-20T23:00:00.000+00:00",
"number": "36",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2026-01-25T23:00:00.000+00:00",
"number": "37",
"summary": "Neue Updates von Gentoo aufgenommen"
},
{
"date": "2026-03-23T23:00:00.000+00:00",
"number": "38",
"summary": "Neue Updates von Dell aufgenommen"
},
{
"date": "2026-03-26T23:00:00.000+00:00",
"number": "39",
"summary": "Neue Updates von IBM aufgenommen"
}
],
"status": "final",
"version": "39"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "beanutils \u003c1.11.0",
"product": {
"name": "Apache Commons beanutils \u003c1.11.0",
"product_id": "T044228"
}
},
{
"category": "product_version",
"name": "beanutils 1.11.0",
"product": {
"name": "Apache Commons beanutils 1.11.0",
"product_id": "T044228-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:apache:commons:beanutils__1.11.0"
}
}
},
{
"category": "product_version_range",
"name": "beanutils2 \u003c2.0.0-M2",
"product": {
"name": "Apache Commons beanutils2 \u003c2.0.0-M2",
"product_id": "T044229"
}
},
{
"category": "product_version",
"name": "beanutils2 2.0.0-M2",
"product": {
"name": "Apache Commons beanutils2 2.0.0-M2",
"product_id": "T044229-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:apache:commons:beanutils2__2.0.0-m2"
}
}
}
],
"category": "product_name",
"name": "Commons"
}
],
"category": "vendor",
"name": "Apache"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c11.0.3",
"product": {
"name": "Atlassian Bamboo \u003c11.0.3",
"product_id": "T045447"
}
},
{
"category": "product_version",
"name": "11.0.3",
"product": {
"name": "Atlassian Bamboo 11.0.3",
"product_id": "T045447-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bamboo:11.0.3"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.2.6 (LTS)",
"product": {
"name": "Atlassian Bamboo \u003c10.2.6 (LTS)",
"product_id": "T045448"
}
},
{
"category": "product_version",
"name": "10.2.6 (LTS)",
"product": {
"name": "Atlassian Bamboo 10.2.6 (LTS)",
"product_id": "T045448-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bamboo:10.2.6_%28lts%29"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.6.15 (LTS)",
"product": {
"name": "Atlassian Bamboo \u003c9.6.15 (LTS)",
"product_id": "T045449"
}
},
{
"category": "product_version",
"name": "9.6.15 (LTS)",
"product": {
"name": "Atlassian Bamboo 9.6.15 (LTS)",
"product_id": "T045449-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bamboo:9.6.15_%28lts%29"
}
}
}
],
"category": "product_name",
"name": "Bamboo"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.2",
"product": {
"name": "Atlassian Bitbucket \u003c10.0.2",
"product_id": "T048675"
}
},
{
"category": "product_version",
"name": "10.0.2",
"product": {
"name": "Atlassian Bitbucket 10.0.2",
"product_id": "T048675-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bitbucket:10.0.2"
}
}
},
{
"category": "product_version_range",
"name": "\u003c8.19.25 (LTS)",
"product": {
"name": "Atlassian Bitbucket \u003c8.19.25 (LTS)",
"product_id": "T048676"
}
},
{
"category": "product_version",
"name": "8.19.25 (LTS)",
"product": {
"name": "Atlassian Bitbucket 8.19.25 (LTS)",
"product_id": "T048676-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bitbucket:8.19.25_%28lts%29"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.4.13 (LTS)",
"product": {
"name": "Atlassian Bitbucket \u003c9.4.13 (LTS)",
"product_id": "T048677"
}
},
{
"category": "product_version",
"name": "9.4.13 (LTS)",
"product": {
"name": "Atlassian Bitbucket 9.4.13 (LTS)",
"product_id": "T048677-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bitbucket:9.4.13_%28lts%29"
}
}
}
],
"category": "product_name",
"name": "Bitbucket"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c9.2.6",
"product": {
"name": "Atlassian Confluence \u003c9.2.6",
"product_id": "T047025"
}
},
{
"category": "product_version",
"name": "9.2.6",
"product": {
"name": "Atlassian Confluence 9.2.6",
"product_id": "T047025-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:confluence:9.2.6"
}
}
},
{
"category": "product_version_range",
"name": "\u003c8.5.24",
"product": {
"name": "Atlassian Confluence \u003c8.5.24",
"product_id": "T047026"
}
},
{
"category": "product_version",
"name": "8.5.24",
"product": {
"name": "Atlassian Confluence 8.5.24",
"product_id": "T047026-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:confluence:8.5.24"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.5.2",
"product": {
"name": "Atlassian Confluence \u003c9.5.2",
"product_id": "T047027"
}
},
{
"category": "product_version",
"name": "9.5.2",
"product": {
"name": "Atlassian Confluence 9.5.2",
"product_id": "T047027-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:confluence:9.5.2"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.0.3",
"product": {
"name": "Atlassian Confluence \u003c10.0.3",
"product_id": "T047028"
}
},
{
"category": "product_version",
"name": "10.0.3",
"product": {
"name": "Atlassian Confluence 10.0.3",
"product_id": "T047028-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:confluence:10.0.3"
}
}
}
],
"category": "product_name",
"name": "Confluence"
}
],
"category": "vendor",
"name": "Atlassian"
},
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"category": "product_name",
"name": "Dell PowerProtect Data Domain",
"product": {
"name": "Dell PowerProtect Data Domain",
"product_id": "T045852",
"product_identification_helper": {
"cpe": "cpe:/a:dell:powerprotect_data_domain:-"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c5.34.00.16",
"product": {
"name": "Dell Secure Connect Gateway \u003c5.34.00.16",
"product_id": "T052048"
}
},
{
"category": "product_version",
"name": "5.34.00.16",
"product": {
"name": "Dell Secure Connect Gateway 5.34.00.16",
"product_id": "T052048-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:secure_connect_gateway:5.34.00.16"
}
}
}
],
"category": "product_name",
"name": "Secure Connect Gateway"
}
],
"category": "vendor",
"name": "Dell"
},
{
"branches": [
{
"category": "product_name",
"name": "Fedora Linux",
"product": {
"name": "Fedora Linux",
"product_id": "74185",
"product_identification_helper": {
"cpe": "cpe:/o:fedoraproject:fedora:-"
}
}
}
],
"category": "vendor",
"name": "Fedora"
},
{
"branches": [
{
"category": "product_name",
"name": "Gentoo Linux",
"product": {
"name": "Gentoo Linux",
"product_id": "T012167",
"product_identification_helper": {
"cpe": "cpe:/o:gentoo:linux:-"
}
}
}
],
"category": "vendor",
"name": "Gentoo"
},
{
"branches": [
{
"category": "product_name",
"name": "IBM App Connect Enterprise",
"product": {
"name": "IBM App Connect Enterprise",
"product_id": "T032495",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:app_connect_enterprise:-"
}
}
},
{
"branches": [
{
"category": "product_name",
"name": "IBM Business Automation Workflow",
"product": {
"name": "IBM Business Automation Workflow",
"product_id": "T019704",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:-"
}
}
},
{
"category": "product_name",
"name": "IBM Business Automation Workflow",
"product": {
"name": "IBM Business Automation Workflow",
"product_id": "T043411",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:-"
}
}
}
],
"category": "product_name",
"name": "Business Automation Workflow"
},
{
"category": "product_name",
"name": "IBM InfoSphere Information Server",
"product": {
"name": "IBM InfoSphere Information Server",
"product_id": "T035705",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:infosphere_information_server:-"
}
}
},
{
"category": "product_name",
"name": "IBM Operational Decision Manager",
"product": {
"name": "IBM Operational Decision Manager",
"product_id": "T005180",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:operational_decision_manager:-"
}
}
},
{
"category": "product_name",
"name": "IBM QRadar SIEM",
"product": {
"name": "IBM QRadar SIEM",
"product_id": "T021415",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:qradar_siem:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "Analytic Server",
"product": {
"name": "IBM SPSS Analytic Server",
"product_id": "T011787",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:spss:analytic_server"
}
}
},
{
"category": "product_version",
"name": "Collaboration and Deployment Services 8.5",
"product": {
"name": "IBM SPSS Collaboration and Deployment Services 8.5",
"product_id": "T038750",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:spss:collaboration_and_deployment_services_8.5"
}
}
},
{
"category": "product_version",
"name": "Collaboration and Deployment Services 8.6",
"product": {
"name": "IBM SPSS Collaboration and Deployment Services 8.6",
"product_id": "T046466",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:spss:collaboration_and_deployment_services_8.6"
}
}
}
],
"category": "product_name",
"name": "SPSS"
},
{
"branches": [
{
"category": "product_version",
"name": "11.5",
"product": {
"name": "IBM Security Guardium 11.5",
"product_id": "1411051",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:security_guardium:11.5"
}
}
},
{
"category": "product_name",
"name": "IBM Security Guardium",
"product": {
"name": "IBM Security Guardium",
"product_id": "T021345",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:security_guardium:-"
}
}
}
],
"category": "product_name",
"name": "Security Guardium"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c6.2.0.6",
"product": {
"name": "IBM Tivoli Business Service Manager \u003c6.2.0.6",
"product_id": "T045011"
}
},
{
"category": "product_version",
"name": "6.2.0.6",
"product": {
"name": "IBM Tivoli Business Service Manager 6.2.0.6",
"product_id": "T045011-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_business_service_manager:6.2.0.6"
}
}
}
],
"category": "product_name",
"name": "Tivoli Business Service Manager"
},
{
"category": "product_name",
"name": "IBM Tivoli Netcool/OMNIbus",
"product": {
"name": "IBM Tivoli Netcool/OMNIbus",
"product_id": "T004181",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_netcool%2fomnibus:-"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "IP Edition \u003c4.2 Fix Pack 23",
"product": {
"name": "IBM Tivoli Network Manager IP Edition \u003c4.2 Fix Pack 23",
"product_id": "T046654"
}
},
{
"category": "product_version",
"name": "IP Edition 4.2 Fix Pack 23",
"product": {
"name": "IBM Tivoli Network Manager IP Edition 4.2 Fix Pack 23",
"product_id": "T046654-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_network_manager:ip_edition___4.2_fix_pack_23"
}
}
}
],
"category": "product_name",
"name": "Tivoli Network Manager"
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "RESF Rocky Linux",
"product": {
"name": "RESF Rocky Linux",
"product_id": "T032255",
"product_identification_helper": {
"cpe": "cpe:/o:resf:rocky_linux:-"
}
}
}
],
"category": "vendor",
"name": "RESF"
},
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
},
{
"category": "product_version",
"name": "Cryostat 4",
"product": {
"name": "Red Hat Enterprise Linux Cryostat 4",
"product_id": "T042558",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:cryostat_4"
}
}
},
{
"category": "product_version",
"name": "Apache Camel 1",
"product": {
"name": "Red Hat Enterprise Linux Apache Camel 1",
"product_id": "T044468",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:apache_camel_1"
}
}
}
],
"category": "product_name",
"name": "Enterprise Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c7.12.5",
"product": {
"name": "Red Hat JBoss A-MQ \u003c7.12.5",
"product_id": "T047116"
}
},
{
"category": "product_version",
"name": "7.12.5",
"product": {
"name": "Red Hat JBoss A-MQ 7.12.5",
"product_id": "T047116-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_amq:7.12.5"
}
}
}
],
"category": "product_name",
"name": "JBoss A-MQ"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform",
"product_id": "T003085",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:-"
}
}
},
{
"category": "product_version_range",
"name": "\u003c8.0.8",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform \u003c8.0.8",
"product_id": "T045085"
}
},
{
"category": "product_version",
"name": "8.0.8",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 8.0.8",
"product_id": "T045085-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0.8"
}
}
},
{
"category": "product_version_range",
"name": "\u003c7.4.23",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform \u003c7.4.23",
"product_id": "T045348"
}
},
{
"category": "product_version",
"name": "7.4.23",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 7.4.23",
"product_id": "T045348-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4.23"
}
}
}
],
"category": "product_name",
"name": "JBoss Enterprise Application Platform"
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c9.4M9 (TS1M9)",
"product": {
"name": "SAS Institute Base SAS \u003c9.4M9 (TS1M9)",
"product_id": "T047382"
}
},
{
"category": "product_version",
"name": "9.4M9 (TS1M9)",
"product": {
"name": "SAS Institute Base SAS 9.4M9 (TS1M9)",
"product_id": "T047382-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:sas:base_sas:9.4m9_%28ts1m9%29"
}
}
}
],
"category": "product_name",
"name": "Base SAS"
}
],
"category": "vendor",
"name": "SAS Institute"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-48734",
"product_status": {
"known_affected": [
"T047382",
"67646",
"T011787",
"T004914",
"T045448",
"T045348",
"T045447",
"T045449",
"T021415",
"T042558",
"T005180",
"T045085",
"398363",
"T047027",
"T046654",
"T047028",
"T048677",
"T003085",
"T047025",
"T048676",
"T047026",
"T048675",
"T035705",
"T012167",
"T038750",
"T032255",
"T052048",
"74185",
"T032495",
"T043411",
"T045852",
"T021345",
"T044468",
"2951",
"T002207",
"T044229",
"T044228",
"T019704",
"T004181",
"T045011",
"T046466",
"T047116",
"1411051"
]
},
"release_date": "2025-05-29T22:00:00.000+00:00",
"title": "CVE-2025-48734"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…