CVE-2018-8032 (GCVE-0-2018-8032)

Vulnerability from cvelistv5 – Published: 2018-08-02 13:00 – Updated: 2024-09-16 16:29
VLAI
Summary
Apache Axis 1.x up to and including 1.4 is vulnerable to a cross-site scripting (XSS) attack in the default servlet/services.
Severity
No CVSS data available.
CWE
  • Cross-site Scripting
Assigner
References
Impacted products
Vendor Product Version
Apache Software Foundation Apache Axis Affected: 1.x up to and including 1.4
Create a notification for this product.
Date Public
2018-07-08 00:00
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T06:46:12.311Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[axis-java-dev] 20180708 [jira] [Created] (AXIS-2924) CVE-2018-8032 XSS vulnerability",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://mail-archives.apache.org/mod_mbox/axis-java-dev/201807.mbox/%3CJIRA.13170716.1531060536000.93536.1531060560060%40Atlassian.JIRA%3E"
          },
          {
            "name": "[axis-java-dev] 20190925 [jira] [Commented] (AXIS-2924) CVE-2018-8032 XSS vulnerability",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/d06ed5e4eeb77d00e8d594ec01ee8ee1cba173a01ac4b18f1579d041%40%3Cjava-dev.axis.apache.org%3E"
          },
          {
            "name": "[axis-java-dev] 20190929 [jira] [Commented] (AXIS-2924) CVE-2018-8032 XSS vulnerability",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/3b89bc9e9d055db7eba8835ff6501f3f5db99d2a0928ec0be9b1d17b%40%3Cjava-dev.axis.apache.org%3E"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpujul2020.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpujan2020.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://issues.apache.org/jira/browse/AXIS-2924"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpujan2021.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
          },
          {
            "name": "[debian-lts-announce] 20211117 [SECURITY] [DLA 2821-1] axis security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00015.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20240621-0006/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Apache Axis",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "status": "affected",
              "version": "1.x up to and including 1.4"
            }
          ]
        }
      ],
      "datePublic": "2018-07-08T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Apache Axis 1.x up to and including 1.4 is vulnerable to a cross-site scripting (XSS) attack in the default servlet/services."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Cross-site Scripting",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-06-21T19:08:01.869Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "name": "[axis-java-dev] 20180708 [jira] [Created] (AXIS-2924) CVE-2018-8032 XSS vulnerability",
          "tags": [
            "mailing-list"
          ],
          "url": "http://mail-archives.apache.org/mod_mbox/axis-java-dev/201807.mbox/%3CJIRA.13170716.1531060536000.93536.1531060560060%40Atlassian.JIRA%3E"
        },
        {
          "name": "[axis-java-dev] 20190925 [jira] [Commented] (AXIS-2924) CVE-2018-8032 XSS vulnerability",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/d06ed5e4eeb77d00e8d594ec01ee8ee1cba173a01ac4b18f1579d041%40%3Cjava-dev.axis.apache.org%3E"
        },
        {
          "name": "[axis-java-dev] 20190929 [jira] [Commented] (AXIS-2924) CVE-2018-8032 XSS vulnerability",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/3b89bc9e9d055db7eba8835ff6501f3f5db99d2a0928ec0be9b1d17b%40%3Cjava-dev.axis.apache.org%3E"
        },
        {
          "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
        },
        {
          "url": "https://www.oracle.com/security-alerts/cpujul2020.html"
        },
        {
          "url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
        },
        {
          "url": "https://www.oracle.com/security-alerts/cpujan2020.html"
        },
        {
          "url": "https://issues.apache.org/jira/browse/AXIS-2924"
        },
        {
          "url": "https://www.oracle.com/security-alerts/cpujan2021.html"
        },
        {
          "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
        },
        {
          "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
        },
        {
          "name": "[debian-lts-announce] 20211117 [SECURITY] [DLA 2821-1] axis security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00015.html"
        },
        {
          "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
        },
        {
          "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20240621-0006/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2018-8032",
    "datePublished": "2018-08-02T13:00:00.000Z",
    "dateReserved": "2018-03-09T00:00:00.000Z",
    "dateUpdated": "2024-09-16T16:29:01.816Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2018-8032",
      "date": "2026-06-01",
      "epss": "0.01707",
      "percentile": "0.82636"
    },
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:axis:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"1.0\", \"versionEndIncluding\": \"1.4\", \"matchCriteriaId\": \"5114D26C-501B-4F51-B12C-D8A4537BEC80\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:agile_engineering_data_management:6.2.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"80C9DBB8-3D50-4D5D-859A-B022EB7C2E64\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:agile_product_lifecycle_management_framework:9.3.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8454A130-2E9B-4528-A24D-1B3D0FFCC860\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:application_testing_suite:13.2.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"10F17843-32EA-4C31-B65C-F424447BEF7B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A125E817-F974-4509-872C-B71933F42AD1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:big_data_discovery:1.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8C4C38FF-B75B-4DF1-BFB3-C91BDD10D90E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_asap_cartridges:7.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D4CE3535-FC9D-4FB2-8739-19E7477B07FF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_asap_cartridges:7.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"58A06A98-0374-4B56-9045-D939F30BF479\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_design_studio:7.3.4.3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"313F42E5-1BBB-4773-A153-B114C3FDF701\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_design_studio:7.3.5.5.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AC75FE72-6C3F-428E-9C9A-60982455238B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_design_studio:7.4.0.4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B370B017-2E3B-438B-86B9-EEF70E3A5D3A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_design_studio:7.4.1.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"63C81E5E-3C53-4731-96C3-0F5767874B11\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_element_manager:8.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"ED5503EC-63B6-47EB-AE37-14DD317DDDD8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_element_manager:8.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A99F85F8-F374-48B0-9534-BB9C07AFE76E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0C57FD3A-0CC1-4BA9-879A-8C4A40234162\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"698FB6D0-B26F-4760-9B9B-1C65FBFF2126\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_network_integrity:7.3.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FB92D8A7-2ABD-4B70-A32C-4B6B866C5B8B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_network_integrity:7.3.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B21E6EEF-2AB7-4E96-B092-1F49D11B4175\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_order_and_service_management:7.3.0.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DB472856-38AB-4062-B752-E204B177DE72\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_order_and_service_management:7.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1F015E20-7886-4713-B4EC-FE7894066D09\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_session_report_manager:8.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7DDF6809-53A7-4F7D-9FA8-B522BE8F7A21\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_session_report_manager:8.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AA86A15F-FAB8-4DF5-95AC-DA3D1CF7A720\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DB43DFD4-D058-4001-BD19-488E059F4532\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"086E2E5C-44EB-4C07-B298-C04189533996\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_session_route_manager:8.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4B042935-BC42-4CA8-9379-7F0F894F9653\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_session_route_manager:8.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3B374F86-4EC8-4797-A8C3-5C1FF1DFC9F8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5682DAEB-3810-4541-833A-568C868BCE0B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"01BC9AED-F81D-4344-AD97-EEF19B6EA8C7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:endeca_information_discovery_studio:3.2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9D03A8C9-35A5-4B75-9711-7A4A60457307\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:enterprise_manager_base_platform:12.1.0.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"36E39918-B2D6-43F0-A607-8FD8BFF6F340\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:enterprise_manager_base_platform:13.3.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7582B307-3899-4BBB-B868-BC912A4D0109\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:enterprise_manager_for_fusion_middleware:12.1.0.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"14480702-4398-4C28-82A6-E7329FB3B650\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"7.3.3\", \"versionEndIncluding\": \"7.3.5\", \"matchCriteriaId\": \"B5BC32AA-78BE-468B-B92A-5A0FFFA970FA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"8.0.0\", \"versionEndIncluding\": \"8.0.8\", \"matchCriteriaId\": \"F6E8C634-FC3E-418F-8D7D-B71E1A3E2DBE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:financial_services_compliance_regulatory_reporting:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"8.0.6\", \"versionEndIncluding\": \"8.0.8\", \"matchCriteriaId\": \"1DDD1A52-5794-4837-847C-E5F073330774\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"8.0.2\", \"versionEndIncluding\": \"8.0.7\", \"matchCriteriaId\": \"547D042E-51DE-430D-B4BA-F0698646BC80\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:flexcube_core_banking:11.7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"87416B3B-3B2B-486B-B931-19199EF07000\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:flexcube_core_banking:11.8.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1102B6BC-D99E-4AC0-9375-FB8517A4A71F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:flexcube_core_banking:11.9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4D22386C-FEC4-4984-8E2A-8FE4796BEFBE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:flexcube_core_banking:11.10.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B283B614-9E31-4148-8688-B0672B3A77B3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:flexcube_private_banking:12.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6762F207-93C7-4363-B2F9-7A7C6F8AF993\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:flexcube_private_banking:12.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1B74B912-152D-4F38-9FC1-741D6D0B27FC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:hospitality_guest_access:4.2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1A3DC116-2844-47A1-BEC2-D0675DD97148\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:hospitality_guest_access:4.2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E0F1DF3E-0F2D-4EFC-9A3E-F72149C8AE94\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"82EA4BA7-C38B-4AF3-8914-9E3D089EBDD4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B9C9BC66-FA5F-4774-9BDA-7AB88E2839C4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7F69B9A5-F21B-4904-9F27-95C0F7A628E3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:internet_directory:12.2.1.3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"68F2A706-3250-4026-9498-CB4B38B23CEC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:internet_directory:12.2.1.4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7360EC9B-814F-4FF5-AA9D-9E55A380B2C5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:knowledge:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"8.6.0\", \"versionEndIncluding\": \"8.6.3\", \"matchCriteriaId\": \"9E587602-BA7D-4087-BE29-ACE0B01BD590\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:peoplesoft_enterprise_human_capital_management_human_resources:9.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"344A3A9E-3113-4096-B9F8-CA0AD705242B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D0A735B4-4F3C-416B-8C08-9CB21BAD2889\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7E1E416B-920B-49A0-9523-382898C2979D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D9DB4A14-2EF5-4B54-95D2-75E6CF9AA0A9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:policy_automation_connector_for_siebel:10.4.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0DB5E2C7-9C68-4D3B-95AD-9CBF65DE1E94\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:primavera_gateway:16.2.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1DFB9704-6B99-4113-8537-E4AE0F791B86\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:primavera_gateway:17.12.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2F5647E5-B051-41A6-B186-3584C725908B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"17.7\", \"versionEndIncluding\": \"17.12\", \"matchCriteriaId\": \"08FA59A8-6A62-4B33-8952-D6E658F8DAC9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:primavera_unifier:16.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D55A54FD-7DD1-49CD-BE81-0BE73990943C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:primavera_unifier:16.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"82EB08C0-2D46-4635-88DF-E54F6452D3A3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"202AD518-2E9B-4062-B063-9858AE1F9CE2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"10864586-270E-4ACF-BDCC-ECFCD299305F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:rapid_planning:12.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"19A0F1AF-F2E6-44E7-8E2D-190E103B72D3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:rapid_planning:12.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6D53690D-3390-4A27-988A-709CD89DD05B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:real-time_decision_server:3.2.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DD2288B1-FF5E-46BC-8551-4CC6B046A0D0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:retail_order_broker:15.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EE8CF045-09BB-4069-BCEC-496D5AE3B780\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:retail_order_broker:16.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"38E74E68-7F19-4EF3-AC00-3C249EAAA39E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:retail_order_broker:18.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0783F0D1-8FAC-4BCA-A6F5-C5C60E86D56D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A0ED83E3-E6BF-4EAA-AF8F-33485A88A218\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:secure_global_desktop:5.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B5265C91-FF5C-4451-A7C2-D388A65ACFA2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:secure_global_desktop:5.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C2B933E8-DBC4-4443-B837-BA8BAF8CC249\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:siebel_ui_framework:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"21.0\", \"matchCriteriaId\": \"EAC9E8DC-5139-4420-9BD6-0B5F2FA3150E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:tuxedo:12.1.1.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"92A6A7BA-CCE6-426F-8434-7A578A245180\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:tuxedo:12.1.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BBC28867-E828-4ABC-BE7B-3E5C2E826879\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D6A4F71A-4269-40FC-8F61-1D1301F2B728\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Apache Axis 1.x up to and including 1.4 is vulnerable to a cross-site scripting (XSS) attack in the default servlet/services.\"}, {\"lang\": \"es\", \"value\": \"Apache Axis en versiones 1.x hasta la 1.4 (incluida) es vulnerable a un ataque de Cross-Site Scripting (XSS) en el servlet/services por defecto.\"}]",
      "id": "CVE-2018-8032",
      "lastModified": "2024-11-21T04:13:08.053",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\", \"baseScore\": 6.1, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 2.7}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:N/I:P/A:N\", \"baseScore\": 4.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2018-08-02T13:29:00.363",
      "references": "[{\"url\": \"http://mail-archives.apache.org/mod_mbox/axis-java-dev/201807.mbox/%3CJIRA.13170716.1531060536000.93536.1531060560060%40Atlassian.JIRA%3E\", \"source\": \"security@apache.org\"}, {\"url\": \"https://issues.apache.org/jira/browse/AXIS-2924\", \"source\": \"security@apache.org\", \"tags\": [\"Issue Tracking\", \"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/3b89bc9e9d055db7eba8835ff6501f3f5db99d2a0928ec0be9b1d17b%40%3Cjava-dev.axis.apache.org%3E\", \"source\": \"security@apache.org\"}, {\"url\": \"https://lists.apache.org/thread.html/d06ed5e4eeb77d00e8d594ec01ee8ee1cba173a01ac4b18f1579d041%40%3Cjava-dev.axis.apache.org%3E\", \"source\": \"security@apache.org\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2021/11/msg00015.html\", \"source\": \"security@apache.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240621-0006/\", \"source\": \"security@apache.org\"}, {\"url\": \"https://www.oracle.com/security-alerts/cpuApr2021.html\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpuapr2020.html\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpuapr2022.html\", \"source\": \"security@apache.org\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujan2020.html\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujan2021.html\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujul2020.html\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujul2022.html\", \"source\": \"security@apache.org\"}, {\"url\": \"https://www.oracle.com/security-alerts/cpuoct2021.html\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html\", \"source\": \"security@apache.org\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"http://mail-archives.apache.org/mod_mbox/axis-java-dev/201807.mbox/%3CJIRA.13170716.1531060536000.93536.1531060560060%40Atlassian.JIRA%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://issues.apache.org/jira/browse/AXIS-2924\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/3b89bc9e9d055db7eba8835ff6501f3f5db99d2a0928ec0be9b1d17b%40%3Cjava-dev.axis.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/d06ed5e4eeb77d00e8d594ec01ee8ee1cba173a01ac4b18f1579d041%40%3Cjava-dev.axis.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2021/11/msg00015.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240621-0006/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.oracle.com/security-alerts/cpuApr2021.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpuapr2020.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpuapr2022.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujan2020.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujan2021.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujul2020.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujul2022.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.oracle.com/security-alerts/cpuoct2021.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}]",
      "sourceIdentifier": "security@apache.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-79\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2018-8032\",\"sourceIdentifier\":\"security@apache.org\",\"published\":\"2018-08-02T13:29:00.363\",\"lastModified\":\"2025-05-08T18:13:51.353\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Apache Axis 1.x up to and including 1.4 is vulnerable to a cross-site scripting (XSS) attack in the default servlet/services.\"},{\"lang\":\"es\",\"value\":\"Apache Axis en versiones 1.x hasta la 1.4 (incluida) es vulnerable a un ataque de Cross-Site Scripting (XSS) en el servlet/services por defecto.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":6.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":2.7}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:P/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:axis:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.0\",\"versionEndIncluding\":\"1.4\",\"matchCriteriaId\":\"5114D26C-501B-4F51-B12C-D8A4537BEC80\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:agile_engineering_data_management:6.2.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80C9DBB8-3D50-4D5D-859A-B022EB7C2E64\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:agile_product_lifecycle_management:9.3.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F8C893E4-1D3A-4687-BE5A-D26FFEBCCC78\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:application_testing_suite:13.2.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"10F17843-32EA-4C31-B65C-F424447BEF7B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A125E817-F974-4509-872C-B71933F42AD1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:big_data_discovery:1.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C4C38FF-B75B-4DF1-BFB3-C91BDD10D90E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_asap_cartridges:7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D4CE3535-FC9D-4FB2-8739-19E7477B07FF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_asap_cartridges:7.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"58A06A98-0374-4B56-9045-D939F30BF479\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_design_studio:7.3.4.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"313F42E5-1BBB-4773-A153-B114C3FDF701\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_design_studio:7.3.5.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AC75FE72-6C3F-428E-9C9A-60982455238B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_design_studio:7.4.0.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B370B017-2E3B-438B-86B9-EEF70E3A5D3A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_design_studio:7.4.1.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"63C81E5E-3C53-4731-96C3-0F5767874B11\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_element_manager:8.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED5503EC-63B6-47EB-AE37-14DD317DDDD8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_element_manager:8.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A99F85F8-F374-48B0-9534-BB9C07AFE76E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0C57FD3A-0CC1-4BA9-879A-8C4A40234162\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"698FB6D0-B26F-4760-9B9B-1C65FBFF2126\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_network_integrity:7.3.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB92D8A7-2ABD-4B70-A32C-4B6B866C5B8B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_network_integrity:7.3.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B21E6EEF-2AB7-4E96-B092-1F49D11B4175\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_order_and_service_management:7.3.0.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB472856-38AB-4062-B752-E204B177DE72\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_order_and_service_management:7.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F015E20-7886-4713-B4EC-FE7894066D09\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_session_report_manager:8.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7DDF6809-53A7-4F7D-9FA8-B522BE8F7A21\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_session_report_manager:8.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AA86A15F-FAB8-4DF5-95AC-DA3D1CF7A720\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB43DFD4-D058-4001-BD19-488E059F4532\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"086E2E5C-44EB-4C07-B298-C04189533996\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_session_route_manager:8.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B042935-BC42-4CA8-9379-7F0F894F9653\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_session_route_manager:8.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B374F86-4EC8-4797-A8C3-5C1FF1DFC9F8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5682DAEB-3810-4541-833A-568C868BCE0B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"01BC9AED-F81D-4344-AD97-EEF19B6EA8C7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:endeca_information_discovery_studio:3.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D03A8C9-35A5-4B75-9711-7A4A60457307\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:enterprise_manager_base_platform:12.1.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36E39918-B2D6-43F0-A607-8FD8BFF6F340\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:enterprise_manager_base_platform:13.3.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7582B307-3899-4BBB-B868-BC912A4D0109\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:enterprise_manager_for_fusion_middleware:12.1.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"14480702-4398-4C28-82A6-E7329FB3B650\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.3.3\",\"versionEndIncluding\":\"7.3.5\",\"matchCriteriaId\":\"B5BC32AA-78BE-468B-B92A-5A0FFFA970FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.0.0\",\"versionEndIncluding\":\"8.0.8\",\"matchCriteriaId\":\"F6E8C634-FC3E-418F-8D7D-B71E1A3E2DBE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_compliance_regulatory_reporting:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.0.6\",\"versionEndIncluding\":\"8.0.8\",\"matchCriteriaId\":\"1DDD1A52-5794-4837-847C-E5F073330774\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.0.2\",\"versionEndIncluding\":\"8.0.7\",\"matchCriteriaId\":\"547D042E-51DE-430D-B4BA-F0698646BC80\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:flexcube_core_banking:11.7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"87416B3B-3B2B-486B-B931-19199EF07000\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:flexcube_core_banking:11.8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1102B6BC-D99E-4AC0-9375-FB8517A4A71F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:flexcube_core_banking:11.9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D22386C-FEC4-4984-8E2A-8FE4796BEFBE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:flexcube_core_banking:11.10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B283B614-9E31-4148-8688-B0672B3A77B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:flexcube_private_banking:12.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6762F207-93C7-4363-B2F9-7A7C6F8AF993\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:flexcube_private_banking:12.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B74B912-152D-4F38-9FC1-741D6D0B27FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:hospitality_guest_access:4.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A3DC116-2844-47A1-BEC2-D0675DD97148\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:hospitality_guest_access:4.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0F1DF3E-0F2D-4EFC-9A3E-F72149C8AE94\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"82EA4BA7-C38B-4AF3-8914-9E3D089EBDD4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B9C9BC66-FA5F-4774-9BDA-7AB88E2839C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F69B9A5-F21B-4904-9F27-95C0F7A628E3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:internet_directory:12.2.1.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"68F2A706-3250-4026-9498-CB4B38B23CEC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:internet_directory:12.2.1.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7360EC9B-814F-4FF5-AA9D-9E55A380B2C5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:knowledge:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.6.0\",\"versionEndIncluding\":\"8.6.3\",\"matchCriteriaId\":\"9E587602-BA7D-4087-BE29-ACE0B01BD590\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:peoplesoft_enterprise_human_capital_management_human_resources:9.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"344A3A9E-3113-4096-B9F8-CA0AD705242B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0A735B4-4F3C-416B-8C08-9CB21BAD2889\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E1E416B-920B-49A0-9523-382898C2979D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D9DB4A14-2EF5-4B54-95D2-75E6CF9AA0A9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:policy_automation_connector_for_siebel:10.4.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0DB5E2C7-9C68-4D3B-95AD-9CBF65DE1E94\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_gateway:16.2.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1DFB9704-6B99-4113-8537-E4AE0F791B86\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_gateway:17.12.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F5647E5-B051-41A6-B186-3584C725908B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"17.7\",\"versionEndIncluding\":\"17.12\",\"matchCriteriaId\":\"08FA59A8-6A62-4B33-8952-D6E658F8DAC9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_unifier:16.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D55A54FD-7DD1-49CD-BE81-0BE73990943C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_unifier:16.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"82EB08C0-2D46-4635-88DF-E54F6452D3A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"202AD518-2E9B-4062-B063-9858AE1F9CE2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"10864586-270E-4ACF-BDCC-ECFCD299305F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:rapid_planning:12.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"19A0F1AF-F2E6-44E7-8E2D-190E103B72D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:rapid_planning:12.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D53690D-3390-4A27-988A-709CD89DD05B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:real-time_decision_server:3.2.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DD2288B1-FF5E-46BC-8551-4CC6B046A0D0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_order_broker:15.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE8CF045-09BB-4069-BCEC-496D5AE3B780\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_order_broker:16.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"38E74E68-7F19-4EF3-AC00-3C249EAAA39E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_order_broker:18.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0783F0D1-8FAC-4BCA-A6F5-C5C60E86D56D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A0ED83E3-E6BF-4EAA-AF8F-33485A88A218\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:secure_global_desktop:5.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5265C91-FF5C-4451-A7C2-D388A65ACFA2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:secure_global_desktop:5.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2B933E8-DBC4-4443-B837-BA8BAF8CC249\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:siebel_ui_framework:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"21.0\",\"matchCriteriaId\":\"EAC9E8DC-5139-4420-9BD6-0B5F2FA3150E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:tuxedo:12.1.1.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"92A6A7BA-CCE6-426F-8434-7A578A245180\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:tuxedo:12.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BBC28867-E828-4ABC-BE7B-3E5C2E826879\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D6A4F71A-4269-40FC-8F61-1D1301F2B728\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]}],\"references\":[{\"url\":\"http://mail-archives.apache.org/mod_mbox/axis-java-dev/201807.mbox/%3CJIRA.13170716.1531060536000.93536.1531060560060%40Atlassian.JIRA%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://issues.apache.org/jira/browse/AXIS-2924\",\"source\":\"security@apache.org\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/3b89bc9e9d055db7eba8835ff6501f3f5db99d2a0928ec0be9b1d17b%40%3Cjava-dev.axis.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/d06ed5e4eeb77d00e8d594ec01ee8ee1cba173a01ac4b18f1579d041%40%3Cjava-dev.axis.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/11/msg00015.html\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20240621-0006/\",\"source\":\"security@apache.org\"},{\"url\":\"https://www.oracle.com/security-alerts/cpuApr2021.html\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2020.html\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2022.html\",\"source\":\"security@apache.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2020.html\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2021.html\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujul2020.html\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujul2022.html\",\"source\":\"security@apache.org\"},{\"url\":\"https://www.oracle.com/security-alerts/cpuoct2021.html\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html\",\"source\":\"security@apache.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://mail-archives.apache.org/mod_mbox/axis-java-dev/201807.mbox/%3CJIRA.13170716.1531060536000.93536.1531060560060%40Atlassian.JIRA%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://issues.apache.org/jira/browse/AXIS-2924\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/3b89bc9e9d055db7eba8835ff6501f3f5db99d2a0928ec0be9b1d17b%40%3Cjava-dev.axis.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/d06ed5e4eeb77d00e8d594ec01ee8ee1cba173a01ac4b18f1579d041%40%3Cjava-dev.axis.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/11/msg00015.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20240621-0006/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.oracle.com/security-alerts/cpuApr2021.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2022.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2021.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujul2020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujul2022.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.oracle.com/security-alerts/cpuoct2021.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.





Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Detection rules are retrieved from Rulezet.