Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2021-28170 (GCVE-0-2021-28170)
Vulnerability from cvelistv5 – Published: 2021-05-26 21:55 – Updated: 2024-08-03 21:40
VLAI
EPSS
Summary
In the Jakarta Expression Language implementation 3.0.3 and earlier, a bug in the ELParserTokenManager enables invalid EL expressions to be evaluated as if they were valid.
Severity
No CVSS data available.
CWE
- CWE-20 - Improper Input Validation
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/eclipse-ee4j/el-ri/issues/155 | x_refsource_CONFIRM |
| https://securitylab.github.com/advisories/GHSL-20… | x_refsource_CONFIRM |
| https://www.oracle.com/security-alerts/cpuapr2022.html | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| The Eclipse Foundation | Jakarta Expression Language Implementation |
Affected:
unspecified , ≤ 3.0.3
(custom)
Unknown: next of 3.0.3 , < unspecified (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T21:40:12.240Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/eclipse-ee4j/el-ri/issues/155"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://securitylab.github.com/advisories/GHSL-2020-021-jakarta-el/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Jakarta Expression Language Implementation",
"vendor": "The Eclipse Foundation",
"versions": [
{
"lessThanOrEqual": "3.0.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unknown",
"version": "next of 3.0.3",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Jakarta Expression Language implementation 3.0.3 and earlier, a bug in the ELParserTokenManager enables invalid EL expressions to be evaluated as if they were valid."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20: Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-19T23:54:35.000Z",
"orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
"shortName": "eclipse"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/eclipse-ee4j/el-ri/issues/155"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://securitylab.github.com/advisories/GHSL-2020-021-jakarta-el/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@eclipse.org",
"ID": "CVE-2021-28170",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Jakarta Expression Language Implementation",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "3.0.3"
},
{
"version_affected": "?\u003e",
"version_value": "3.0.3"
}
]
}
}
]
},
"vendor_name": "The Eclipse Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Jakarta Expression Language implementation 3.0.3 and earlier, a bug in the ELParserTokenManager enables invalid EL expressions to be evaluated as if they were valid."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20: Improper Input Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/eclipse-ee4j/el-ri/issues/155",
"refsource": "CONFIRM",
"url": "https://github.com/eclipse-ee4j/el-ri/issues/155"
},
{
"name": "https://securitylab.github.com/advisories/GHSL-2020-021-jakarta-el/",
"refsource": "CONFIRM",
"url": "https://securitylab.github.com/advisories/GHSL-2020-021-jakarta-el/"
},
{
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
"assignerShortName": "eclipse",
"cveId": "CVE-2021-28170",
"datePublished": "2021-05-26T21:55:09.000Z",
"dateReserved": "2021-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-03T21:40:12.240Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2021-28170",
"date": "2026-05-25",
"epss": "0.00115",
"percentile": "0.29599"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:eclipse:jakarta_expression_language:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"3.0.3\", \"matchCriteriaId\": \"9D4D9319-3396-43B2-8466-D9C40E2D4680\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:quarkus:quarkus:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2.3.0\", \"matchCriteriaId\": \"BB0158D3-CF4B-4355-8F33-D57BFC1C0398\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.14.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4479F76A-4B67-41CC-98C7-C76B81050F8E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"04BCDC24-4A21-473C-8733-0D9CFB38A752\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"In the Jakarta Expression Language implementation 3.0.3 and earlier, a bug in the ELParserTokenManager enables invalid EL expressions to be evaluated as if they were valid.\"}, {\"lang\": \"es\", \"value\": \"En la implementaci\\u00f3n de Jakarta Expression Language versiones 3.0.3 y anteriores, un bug en la funci\\u00f3n ELParserTokenManager permite que las expresiones EL no v\\u00e1lidas sean evaluadas como si fueran v\\u00e1lidas\"}]",
"id": "CVE-2021-28170",
"lastModified": "2024-11-21T05:59:14.993",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N\", \"baseScore\": 5.3, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 1.4}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:P/A:N\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2021-05-26T22:15:07.980",
"references": "[{\"url\": \"https://github.com/eclipse-ee4j/el-ri/issues/155\", \"source\": \"emo@eclipse.org\", \"tags\": [\"Exploit\", \"Issue Tracking\", \"Third Party Advisory\"]}, {\"url\": \"https://securitylab.github.com/advisories/GHSL-2020-021-jakarta-el/\", \"source\": \"emo@eclipse.org\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpuapr2022.html\", \"source\": \"emo@eclipse.org\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/eclipse-ee4j/el-ri/issues/155\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Issue Tracking\", \"Third Party Advisory\"]}, {\"url\": \"https://securitylab.github.com/advisories/GHSL-2020-021-jakarta-el/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpuapr2022.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}]",
"sourceIdentifier": "emo@eclipse.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"emo@eclipse.org\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-20\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-917\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2021-28170\",\"sourceIdentifier\":\"emo@eclipse.org\",\"published\":\"2021-05-26T22:15:07.980\",\"lastModified\":\"2024-11-21T05:59:14.993\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Jakarta Expression Language implementation 3.0.3 and earlier, a bug in the ELParserTokenManager enables invalid EL expressions to be evaluated as if they were valid.\"},{\"lang\":\"es\",\"value\":\"En la implementaci\u00f3n de Jakarta Expression Language versiones 3.0.3 y anteriores, un bug en la funci\u00f3n ELParserTokenManager permite que las expresiones EL no v\u00e1lidas sean evaluadas como si fueran v\u00e1lidas\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:P/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"emo@eclipse.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-917\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:eclipse:jakarta_expression_language:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"3.0.3\",\"matchCriteriaId\":\"9D4D9319-3396-43B2-8466-D9C40E2D4680\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quarkus:quarkus:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.3.0\",\"matchCriteriaId\":\"BB0158D3-CF4B-4355-8F33-D57BFC1C0398\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.14.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4479F76A-4B67-41CC-98C7-C76B81050F8E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"04BCDC24-4A21-473C-8733-0D9CFB38A752\"}]}]}],\"references\":[{\"url\":\"https://github.com/eclipse-ee4j/el-ri/issues/155\",\"source\":\"emo@eclipse.org\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://securitylab.github.com/advisories/GHSL-2020-021-jakarta-el/\",\"source\":\"emo@eclipse.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2022.html\",\"source\":\"emo@eclipse.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/eclipse-ee4j/el-ri/issues/155\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://securitylab.github.com/advisories/GHSL-2020-021-jakarta-el/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2022.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]}]}}"
}
}
CERTFR-2021-AVI-951
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans le noyau Linux de RedHat. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server - AUS 8.4 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server - TUS 8.4 x86_64 | ||
| Red Hat | N/A | Red Hat JBoss Middleware Text-Only Advisories for MIDDLEWARE 1 x86_64 | ||
| SolarWinds | Platform | Red Hat OpenShift Container Platform for Power 4.8 for RHEL 8 ppc64le | ||
| Red Hat | N/A | Red Hat Integration Text-Only Advisories x86_64 | ||
| Red Hat | Red Hat CodeReady Linux Builder | Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.4 ppc64le | ||
| Red Hat | Red Hat CodeReady Linux Builder | Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.4 aarch64 | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.4 ppc64le | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for Real Time for NFV - Telecommunications Update Service 8.4 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.4 s390x | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.4 x86_64 | ||
| Red Hat | N/A | Red Hat Openshift Application Runtimes Text-Only Advisories x86_64 | ||
| Red Hat | Red Hat CodeReady Linux Builder | Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.4 x86_64 | ||
| Red Hat | N/A | Red Hat Integration - Camel K 1 x86_64 | ||
| SolarWinds | Platform | Red Hat OpenShift Container Platform 4.8 for RHEL 8 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4 ppc64le | ||
| Red Hat | N/A | Red Hat Fuse 1 x86_64 | ||
| SolarWinds | Platform | Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.8 for RHEL 8 s390x | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4 aarch64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for Real Time - Telecommunications Update Service 8.4 x86_64 | ||
| Red Hat | N/A | Red Hat JBoss Data Grid Text-Only Advisories x86_64 |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Red Hat Enterprise Linux Server - AUS 8.4 x86_64",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4 x86_64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server - TUS 8.4 x86_64",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat JBoss Middleware Text-Only Advisories for MIDDLEWARE 1 x86_64",
"product": {
"name": "N/A",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat OpenShift Container Platform for Power 4.8 for RHEL 8 ppc64le",
"product": {
"name": "Platform",
"vendor": {
"name": "SolarWinds",
"scada": false
}
}
},
{
"description": "Red Hat Integration Text-Only Advisories x86_64",
"product": {
"name": "N/A",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.4 ppc64le",
"product": {
"name": "Red Hat CodeReady Linux Builder",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.4 aarch64",
"product": {
"name": "Red Hat CodeReady Linux Builder",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.4 ppc64le",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for Real Time for NFV - Telecommunications Update Service 8.4 x86_64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.4 s390x",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.4 x86_64",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Openshift Application Runtimes Text-Only Advisories x86_64",
"product": {
"name": "N/A",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.4 x86_64",
"product": {
"name": "Red Hat CodeReady Linux Builder",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Integration - Camel K 1 x86_64",
"product": {
"name": "N/A",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat OpenShift Container Platform 4.8 for RHEL 8 x86_64",
"product": {
"name": "Platform",
"vendor": {
"name": "SolarWinds",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4 ppc64le",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Fuse 1 x86_64",
"product": {
"name": "N/A",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.8 for RHEL 8 s390x",
"product": {
"name": "Platform",
"vendor": {
"name": "SolarWinds",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4 aarch64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for Real Time - Telecommunications Update Service 8.4 x86_64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat JBoss Data Grid Text-Only Advisories x86_64",
"product": {
"name": "N/A",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2020-27223",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27223"
},
{
"name": "CVE-2020-27218",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27218"
},
{
"name": "CVE-2021-21343",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21343"
},
{
"name": "CVE-2021-29425",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29425"
},
{
"name": "CVE-2021-21409",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21409"
},
{
"name": "CVE-2021-22118",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22118"
},
{
"name": "CVE-2020-2875",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2875"
},
{
"name": "CVE-2021-3536",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3536"
},
{
"name": "CVE-2021-28169",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28169"
},
{
"name": "CVE-2021-21348",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21348"
},
{
"name": "CVE-2020-11988",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11988"
},
{
"name": "CVE-2020-35510",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35510"
},
{
"name": "CVE-2021-45606",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45606"
},
{
"name": "CVE-2020-2934",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2934"
},
{
"name": "CVE-2021-21344",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21344"
},
{
"name": "CVE-2020-26259",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26259"
},
{
"name": "CVE-2021-3597",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3597"
},
{
"name": "CVE-2021-28170",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28170"
},
{
"name": "CVE-2021-21341",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21341"
},
{
"name": "CVE-2020-13949",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13949"
},
{
"name": "CVE-2021-4104",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4104"
},
{
"name": "CVE-2021-3690",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3690"
},
{
"name": "CVE-2020-17521",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-17521"
},
{
"name": "CVE-2021-22696",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22696"
},
{
"name": "CVE-2021-28163",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28163"
},
{
"name": "CVE-2021-37137",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37137"
},
{
"name": "CVE-2020-9488",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9488"
},
{
"name": "CVE-2021-21347",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21347"
},
{
"name": "CVE-2021-27568",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27568"
},
{
"name": "CVE-2020-26217",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26217"
},
{
"name": "CVE-2021-37136",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37136"
},
{
"name": "CVE-2021-23926",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23926"
},
{
"name": "CVE-2019-10744",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10744"
},
{
"name": "CVE-2021-21295",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21295"
},
{
"name": "CVE-2021-21346",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21346"
},
{
"name": "CVE-2021-30468",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30468"
},
{
"name": "CVE-2021-21351",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21351"
},
{
"name": "CVE-2021-21345",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21345"
},
{
"name": "CVE-2020-28491",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28491"
},
{
"name": "CVE-2021-45046",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45046"
},
{
"name": "CVE-2021-37714",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37714"
},
{
"name": "CVE-2019-12415",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12415"
},
{
"name": "CVE-2021-20218",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20218"
},
{
"name": "CVE-2020-27782",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27782"
},
{
"name": "CVE-2021-30129",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30129"
},
{
"name": "CVE-2020-17527",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-17527"
},
{
"name": "CVE-2021-21349",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21349"
},
{
"name": "CVE-2021-44228",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44228"
},
{
"name": "CVE-2020-13943",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13943"
},
{
"name": "CVE-2020-15522",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15522"
},
{
"name": "CVE-2021-28164",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28164"
},
{
"name": "CVE-2020-11987",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11987"
},
{
"name": "CVE-2021-21290",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21290"
},
{
"name": "CVE-2021-21342",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21342"
},
{
"name": "CVE-2021-3629",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3629"
},
{
"name": "CVE-2021-21350",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21350"
},
{
"name": "CVE-2021-34428",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34428"
}
],
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2021:5101 du 14 d\u00e9cembre 2021",
"url": "https://access.redhat.com/errata/RHBA-2021:5101"
}
],
"reference": "CERTFR-2021-AVI-951",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2021-12-15T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de\nRedHat. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service et une\natteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de RedHat",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2021:5130 du 14 d\u00e9cembre 2021",
"url": "https://access.redhat.com/errata/RHSA-2021:5130"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHBA-2021:5114 du 14 d\u00e9cembre 2021",
"url": "https://access.redhat.com/errata/RHBA-2021:5114"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2021:5138 du 14 d\u00e9cembre 2021",
"url": "https://access.redhat.com/errata/RHSA-2021:5138"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2021:5132 du 14 d\u00e9cembre 2021",
"url": "https://access.redhat.com/errata/RHSA-2021:5132"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2021:5126 du 14 d\u00e9cembre 2021",
"url": "https://access.redhat.com/errata/RHSA-2021:5126"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2021:5134 du 14 d\u00e9cembre 2021",
"url": "https://access.redhat.com/errata/RHSA-2021:5134"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2021:5133 du 14 d\u00e9cembre 2021",
"url": "https://access.redhat.com/errata/RHSA-2021:5133"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2021:5108 du 14 d\u00e9cembre 2021",
"url": "https://access.redhat.com/errata/RHSA-2021:5108"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2021:5093 du 14 d\u00e9cembre 2021",
"url": "https://access.redhat.com/errata/RHSA-2021:5093"
}
]
}
CERTFR-2022-AVI-369
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans Oracle WebLogic Server. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Oracle WebLogic Server versions 12.2.1.3.0, 12.2.1.4.0 et 14.1.1.0.0",
"product": {
"name": "Weblogic",
"vendor": {
"name": "Oracle",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-21453",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21453"
},
{
"name": "CVE-2021-28170",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28170"
},
{
"name": "CVE-2022-21441",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21441"
},
{
"name": "CVE-2022-23305",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23305"
},
{
"name": "CVE-2021-41184",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41184"
},
{
"name": "CVE-2022-23437",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23437"
},
{
"name": "CVE-2020-8908",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8908"
}
],
"links": [],
"reference": "CERTFR-2022-AVI-369",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-04-20T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Oracle WebLogic\nServer. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Oracle WebLogic Server",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Oracle verbose cpuapr2022 du 19 avril 2022",
"url": "https://www.oracle.com/security-alerts/cpuapr2022verbose.html#FMW"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Oracle cpuapr2022 du 19 avril 2022",
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html#AppendixFMW"
}
]
}
CERTFR-2021-AVI-951
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans le noyau Linux de RedHat. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server - AUS 8.4 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server - TUS 8.4 x86_64 | ||
| Red Hat | N/A | Red Hat JBoss Middleware Text-Only Advisories for MIDDLEWARE 1 x86_64 | ||
| SolarWinds | Platform | Red Hat OpenShift Container Platform for Power 4.8 for RHEL 8 ppc64le | ||
| Red Hat | N/A | Red Hat Integration Text-Only Advisories x86_64 | ||
| Red Hat | Red Hat CodeReady Linux Builder | Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.4 ppc64le | ||
| Red Hat | Red Hat CodeReady Linux Builder | Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.4 aarch64 | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.4 ppc64le | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for Real Time for NFV - Telecommunications Update Service 8.4 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.4 s390x | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.4 x86_64 | ||
| Red Hat | N/A | Red Hat Openshift Application Runtimes Text-Only Advisories x86_64 | ||
| Red Hat | Red Hat CodeReady Linux Builder | Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.4 x86_64 | ||
| Red Hat | N/A | Red Hat Integration - Camel K 1 x86_64 | ||
| SolarWinds | Platform | Red Hat OpenShift Container Platform 4.8 for RHEL 8 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4 ppc64le | ||
| Red Hat | N/A | Red Hat Fuse 1 x86_64 | ||
| SolarWinds | Platform | Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.8 for RHEL 8 s390x | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4 aarch64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for Real Time - Telecommunications Update Service 8.4 x86_64 | ||
| Red Hat | N/A | Red Hat JBoss Data Grid Text-Only Advisories x86_64 |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Red Hat Enterprise Linux Server - AUS 8.4 x86_64",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4 x86_64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server - TUS 8.4 x86_64",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat JBoss Middleware Text-Only Advisories for MIDDLEWARE 1 x86_64",
"product": {
"name": "N/A",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat OpenShift Container Platform for Power 4.8 for RHEL 8 ppc64le",
"product": {
"name": "Platform",
"vendor": {
"name": "SolarWinds",
"scada": false
}
}
},
{
"description": "Red Hat Integration Text-Only Advisories x86_64",
"product": {
"name": "N/A",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.4 ppc64le",
"product": {
"name": "Red Hat CodeReady Linux Builder",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.4 aarch64",
"product": {
"name": "Red Hat CodeReady Linux Builder",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.4 ppc64le",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for Real Time for NFV - Telecommunications Update Service 8.4 x86_64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.4 s390x",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.4 x86_64",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Openshift Application Runtimes Text-Only Advisories x86_64",
"product": {
"name": "N/A",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.4 x86_64",
"product": {
"name": "Red Hat CodeReady Linux Builder",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Integration - Camel K 1 x86_64",
"product": {
"name": "N/A",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat OpenShift Container Platform 4.8 for RHEL 8 x86_64",
"product": {
"name": "Platform",
"vendor": {
"name": "SolarWinds",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4 ppc64le",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Fuse 1 x86_64",
"product": {
"name": "N/A",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.8 for RHEL 8 s390x",
"product": {
"name": "Platform",
"vendor": {
"name": "SolarWinds",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4 aarch64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for Real Time - Telecommunications Update Service 8.4 x86_64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat JBoss Data Grid Text-Only Advisories x86_64",
"product": {
"name": "N/A",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2020-27223",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27223"
},
{
"name": "CVE-2020-27218",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27218"
},
{
"name": "CVE-2021-21343",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21343"
},
{
"name": "CVE-2021-29425",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29425"
},
{
"name": "CVE-2021-21409",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21409"
},
{
"name": "CVE-2021-22118",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22118"
},
{
"name": "CVE-2020-2875",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2875"
},
{
"name": "CVE-2021-3536",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3536"
},
{
"name": "CVE-2021-28169",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28169"
},
{
"name": "CVE-2021-21348",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21348"
},
{
"name": "CVE-2020-11988",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11988"
},
{
"name": "CVE-2020-35510",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35510"
},
{
"name": "CVE-2021-45606",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45606"
},
{
"name": "CVE-2020-2934",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2934"
},
{
"name": "CVE-2021-21344",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21344"
},
{
"name": "CVE-2020-26259",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26259"
},
{
"name": "CVE-2021-3597",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3597"
},
{
"name": "CVE-2021-28170",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28170"
},
{
"name": "CVE-2021-21341",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21341"
},
{
"name": "CVE-2020-13949",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13949"
},
{
"name": "CVE-2021-4104",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4104"
},
{
"name": "CVE-2021-3690",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3690"
},
{
"name": "CVE-2020-17521",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-17521"
},
{
"name": "CVE-2021-22696",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22696"
},
{
"name": "CVE-2021-28163",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28163"
},
{
"name": "CVE-2021-37137",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37137"
},
{
"name": "CVE-2020-9488",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9488"
},
{
"name": "CVE-2021-21347",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21347"
},
{
"name": "CVE-2021-27568",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27568"
},
{
"name": "CVE-2020-26217",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26217"
},
{
"name": "CVE-2021-37136",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37136"
},
{
"name": "CVE-2021-23926",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23926"
},
{
"name": "CVE-2019-10744",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10744"
},
{
"name": "CVE-2021-21295",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21295"
},
{
"name": "CVE-2021-21346",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21346"
},
{
"name": "CVE-2021-30468",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30468"
},
{
"name": "CVE-2021-21351",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21351"
},
{
"name": "CVE-2021-21345",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21345"
},
{
"name": "CVE-2020-28491",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28491"
},
{
"name": "CVE-2021-45046",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45046"
},
{
"name": "CVE-2021-37714",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37714"
},
{
"name": "CVE-2019-12415",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12415"
},
{
"name": "CVE-2021-20218",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20218"
},
{
"name": "CVE-2020-27782",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27782"
},
{
"name": "CVE-2021-30129",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30129"
},
{
"name": "CVE-2020-17527",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-17527"
},
{
"name": "CVE-2021-21349",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21349"
},
{
"name": "CVE-2021-44228",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44228"
},
{
"name": "CVE-2020-13943",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13943"
},
{
"name": "CVE-2020-15522",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15522"
},
{
"name": "CVE-2021-28164",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28164"
},
{
"name": "CVE-2020-11987",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11987"
},
{
"name": "CVE-2021-21290",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21290"
},
{
"name": "CVE-2021-21342",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21342"
},
{
"name": "CVE-2021-3629",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3629"
},
{
"name": "CVE-2021-21350",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21350"
},
{
"name": "CVE-2021-34428",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34428"
}
],
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2021:5101 du 14 d\u00e9cembre 2021",
"url": "https://access.redhat.com/errata/RHBA-2021:5101"
}
],
"reference": "CERTFR-2021-AVI-951",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2021-12-15T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de\nRedHat. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service et une\natteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de RedHat",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2021:5130 du 14 d\u00e9cembre 2021",
"url": "https://access.redhat.com/errata/RHSA-2021:5130"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHBA-2021:5114 du 14 d\u00e9cembre 2021",
"url": "https://access.redhat.com/errata/RHBA-2021:5114"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2021:5138 du 14 d\u00e9cembre 2021",
"url": "https://access.redhat.com/errata/RHSA-2021:5138"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2021:5132 du 14 d\u00e9cembre 2021",
"url": "https://access.redhat.com/errata/RHSA-2021:5132"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2021:5126 du 14 d\u00e9cembre 2021",
"url": "https://access.redhat.com/errata/RHSA-2021:5126"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2021:5134 du 14 d\u00e9cembre 2021",
"url": "https://access.redhat.com/errata/RHSA-2021:5134"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2021:5133 du 14 d\u00e9cembre 2021",
"url": "https://access.redhat.com/errata/RHSA-2021:5133"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2021:5108 du 14 d\u00e9cembre 2021",
"url": "https://access.redhat.com/errata/RHSA-2021:5108"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2021:5093 du 14 d\u00e9cembre 2021",
"url": "https://access.redhat.com/errata/RHSA-2021:5093"
}
]
}
CERTFR-2022-AVI-369
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans Oracle WebLogic Server. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Oracle WebLogic Server versions 12.2.1.3.0, 12.2.1.4.0 et 14.1.1.0.0",
"product": {
"name": "Weblogic",
"vendor": {
"name": "Oracle",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-21453",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21453"
},
{
"name": "CVE-2021-28170",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28170"
},
{
"name": "CVE-2022-21441",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21441"
},
{
"name": "CVE-2022-23305",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23305"
},
{
"name": "CVE-2021-41184",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41184"
},
{
"name": "CVE-2022-23437",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23437"
},
{
"name": "CVE-2020-8908",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8908"
}
],
"links": [],
"reference": "CERTFR-2022-AVI-369",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-04-20T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Oracle WebLogic\nServer. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Oracle WebLogic Server",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Oracle verbose cpuapr2022 du 19 avril 2022",
"url": "https://www.oracle.com/security-alerts/cpuapr2022verbose.html#FMW"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Oracle cpuapr2022 du 19 avril 2022",
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html#AppendixFMW"
}
]
}
BDU:2021-04679
Vulnerability from fstec - Published: 14.04.2020
VLAI
Title
Уязвимость функции ELParserTokenManager языка программирования Jakarta EL, связанная с недостаточной проверкой вводимых данных, позволяющая нарушителю оказать воздействие на целостность данных
Description
Уязвимость функции ELParserTokenManager языка программирования Jakarta EL связана с некорректным определением достоверности EL выражений. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, оказать воздействие на целостность данных
Severity
Vendor
Сообщество свободного программного обеспечения, Eclipse Foundation
Software Name
Debian GNU/Linux, Jakarta EL
Software Version
9 (Debian GNU/Linux), 8 (Debian GNU/Linux), 10 (Debian GNU/Linux), до 3.0.3 включительно (Jakarta EL)
Possible Mitigations
Для Jakarta EL:
использование рекомендаций производителя: https://github.com/eclipse-ee4j/el-ri/issues/155
Для ОС Debian:
использование рекомендаций производителя: https://security-tracker.debian.org/tracker/CVE-2021-28170
Reference
https://github.com/eclipse-ee4j/el-ri/issues/155
https://nvd.nist.gov/vuln/detail/CVE-2021-28170
https://securitylab.github.com/advisories/GHSL-2020-021-jakarta-el/
https://security-tracker.debian.org/tracker/CVE-2021-28170
CWE
CWE-20
{
"CVSS 2.0": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"CVSS 3.0": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, Eclipse Foundation",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "9 (Debian GNU/Linux), 8 (Debian GNU/Linux), 10 (Debian GNU/Linux), \u0434\u043e 3.0.3 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Jakarta EL)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0414\u043b\u044f Jakarta EL:\n\u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://github.com/eclipse-ee4j/el-ri/issues/155\n\n\u0414\u043b\u044f \u041e\u0421 Debian:\n\u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://security-tracker.debian.org/tracker/CVE-2021-28170",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "14.04.2020",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "20.09.2021",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "20.09.2021",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2021-04679",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2021-28170",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Debian GNU/Linux, Jakarta EL",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 9 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 8 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 10 ",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 ELParserTokenManager \u044f\u0437\u044b\u043a\u0430 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f Jakarta EL, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u043e\u0439 \u0432\u0432\u043e\u0434\u0438\u043c\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043e\u043a\u0430\u0437\u0430\u0442\u044c \u0432\u043e\u0437\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0435 \u043d\u0430 \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u0445",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0421\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u0435",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u0430\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u0432\u0432\u043e\u0434\u0438\u043c\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 (CWE-20)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 ELParserTokenManager \u044f\u0437\u044b\u043a\u0430 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f Jakarta EL \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u044b\u043c \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u0438\u0435\u043c \u0434\u043e\u0441\u0442\u043e\u0432\u0435\u0440\u043d\u043e\u0441\u0442\u0438 EL \u0432\u044b\u0440\u0430\u0436\u0435\u043d\u0438\u0439. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u043e\u043a\u0430\u0437\u0430\u0442\u044c \u0432\u043e\u0437\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0435 \u043d\u0430 \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u0445",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c\u0438",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://github.com/eclipse-ee4j/el-ri/issues/155\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-28170\nhttps://securitylab.github.com/advisories/GHSL-2020-021-jakarta-el/\nhttps://security-tracker.debian.org/tracker/CVE-2021-28170",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-20",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5,3)"
}
FKIE_CVE-2021-28170
Vulnerability from fkie_nvd - Published: 2021-05-26 22:15 - Updated: 2024-11-21 05:59
Severity
Summary
In the Jakarta Expression Language implementation 3.0.3 and earlier, a bug in the ELParserTokenManager enables invalid EL expressions to be evaluated as if they were valid.
References
| URL | Tags | ||
|---|---|---|---|
| emo@eclipse.org | https://github.com/eclipse-ee4j/el-ri/issues/155 | Exploit, Issue Tracking, Third Party Advisory | |
| emo@eclipse.org | https://securitylab.github.com/advisories/GHSL-2020-021-jakarta-el/ | Exploit, Third Party Advisory | |
| emo@eclipse.org | https://www.oracle.com/security-alerts/cpuapr2022.html | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/eclipse-ee4j/el-ri/issues/155 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://securitylab.github.com/advisories/GHSL-2020-021-jakarta-el/ | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com/security-alerts/cpuapr2022.html | Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| eclipse | jakarta_expression_language | * | |
| quarkus | quarkus | * | |
| oracle | communications_cloud_native_core_policy | 1.14.0 | |
| oracle | weblogic_server | 14.1.1.0.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eclipse:jakarta_expression_language:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9D4D9319-3396-43B2-8466-D9C40E2D4680",
"versionEndIncluding": "3.0.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:quarkus:quarkus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BB0158D3-CF4B-4355-8F33-D57BFC1C0398",
"versionEndExcluding": "2.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.14.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4479F76A-4B67-41CC-98C7-C76B81050F8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "04BCDC24-4A21-473C-8733-0D9CFB38A752",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Jakarta Expression Language implementation 3.0.3 and earlier, a bug in the ELParserTokenManager enables invalid EL expressions to be evaluated as if they were valid."
},
{
"lang": "es",
"value": "En la implementaci\u00f3n de Jakarta Expression Language versiones 3.0.3 y anteriores, un bug en la funci\u00f3n ELParserTokenManager permite que las expresiones EL no v\u00e1lidas sean evaluadas como si fueran v\u00e1lidas"
}
],
"id": "CVE-2021-28170",
"lastModified": "2024-11-21T05:59:14.993",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-05-26T22:15:07.980",
"references": [
{
"source": "emo@eclipse.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/eclipse-ee4j/el-ri/issues/155"
},
{
"source": "emo@eclipse.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://securitylab.github.com/advisories/GHSL-2020-021-jakarta-el/"
},
{
"source": "emo@eclipse.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/eclipse-ee4j/el-ri/issues/155"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://securitylab.github.com/advisories/GHSL-2020-021-jakarta-el/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
],
"sourceIdentifier": "emo@eclipse.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "emo@eclipse.org",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-917"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-V6W3-2PRQ-H95F
Vulnerability from github – Published: 2021-10-06 17:48 – Updated: 2025-07-01 16:13
VLAI
Summary
Improper Input Validation in Jakarta Expression Language
Details
In the Jakarta Expression Language implementation 3.0.3 and earlier, a bug in the ELParserTokenManager enables invalid EL expressions to be evaluated as if they were valid.
Severity
5.3 (Medium)
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "com.sun.el:el-ri"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.0.4"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.glassfish:jakarta.el"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.0.4"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.glassfish:javax.el"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "3.0.1-b12"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2021-28170"
],
"database_specific": {
"cwe_ids": [
"CWE-20",
"CWE-917"
],
"github_reviewed": true,
"github_reviewed_at": "2021-10-06T13:31:54Z",
"nvd_published_at": "2021-05-26T22:15:00Z",
"severity": "MODERATE"
},
"details": "In the Jakarta Expression Language implementation 3.0.3 and earlier, a bug in the ELParserTokenManager enables invalid EL expressions to be evaluated as if they were valid.",
"id": "GHSA-v6w3-2prq-h95f",
"modified": "2025-07-01T16:13:50Z",
"published": "2021-10-06T17:48:38Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28170"
},
{
"type": "WEB",
"url": "https://github.com/eclipse-ee4j/el-ri/issues/155"
},
{
"type": "WEB",
"url": "https://github.com/eclipse-ee4j/el-ri/pull/160/commits/b6a3943ac5fba71cbc6719f092e319caa747855b"
},
{
"type": "PACKAGE",
"url": "https://github.com/eclipse-ee4j/el-ri"
},
{
"type": "WEB",
"url": "https://security.snyk.io/vuln/SNYK-JAVA-ORGGLASSFISH-1297098"
},
{
"type": "WEB",
"url": "https://security.snyk.io/vuln/SNYK-JAVA-ORGGLASSFISH-2841368"
},
{
"type": "ADVISORY",
"url": "https://securitylab.github.com/advisories/GHSL-2020-021-jakarta-el"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"type": "CVSS_V3"
}
],
"summary": "Improper Input Validation in Jakarta Expression Language"
}
GSD-2021-28170
Vulnerability from gsd - Updated: 2023-12-13 01:23Details
In the Jakarta Expression Language implementation 3.0.3 and earlier, a bug in the ELParserTokenManager enables invalid EL expressions to be evaluated as if they were valid.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2021-28170",
"description": "In the Jakarta Expression Language implementation 3.0.3 and earlier, a bug in the ELParserTokenManager enables invalid EL expressions to be evaluated as if they were valid.",
"id": "GSD-2021-28170",
"references": [
"https://access.redhat.com/errata/RHSA-2022:0589",
"https://access.redhat.com/errata/RHSA-2021:5134",
"https://access.redhat.com/errata/RHSA-2021:3660",
"https://access.redhat.com/errata/RHSA-2021:3658",
"https://access.redhat.com/errata/RHSA-2021:3656",
"https://access.redhat.com/errata/RHSA-2021:3534",
"https://access.redhat.com/errata/RHSA-2021:3516",
"https://access.redhat.com/errata/RHSA-2021:3471",
"https://access.redhat.com/errata/RHSA-2021:3468",
"https://access.redhat.com/errata/RHSA-2021:3467",
"https://access.redhat.com/errata/RHSA-2021:3466",
"https://access.redhat.com/errata/RHSA-2022:1013",
"https://access.redhat.com/errata/RHSA-2022:1029"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2021-28170"
],
"details": "In the Jakarta Expression Language implementation 3.0.3 and earlier, a bug in the ELParserTokenManager enables invalid EL expressions to be evaluated as if they were valid.",
"id": "GSD-2021-28170",
"modified": "2023-12-13T01:23:29.549202Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "security@eclipse.org",
"ID": "CVE-2021-28170",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Jakarta Expression Language Implementation",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "3.0.3"
},
{
"version_affected": "?\u003e",
"version_value": "3.0.3"
}
]
}
}
]
},
"vendor_name": "The Eclipse Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Jakarta Expression Language implementation 3.0.3 and earlier, a bug in the ELParserTokenManager enables invalid EL expressions to be evaluated as if they were valid."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20: Improper Input Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/eclipse-ee4j/el-ri/issues/155",
"refsource": "CONFIRM",
"url": "https://github.com/eclipse-ee4j/el-ri/issues/155"
},
{
"name": "https://securitylab.github.com/advisories/GHSL-2020-021-jakarta-el/",
"refsource": "CONFIRM",
"url": "https://securitylab.github.com/advisories/GHSL-2020-021-jakarta-el/"
},
{
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
}
},
"gitlab.com": {
"advisories": [
{
"affected_range": "(,3.0.4)",
"affected_versions": "All versions before 3.0.4",
"cvss_v2": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"cwe_ids": [
"CWE-1035",
"CWE-20",
"CWE-937"
],
"date": "2021-10-06",
"description": "In the Jakarta Expression Language implementation 3.0.3 and earlier, a bug in the ELParserTokenManager enables invalid EL expressions to be evaluated as if they were valid.",
"fixed_versions": [
"3.0.4"
],
"identifier": "CVE-2021-28170",
"identifiers": [
"GHSA-v6w3-2prq-h95f",
"CVE-2021-28170"
],
"not_impacted": "All versions starting from 3.0.4",
"package_slug": "maven/com.sun.el/el-ri",
"pubdate": "2021-10-06",
"solution": "Upgrade to version 3.0.4 or above.",
"title": "Improper Input Validation",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2021-28170",
"https://github.com/eclipse-ee4j/el-ri/issues/155",
"https://github.com/eclipse-ee4j/el-ri/pull/160/commits/b6a3943ac5fba71cbc6719f092e319caa747855b",
"https://securitylab.github.com/advisories/GHSL-2020-021-jakarta-el/",
"https://github.com/advisories/GHSA-v6w3-2prq-h95f"
],
"uuid": "3e42295f-ceff-4a66-a9d7-912daf5c9b60"
},
{
"affected_range": "(,3.0.3]",
"affected_versions": "All versions up to 3.0.3",
"cvss_v2": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"cwe_ids": [
"CWE-1035",
"CWE-917",
"CWE-937"
],
"date": "2022-04-25",
"description": "In the Jakarta Expression Language implementation, a bug in the ELParserTokenManager enables invalid EL expressions to be evaluated as if they were valid.",
"fixed_versions": [],
"identifier": "CVE-2021-28170",
"identifiers": [
"CVE-2021-28170"
],
"not_impacted": "",
"package_slug": "maven/org.eclipse.ee4j/project",
"pubdate": "2021-05-26",
"solution": "Unfortunately, there is no solution available yet.",
"title": "Improper Input Validation",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2021-28170",
"https://github.com/eclipse-ee4j/el-ri/issues/155"
],
"uuid": "4272d16a-3995-4d11-829f-51d7dc0509c5"
},
{
"affected_range": "(,3.0.3]",
"affected_versions": "All versions up to 3.0.3",
"cvss_v2": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"cwe_ids": [
"CWE-1035",
"CWE-20",
"CWE-937"
],
"date": "2021-06-10",
"description": "In the Jakarta Expression Language implementation, a bug in the ELParserTokenManager enables invalid EL expressions to be evaluated as if they were valid.",
"fixed_versions": [],
"identifier": "CVE-2021-28170",
"identifiers": [
"CVE-2021-28170"
],
"not_impacted": "",
"package_slug": "maven/org.glassfish/jakarta.el",
"pubdate": "2021-05-26",
"solution": "Unfortunately, there is no solution available yet.",
"title": "Improper Input Validation",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2021-28170",
"https://github.com/eclipse-ee4j/el-ri/issues/155"
],
"uuid": "9e30ca5e-02ea-4e5e-a253-4f020dff43a9"
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:eclipse:jakarta_expression_language:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.0.3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:quarkus:quarkus:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.3.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.14.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "security@eclipse.org",
"ID": "CVE-2021-28170"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "In the Jakarta Expression Language implementation 3.0.3 and earlier, a bug in the ELParserTokenManager enables invalid EL expressions to be evaluated as if they were valid."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-917"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/eclipse-ee4j/el-ri/issues/155",
"refsource": "CONFIRM",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/eclipse-ee4j/el-ri/issues/155"
},
{
"name": "https://securitylab.github.com/advisories/GHSL-2020-021-jakarta-el/",
"refsource": "CONFIRM",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://securitylab.github.com/advisories/GHSL-2020-021-jakarta-el/"
},
{
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
},
"lastModifiedDate": "2022-04-25T20:15Z",
"publishedDate": "2021-05-26T22:15Z"
}
}
}
NCSC-2024-0413
Vulnerability from csaf_ncscnl - Published: 2024-10-17 13:17 - Updated: 2024-10-17 13:17Summary
Kwetsbaarheden verholpen in Oracle Commerce
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten: Oracle heeft kwetsbaarheden verholpen in Commerce.
Interpretaties: Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:
- Denial-of-Service (DoS)
- Manipuleren van data
- Toegang tot gevoelige gegevens
- Uitvoer van willekeurige code (Gebruikersrechten)
- Uitvoer van willekeurige code (Administratorrechten)
Oplossingen: Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans: medium
Schade: high
CWE-755: Improper Handling of Exceptional Conditions
CWE-917: Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')
CWE-552: Files or Directories Accessible to External Parties
CWE-404: Improper Resource Shutdown or Release
CWE-94: Improper Control of Generation of Code ('Code Injection')
CWE-400: Uncontrolled Resource Consumption
CWE-770: Allocation of Resources Without Limits or Throttling
CWE-611: Improper Restriction of XML External Entity Reference
CWE-20: Improper Input Validation
7.5 (High)
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
commerce_guided_search
oracle
|
cpe:2.3:a:oracle:commerce_guided_search:11.3.2:*:*:*:*:*:*:*
|
— | |
|
commerce_platform
oracle
|
cpe:2.3:a:oracle:commerce_platform:11.3.0:*:*:*:*:*:*:*
|
— | |
|
commerce_platform
oracle
|
cpe:2.3:a:oracle:commerce_platform:11.3.1:*:*:*:*:*:*:*
|
— | |
|
commerce_platform
oracle
|
cpe:2.3:a:oracle:commerce_platform:11.3.2:*:*:*:*:*:*:*
|
— | |
|
commerce
oracle
|
cpe:2.3:a:oracle:commerce:11.3.0:*:*:*:*:*:*:*
|
— | |
|
commerce
oracle
|
cpe:2.3:a:oracle:commerce:11.3.1:*:*:*:*:*:*:*
|
— | |
|
commerce
oracle
|
cpe:2.3:a:oracle:commerce:11.3.2:*:*:*:*:*:*:*
|
— | |
|
commerce
oracle
|
cpe:2.3:a:oracle:commerce:11.4.0:*:*:*:*:*:*:*
|
— |
5.3 (Medium)
Affected products
Known affected
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
commerce_guided_search
oracle
|
cpe:2.3:a:oracle:commerce_guided_search:11.3.2:*:*:*:*:*:*:*
|
— | |
|
commerce_platform
oracle
|
cpe:2.3:a:oracle:commerce_platform:11.3.0:*:*:*:*:*:*:*
|
— | |
|
commerce_platform
oracle
|
cpe:2.3:a:oracle:commerce_platform:11.3.1:*:*:*:*:*:*:*
|
— | |
|
commerce_platform
oracle
|
cpe:2.3:a:oracle:commerce_platform:11.3.2:*:*:*:*:*:*:*
|
— | |
|
commerce_platform
oracle
|
cpe:2.3:a:oracle:commerce_platform:*:*:*:*:*:*:*:*
|
— | |
|
oracle_commerce_guided_search
oracle
|
cpe:2.3:a:oracle:oracle_commerce_guided_search:*:*:*:*:*:*:*:*
|
— | |
|
commerce
oracle
|
cpe:2.3:a:oracle:commerce:11.3.0:*:*:*:*:*:*:*
|
— | |
|
commerce
oracle
|
cpe:2.3:a:oracle:commerce:11.3.1:*:*:*:*:*:*:*
|
— | |
|
commerce
oracle
|
cpe:2.3:a:oracle:commerce:11.3.2:*:*:*:*:*:*:*
|
— | |
|
commerce
oracle
|
cpe:2.3:a:oracle:commerce:11.4.0:*:*:*:*:*:*:*
|
— |
7.2 (High)
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
commerce_guided_search
oracle
|
cpe:2.3:a:oracle:commerce_guided_search:11.3.2:*:*:*:*:*:*:*
|
— | |
|
commerce_platform
oracle
|
cpe:2.3:a:oracle:commerce_platform:11.3.1:*:*:*:*:*:*:*
|
— | |
|
commerce_platform
oracle
|
cpe:2.3:a:oracle:commerce_platform:11.3.2:*:*:*:*:*:*:*
|
— | |
|
commerce_platform
oracle
|
cpe:2.3:a:oracle:commerce_platform:11.3.0:*:*:*:*:*:*:*
|
— | |
|
commerce
oracle
|
cpe:2.3:a:oracle:commerce:11.3.0:*:*:*:*:*:*:*
|
— | |
|
commerce
oracle
|
cpe:2.3:a:oracle:commerce:11.3.1:*:*:*:*:*:*:*
|
— | |
|
commerce
oracle
|
cpe:2.3:a:oracle:commerce:11.3.2:*:*:*:*:*:*:*
|
— | |
|
commerce
oracle
|
cpe:2.3:a:oracle:commerce:11.4.0:*:*:*:*:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
commerce_guided_search
oracle
|
cpe:2.3:a:oracle:commerce_guided_search:11.3.2:*:*:*:*:*:*:*
|
— | |
|
commerce_platform
oracle
|
cpe:2.3:a:oracle:commerce_platform:11.3.0:*:*:*:*:*:*:*
|
— | |
|
commerce_platform
oracle
|
cpe:2.3:a:oracle:commerce_platform:11.3.1:*:*:*:*:*:*:*
|
— | |
|
commerce_platform
oracle
|
cpe:2.3:a:oracle:commerce_platform:11.3.2:*:*:*:*:*:*:*
|
— | |
|
commerce
oracle
|
cpe:2.3:a:oracle:commerce:11.3.0:*:*:*:*:*:*:*
|
— | |
|
commerce
oracle
|
cpe:2.3:a:oracle:commerce:11.3.1:*:*:*:*:*:*:*
|
— | |
|
commerce
oracle
|
cpe:2.3:a:oracle:commerce:11.3.2:*:*:*:*:*:*:*
|
— | |
|
commerce
oracle
|
cpe:2.3:a:oracle:commerce:11.4.0:*:*:*:*:*:*:*
|
— |
9.8 (Critical)
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
commerce_guided_search
oracle
|
cpe:2.3:a:oracle:commerce_guided_search:11.3.2:*:*:*:*:*:*:*
|
— | |
|
commerce_platform
oracle
|
cpe:2.3:a:oracle:commerce_platform:11.3.2:*:*:*:*:*:*:*
|
— | |
|
commerce
oracle
|
cpe:2.3:a:oracle:commerce:11.3.0:*:*:*:*:*:*:*
|
— | |
|
commerce
oracle
|
cpe:2.3:a:oracle:commerce:11.3.1:*:*:*:*:*:*:*
|
— | |
|
commerce
oracle
|
cpe:2.3:a:oracle:commerce:11.3.2:*:*:*:*:*:*:*
|
— | |
|
commerce
oracle
|
cpe:2.3:a:oracle:commerce:11.4.0:*:*:*:*:*:*:*
|
— | |
|
commerce_platform
oracle
|
cpe:2.3:a:oracle:commerce_platform:11.3.0:*:*:*:*:*:*:*
|
— | |
|
commerce_platform
oracle
|
cpe:2.3:a:oracle:commerce_platform:11.3.1:*:*:*:*:*:*:*
|
— |
7.1 (High)
Affected products
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
oracle_commerce_guided_search
oracle
|
cpe:2.3:a:oracle:oracle_commerce_guided_search:*:*:*:*:*:*:*:*
|
— | |
|
commerce_platform
oracle
|
cpe:2.3:a:oracle:commerce_platform:11.3.2:*:*:*:*:*:*:*
|
— | |
|
commerce
oracle
|
cpe:2.3:a:oracle:commerce:11.3.0:*:*:*:*:*:*:*
|
— | |
|
commerce
oracle
|
cpe:2.3:a:oracle:commerce:11.3.1:*:*:*:*:*:*:*
|
— | |
|
commerce
oracle
|
cpe:2.3:a:oracle:commerce:11.3.2:*:*:*:*:*:*:*
|
— | |
|
commerce
oracle
|
cpe:2.3:a:oracle:commerce:11.4.0:*:*:*:*:*:*:*
|
— | |
|
commerce_platform
oracle
|
cpe:2.3:a:oracle:commerce_platform:11.3.0:*:*:*:*:*:*:*
|
— | |
|
commerce_platform
oracle
|
cpe:2.3:a:oracle:commerce_platform:11.3.1:*:*:*:*:*:*:*
|
— | |
|
commerce_guided_search
oracle
|
cpe:2.3:a:oracle:commerce_guided_search:11.3.2:*:*:*:*:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
oracle_commerce_platform
oracle
|
cpe:2.3:a:oracle:oracle_commerce_platform:*:*:*:*:*:*:*:*
|
— | |
|
oracle_commerce_guided_search
oracle
|
cpe:2.3:a:oracle:oracle_commerce_guided_search:*:*:*:*:*:*:*:*
|
— | |
|
commerce
oracle
|
cpe:2.3:a:oracle:commerce:11.3.0:*:*:*:*:*:*:*
|
— | |
|
commerce
oracle
|
cpe:2.3:a:oracle:commerce:11.3.1:*:*:*:*:*:*:*
|
— | |
|
commerce
oracle
|
cpe:2.3:a:oracle:commerce:11.3.2:*:*:*:*:*:*:*
|
— | |
|
commerce
oracle
|
cpe:2.3:a:oracle:commerce:11.4.0:*:*:*:*:*:*:*
|
— | |
|
commerce_guided_search
oracle
|
cpe:2.3:a:oracle:commerce_guided_search:11.3.2:*:*:*:*:*:*:*
|
— | |
|
commerce_platform
oracle
|
cpe:2.3:a:oracle:commerce_platform:11.3.2:*:*:*:*:*:*:*
|
— | |
|
commerce_platform
oracle
|
cpe:2.3:a:oracle:commerce_platform:11.3.0:*:*:*:*:*:*:*
|
— | |
|
commerce_platform
oracle
|
cpe:2.3:a:oracle:commerce_platform:11.3.1:*:*:*:*:*:*:*
|
— |
5.9 (Medium)
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
commerce
oracle
|
cpe:2.3:a:oracle:commerce:11.3.0:*:*:*:*:*:*:*
|
— | |
|
commerce
oracle
|
cpe:2.3:a:oracle:commerce:11.3.1:*:*:*:*:*:*:*
|
— | |
|
commerce
oracle
|
cpe:2.3:a:oracle:commerce:11.3.2:*:*:*:*:*:*:*
|
— | |
|
commerce
oracle
|
cpe:2.3:a:oracle:commerce:11.4.0:*:*:*:*:*:*:*
|
— | |
|
commerce_guided_search
oracle
|
cpe:2.3:a:oracle:commerce_guided_search:11.3.2:*:*:*:*:*:*:*
|
— | |
|
commerce_platform
oracle
|
cpe:2.3:a:oracle:commerce_platform:11.3.2:*:*:*:*:*:*:*
|
— | |
|
commerce_platform
oracle
|
cpe:2.3:a:oracle:commerce_platform:11.3.0:*:*:*:*:*:*:*
|
— | |
|
commerce_platform
oracle
|
cpe:2.3:a:oracle:commerce_platform:11.3.1:*:*:*:*:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
commerce_guided_search
oracle
|
cpe:2.3:a:oracle:commerce_guided_search:11.4.0:*:*:*:*:*:*:*
|
— | |
|
commerce_guided_search
oracle
|
cpe:2.3:a:oracle:commerce_guided_search:11.3.2:*:*:*:*:*:*:*
|
— | |
|
commerce
oracle
|
cpe:2.3:a:oracle:commerce:11.3.0:*:*:*:*:*:*:*
|
— | |
|
commerce
oracle
|
cpe:2.3:a:oracle:commerce:11.3.1:*:*:*:*:*:*:*
|
— | |
|
commerce
oracle
|
cpe:2.3:a:oracle:commerce:11.3.2:*:*:*:*:*:*:*
|
— | |
|
commerce
oracle
|
cpe:2.3:a:oracle:commerce:11.4.0:*:*:*:*:*:*:*
|
— |
References
10 references
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "Oracle heeft kwetsbaarheden verholpen in Commerce.",
"title": "Feiten"
},
{
"category": "description",
"text": "Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorie\u00ebn schade:\n\n- Denial-of-Service (DoS)\n- Manipuleren van data\n- Toegang tot gevoelige gegevens\n- Uitvoer van willekeurige code (Gebruikersrechten)\n- Uitvoer van willekeurige code (Administratorrechten)",
"title": "Interpretaties"
},
{
"category": "description",
"text": "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Improper Handling of Exceptional Conditions",
"title": "CWE-755"
},
{
"category": "general",
"text": "Improper Neutralization of Special Elements used in an Expression Language Statement (\u0027Expression Language Injection\u0027)",
"title": "CWE-917"
},
{
"category": "general",
"text": "Files or Directories Accessible to External Parties",
"title": "CWE-552"
},
{
"category": "general",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "general",
"text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"title": "CWE-94"
},
{
"category": "general",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "general",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "general",
"text": "Improper Restriction of XML External Entity Reference",
"title": "CWE-611"
},
{
"category": "general",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Reference - cveprojectv5; hkcert; nvd; oracle; redhat",
"url": "https://www.oracle.com/security-alerts/cpuoct2024.html"
}
],
"title": "Kwetsbaarheden verholpen in Oracle Commerce",
"tracking": {
"current_release_date": "2024-10-17T13:17:19.736602Z",
"id": "NCSC-2024-0413",
"initial_release_date": "2024-10-17T13:17:19.736602Z",
"revision_history": [
{
"date": "2024-10-17T13:17:19.736602Z",
"number": "0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "commerce",
"product": {
"name": "commerce",
"product_id": "CSAFPID-1674613",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:commerce:11.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "commerce",
"product": {
"name": "commerce",
"product_id": "CSAFPID-1674614",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:commerce:11.3.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "commerce",
"product": {
"name": "commerce",
"product_id": "CSAFPID-1674615",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:commerce:11.3.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "commerce",
"product": {
"name": "commerce",
"product_id": "CSAFPID-1674616",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:commerce:11.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "commerce_guided_search",
"product": {
"name": "commerce_guided_search",
"product_id": "CSAFPID-187449",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:commerce_guided_search:11.3.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "commerce_guided_search",
"product": {
"name": "commerce_guided_search",
"product_id": "CSAFPID-1673502",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:commerce_guided_search:11.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "commerce_platform",
"product": {
"name": "commerce_platform",
"product_id": "CSAFPID-764898",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:commerce_platform:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "commerce_platform",
"product": {
"name": "commerce_platform",
"product_id": "CSAFPID-220467",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:commerce_platform:11.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "commerce_platform",
"product": {
"name": "commerce_platform",
"product_id": "CSAFPID-221115",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:commerce_platform:11.3.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "commerce_platform",
"product": {
"name": "commerce_platform",
"product_id": "CSAFPID-220466",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:commerce_platform:11.3.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oracle_commerce_guided_search",
"product": {
"name": "oracle_commerce_guided_search",
"product_id": "CSAFPID-1650505",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:oracle_commerce_guided_search:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oracle_commerce_platform",
"product": {
"name": "oracle_commerce_platform",
"product_id": "CSAFPID-1650560",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:oracle_commerce_platform:*:*:*:*:*:*:*:*"
}
}
}
],
"category": "vendor",
"name": "oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-10172",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"notes": [
{
"category": "other",
"text": "Improper Restriction of XML External Entity Reference",
"title": "CWE-611"
}
],
"product_status": {
"known_affected": [
"CSAFPID-187449",
"CSAFPID-220467",
"CSAFPID-221115",
"CSAFPID-220466",
"CSAFPID-1674613",
"CSAFPID-1674614",
"CSAFPID-1674615",
"CSAFPID-1674616"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2019-10172",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2019/CVE-2019-10172.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-187449",
"CSAFPID-220467",
"CSAFPID-221115",
"CSAFPID-220466",
"CSAFPID-1674613",
"CSAFPID-1674614",
"CSAFPID-1674615",
"CSAFPID-1674616"
]
}
],
"title": "CVE-2019-10172"
},
{
"cve": "CVE-2020-13956",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-187449",
"CSAFPID-220467",
"CSAFPID-221115",
"CSAFPID-220466",
"CSAFPID-764898",
"CSAFPID-1650505",
"CSAFPID-1674613",
"CSAFPID-1674614",
"CSAFPID-1674615",
"CSAFPID-1674616"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2020-13956",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-13956.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-187449",
"CSAFPID-220467",
"CSAFPID-221115",
"CSAFPID-220466",
"CSAFPID-764898",
"CSAFPID-1650505",
"CSAFPID-1674613",
"CSAFPID-1674614",
"CSAFPID-1674615",
"CSAFPID-1674616"
]
}
],
"title": "CVE-2020-13956"
},
{
"cve": "CVE-2021-23358",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"title": "CWE-94"
}
],
"product_status": {
"known_affected": [
"CSAFPID-187449",
"CSAFPID-221115",
"CSAFPID-220466",
"CSAFPID-220467",
"CSAFPID-1674613",
"CSAFPID-1674614",
"CSAFPID-1674615",
"CSAFPID-1674616"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2021-23358",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-23358.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-187449",
"CSAFPID-221115",
"CSAFPID-220466",
"CSAFPID-220467",
"CSAFPID-1674613",
"CSAFPID-1674614",
"CSAFPID-1674615",
"CSAFPID-1674616"
]
}
],
"title": "CVE-2021-23358"
},
{
"cve": "CVE-2021-28170",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-187449",
"CSAFPID-220467",
"CSAFPID-221115",
"CSAFPID-220466",
"CSAFPID-1674613",
"CSAFPID-1674614",
"CSAFPID-1674615",
"CSAFPID-1674616"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2021-28170",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-28170.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-187449",
"CSAFPID-220467",
"CSAFPID-221115",
"CSAFPID-220466",
"CSAFPID-1674613",
"CSAFPID-1674614",
"CSAFPID-1674615",
"CSAFPID-1674616"
]
}
],
"title": "CVE-2021-28170"
},
{
"cve": "CVE-2022-46337",
"product_status": {
"known_affected": [
"CSAFPID-187449",
"CSAFPID-220466",
"CSAFPID-1674613",
"CSAFPID-1674614",
"CSAFPID-1674615",
"CSAFPID-1674616",
"CSAFPID-220467",
"CSAFPID-221115"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-46337",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-46337.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-187449",
"CSAFPID-220466",
"CSAFPID-1674613",
"CSAFPID-1674614",
"CSAFPID-1674615",
"CSAFPID-1674616",
"CSAFPID-220467",
"CSAFPID-221115"
]
}
],
"title": "CVE-2022-46337"
},
{
"cve": "CVE-2023-2976",
"cwe": {
"id": "CWE-552",
"name": "Files or Directories Accessible to External Parties"
},
"notes": [
{
"category": "other",
"text": "Files or Directories Accessible to External Parties",
"title": "CWE-552"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1650505",
"CSAFPID-220466",
"CSAFPID-1674613",
"CSAFPID-1674614",
"CSAFPID-1674615",
"CSAFPID-1674616",
"CSAFPID-220467",
"CSAFPID-221115",
"CSAFPID-187449"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-2976",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-2976.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1650505",
"CSAFPID-220466",
"CSAFPID-1674613",
"CSAFPID-1674614",
"CSAFPID-1674615",
"CSAFPID-1674616",
"CSAFPID-220467",
"CSAFPID-221115",
"CSAFPID-187449"
]
}
],
"title": "CVE-2023-2976"
},
{
"cve": "CVE-2023-20863",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "other",
"text": "Improper Neutralization of Special Elements used in an Expression Language Statement (\u0027Expression Language Injection\u0027)",
"title": "CWE-917"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1650560",
"CSAFPID-1650505",
"CSAFPID-1674613",
"CSAFPID-1674614",
"CSAFPID-1674615",
"CSAFPID-1674616",
"CSAFPID-187449",
"CSAFPID-220466",
"CSAFPID-220467",
"CSAFPID-221115"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-20863",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-20863.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1650560",
"CSAFPID-1650505",
"CSAFPID-1674613",
"CSAFPID-1674614",
"CSAFPID-1674615",
"CSAFPID-1674616",
"CSAFPID-187449",
"CSAFPID-220466",
"CSAFPID-220467",
"CSAFPID-221115"
]
}
],
"title": "CVE-2023-20863"
},
{
"cve": "CVE-2024-26308",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1674613",
"CSAFPID-1674614",
"CSAFPID-1674615",
"CSAFPID-1674616",
"CSAFPID-187449",
"CSAFPID-220466",
"CSAFPID-220467",
"CSAFPID-221115"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-26308",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-26308.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1674613",
"CSAFPID-1674614",
"CSAFPID-1674615",
"CSAFPID-1674616",
"CSAFPID-187449",
"CSAFPID-220466",
"CSAFPID-220467",
"CSAFPID-221115"
]
}
],
"title": "CVE-2024-26308"
},
{
"cve": "CVE-2024-34750",
"cwe": {
"id": "CWE-755",
"name": "Improper Handling of Exceptional Conditions"
},
"notes": [
{
"category": "other",
"text": "Improper Handling of Exceptional Conditions",
"title": "CWE-755"
},
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673502",
"CSAFPID-187449",
"CSAFPID-1674613",
"CSAFPID-1674614",
"CSAFPID-1674615",
"CSAFPID-1674616"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-34750",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34750.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673502",
"CSAFPID-187449",
"CSAFPID-1674613",
"CSAFPID-1674614",
"CSAFPID-1674615",
"CSAFPID-1674616"
]
}
],
"title": "CVE-2024-34750"
}
]
}
NCSC-2025-0127
Vulnerability from csaf_ncscnl - Published: 2025-04-16 15:00 - Updated: 2025-04-16 15:00Summary
Kwetsbaarheden verholpen in Oracle Financial Services
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten: Oracle heeft kwetsbaarheden verholpen in verschillende Financial Services producten
Interpretaties: De kwetsbaarheden stellen niet-geauthenticeerde kwaadwillenden in staat om via HTTP toegang te krijgen tot kritieke gegevens, wat kan leiden tot ongeautoriseerde gegevenstoegang en andere beveiligingsrisico's. Kwaadwillenden kunnen ook gebruik maken van misconfiguraties en kwetsbaarheden in de software om privilege-escalatie, denial-of-service en remote code execution uit te voeren.
Oplossingen: Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans: medium
Schade: high
CWE-670: Always-Incorrect Control Flow Implementation
CWE-676: Use of Potentially Dangerous Function
CWE-921: Storage of Sensitive Data in a Mechanism without Access Control
CWE-922: Insecure Storage of Sensitive Information
CWE-669: Incorrect Resource Transfer Between Spheres
CWE-178: Improper Handling of Case Sensitivity
CWE-303: Incorrect Implementation of Authentication Algorithm
CWE-732: Incorrect Permission Assignment for Critical Resource
CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition
CWE-680: Integer Overflow to Buffer Overflow
CWE-639: Authorization Bypass Through User-Controlled Key
CWE-404: Improper Resource Shutdown or Release
CWE-284: Improper Access Control
CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE-400: Uncontrolled Resource Consumption
CWE-502: Deserialization of Untrusted Data
CWE-674: Uncontrolled Recursion
CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE-611: Improper Restriction of XML External Entity Reference
CWE-121: Stack-based Buffer Overflow
CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE-20: Improper Input Validation
7.5 (High)
Affected products
Known affected
44 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/8.1.2.7.0
Oracle / Oracle / Financial Services Model Management and Governance
|
vers:unknown/8.1.2.7.0 | ||
|
vers:unknown/8.1.3.0
Oracle / Oracle / Financial Services Model Management and Governance
|
vers:unknown/8.1.3.0 | ||
|
vers:oracle/8.1.2.6
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.6:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.6 | |
|
vers:oracle/8.1.2.7
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.7 | |
|
vers:oracle/8.1.2.7.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7.0:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.7.0 | |
|
vers:oracle/8.1.3.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.3.0:*:*:*:*:*:*:*
|
vers:oracle/8.1.3.0 | |
|
vers:oracle/21.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking APIs
|
cpe:2.3:a:oracle:banking_apis:21.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.1.0.0.0 | |
|
vers:oracle/22.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking APIs
|
cpe:2.3:a:oracle:banking_apis:22.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.1.0.0.0 | |
|
vers:oracle/22.2.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking APIs
|
cpe:2.3:a:oracle:banking_apis:22.2.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.2.0.0.0 | |
|
vers:oracle/21.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience
|
cpe:2.3:a:oracle:banking_digital_experience:21.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.1.0.0.0 | |
|
vers:oracle/22.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience
|
cpe:2.3:a:oracle:banking_digital_experience:22.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.1.0.0.0 | |
|
vers:oracle/22.2.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience
|
cpe:2.3:a:oracle:banking_digital_experience:22.2.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.2.0.0.0 | |
|
vers:unknown/8.0.7.8
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.0.7.8 | ||
|
vers:unknown/8.0.8.6
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.0.8.6 | ||
|
vers:unknown/8.1.1.4
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.1.1.4 | ||
|
vers:oracle/8.0.7.8
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.8:*:*:*:*:*:*:*
|
vers:oracle/8.0.7.8 | |
|
vers:unknown/8.1.2.5
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.1.2.5 | ||
|
vers:oracle/8.0.8.6
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8.6:*:*:*:*:*:*:*
|
vers:oracle/8.0.8.6 | |
|
vers:oracle/8.1.1.4
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1.4:*:*:*:*:*:*:*
|
vers:oracle/8.1.1.4 | |
|
vers:oracle/8.1.2.5
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.5:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.5 | |
|
vers:oracle/5.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/5.1.0.0.0 | |
|
vers:oracle/6.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/6.1.0.0.0 | |
|
vers:oracle/7.0.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:7.0.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.0.0.0.0 | |
|
vers:oracle/>=2.9.0.0.0|<=7.0.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0.0.0-7.0.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=2.9.0.0.0|<=7.0.0.0.0 | |
|
vers:semver/5.1.0.0.0
Oracle Corporation / Oracle Financial Services Revenue Management and Billing
|
vers:semver/5.1.0.0.0 | ||
|
vers:semver/6.1.0.0.0
Oracle Corporation / Oracle Financial Services Revenue Management and Billing
|
vers:semver/6.1.0.0.0 | ||
|
vers:semver/7.0.0.0.0
Oracle Corporation / Oracle Financial Services Revenue Management and Billing
|
vers:semver/7.0.0.0.0 | ||
|
vers:oracle/>=14.4.0.0.0|<=14.7.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.4.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=14.4.0.0.0|<=14.7.0.0.0 | |
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.5.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0 | |
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Origination
|
cpe:2.3:a:oracle:banking_origination:14.5.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0 | |
|
vers:unknown/8.0.8.1
Oracle / Oracle / Financial Services Behavior Detection Platform
|
vers:unknown/8.0.8.1 | ||
|
vers:unknown/8.1.2.7
Oracle / Oracle / Financial Services Behavior Detection Platform
|
vers:unknown/8.1.2.7 | ||
|
vers:unknown/8.1.2.8
Oracle / Oracle / Financial Services Behavior Detection Platform
|
vers:unknown/8.1.2.8 | ||
|
vers:oracle/8.0.8.1
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:*:*:*:*:*:*:*
|
vers:oracle/8.0.8.1 | |
|
vers:oracle/8.1.2.7
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.7 | |
|
vers:oracle/8.1.2.8
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.8:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.8 | |
|
vers:oracle/8.1.2.9
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.9:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.9 | |
|
vers:oracle/8.0.8
Oracle / Oracle Financial Services Applications / Oracle Financial Services Trade-Based Anti Money Laundering Enterprise Edition
|
cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering:8.0.8:*:*:*:enterprise:*:*:*
|
vers:oracle/8.0.8 | |
|
vers:unknown/14.7.0.7.0
Oracle / Oracle / Banking Liquidity Management
|
vers:unknown/14.7.0.7.0 | ||
|
vers:oracle/14.7.0.7.0
Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management
|
cpe:2.3:a:oracle:banking_liquidity_management:14.7.0.7.0:*:*:*:*:*:*:*
|
vers:oracle/14.7.0.7.0 | |
|
vers:oracle/14.7.5.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management
|
cpe:2.3:a:oracle:banking_liquidity_management:14.7.5.0.0:*:*:*:*:*:*:*
|
vers:oracle/14.7.5.0.0 | |
|
vers:unknown/8.1.2.6
Oracle / Oracle / Financial Services Compliance Studio
|
vers:unknown/8.1.2.6 | ||
|
vers:oracle/8.1.2.6
Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio
|
cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.6:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.6 | |
|
vers:oracle/8.1.2.9
Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio
|
cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.9:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.9 |
7.5 (High)
Affected products
Known affected
44 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/8.1.2.7.0
Oracle / Oracle / Financial Services Model Management and Governance
|
vers:unknown/8.1.2.7.0 | ||
|
vers:unknown/8.1.3.0
Oracle / Oracle / Financial Services Model Management and Governance
|
vers:unknown/8.1.3.0 | ||
|
vers:oracle/8.1.2.6
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.6:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.6 | |
|
vers:oracle/8.1.2.7
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.7 | |
|
vers:oracle/8.1.2.7.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7.0:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.7.0 | |
|
vers:oracle/8.1.3.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.3.0:*:*:*:*:*:*:*
|
vers:oracle/8.1.3.0 | |
|
vers:oracle/21.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking APIs
|
cpe:2.3:a:oracle:banking_apis:21.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.1.0.0.0 | |
|
vers:oracle/22.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking APIs
|
cpe:2.3:a:oracle:banking_apis:22.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.1.0.0.0 | |
|
vers:oracle/22.2.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking APIs
|
cpe:2.3:a:oracle:banking_apis:22.2.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.2.0.0.0 | |
|
vers:oracle/21.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience
|
cpe:2.3:a:oracle:banking_digital_experience:21.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.1.0.0.0 | |
|
vers:oracle/22.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience
|
cpe:2.3:a:oracle:banking_digital_experience:22.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.1.0.0.0 | |
|
vers:oracle/22.2.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience
|
cpe:2.3:a:oracle:banking_digital_experience:22.2.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.2.0.0.0 | |
|
vers:unknown/8.0.7.8
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.0.7.8 | ||
|
vers:unknown/8.0.8.6
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.0.8.6 | ||
|
vers:unknown/8.1.1.4
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.1.1.4 | ||
|
vers:oracle/8.0.7.8
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.8:*:*:*:*:*:*:*
|
vers:oracle/8.0.7.8 | |
|
vers:unknown/8.1.2.5
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.1.2.5 | ||
|
vers:oracle/8.0.8.6
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8.6:*:*:*:*:*:*:*
|
vers:oracle/8.0.8.6 | |
|
vers:oracle/8.1.1.4
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1.4:*:*:*:*:*:*:*
|
vers:oracle/8.1.1.4 | |
|
vers:oracle/8.1.2.5
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.5:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.5 | |
|
vers:oracle/5.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/5.1.0.0.0 | |
|
vers:oracle/6.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/6.1.0.0.0 | |
|
vers:oracle/7.0.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:7.0.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.0.0.0.0 | |
|
vers:oracle/>=2.9.0.0.0|<=7.0.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0.0.0-7.0.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=2.9.0.0.0|<=7.0.0.0.0 | |
|
vers:semver/5.1.0.0.0
Oracle Corporation / Oracle Financial Services Revenue Management and Billing
|
vers:semver/5.1.0.0.0 | ||
|
vers:semver/6.1.0.0.0
Oracle Corporation / Oracle Financial Services Revenue Management and Billing
|
vers:semver/6.1.0.0.0 | ||
|
vers:semver/7.0.0.0.0
Oracle Corporation / Oracle Financial Services Revenue Management and Billing
|
vers:semver/7.0.0.0.0 | ||
|
vers:oracle/>=14.4.0.0.0|<=14.7.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.4.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=14.4.0.0.0|<=14.7.0.0.0 | |
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.5.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0 | |
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Origination
|
cpe:2.3:a:oracle:banking_origination:14.5.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0 | |
|
vers:unknown/8.0.8.1
Oracle / Oracle / Financial Services Behavior Detection Platform
|
vers:unknown/8.0.8.1 | ||
|
vers:unknown/8.1.2.7
Oracle / Oracle / Financial Services Behavior Detection Platform
|
vers:unknown/8.1.2.7 | ||
|
vers:unknown/8.1.2.8
Oracle / Oracle / Financial Services Behavior Detection Platform
|
vers:unknown/8.1.2.8 | ||
|
vers:oracle/8.0.8.1
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:*:*:*:*:*:*:*
|
vers:oracle/8.0.8.1 | |
|
vers:oracle/8.1.2.7
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.7 | |
|
vers:oracle/8.1.2.8
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.8:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.8 | |
|
vers:oracle/8.1.2.9
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.9:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.9 | |
|
vers:oracle/8.0.8
Oracle / Oracle Financial Services Applications / Oracle Financial Services Trade-Based Anti Money Laundering Enterprise Edition
|
cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering:8.0.8:*:*:*:enterprise:*:*:*
|
vers:oracle/8.0.8 | |
|
vers:unknown/14.7.0.7.0
Oracle / Oracle / Banking Liquidity Management
|
vers:unknown/14.7.0.7.0 | ||
|
vers:oracle/14.7.0.7.0
Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management
|
cpe:2.3:a:oracle:banking_liquidity_management:14.7.0.7.0:*:*:*:*:*:*:*
|
vers:oracle/14.7.0.7.0 | |
|
vers:oracle/14.7.5.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management
|
cpe:2.3:a:oracle:banking_liquidity_management:14.7.5.0.0:*:*:*:*:*:*:*
|
vers:oracle/14.7.5.0.0 | |
|
vers:unknown/8.1.2.6
Oracle / Oracle / Financial Services Compliance Studio
|
vers:unknown/8.1.2.6 | ||
|
vers:oracle/8.1.2.6
Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio
|
cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.6:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.6 | |
|
vers:oracle/8.1.2.9
Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio
|
cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.9:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.9 |
5.5 (Medium)
Affected products
Known affected
44 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/8.1.2.7.0
Oracle / Oracle / Financial Services Model Management and Governance
|
vers:unknown/8.1.2.7.0 | ||
|
vers:unknown/8.1.3.0
Oracle / Oracle / Financial Services Model Management and Governance
|
vers:unknown/8.1.3.0 | ||
|
vers:oracle/8.1.2.6
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.6:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.6 | |
|
vers:oracle/8.1.2.7
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.7 | |
|
vers:oracle/8.1.2.7.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7.0:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.7.0 | |
|
vers:oracle/8.1.3.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.3.0:*:*:*:*:*:*:*
|
vers:oracle/8.1.3.0 | |
|
vers:oracle/21.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking APIs
|
cpe:2.3:a:oracle:banking_apis:21.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.1.0.0.0 | |
|
vers:oracle/22.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking APIs
|
cpe:2.3:a:oracle:banking_apis:22.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.1.0.0.0 | |
|
vers:oracle/22.2.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking APIs
|
cpe:2.3:a:oracle:banking_apis:22.2.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.2.0.0.0 | |
|
vers:oracle/21.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience
|
cpe:2.3:a:oracle:banking_digital_experience:21.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.1.0.0.0 | |
|
vers:oracle/22.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience
|
cpe:2.3:a:oracle:banking_digital_experience:22.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.1.0.0.0 | |
|
vers:oracle/22.2.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience
|
cpe:2.3:a:oracle:banking_digital_experience:22.2.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.2.0.0.0 | |
|
vers:unknown/8.0.7.8
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.0.7.8 | ||
|
vers:unknown/8.0.8.6
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.0.8.6 | ||
|
vers:unknown/8.1.1.4
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.1.1.4 | ||
|
vers:oracle/8.0.7.8
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.8:*:*:*:*:*:*:*
|
vers:oracle/8.0.7.8 | |
|
vers:unknown/8.1.2.5
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.1.2.5 | ||
|
vers:oracle/8.0.8.6
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8.6:*:*:*:*:*:*:*
|
vers:oracle/8.0.8.6 | |
|
vers:oracle/8.1.1.4
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1.4:*:*:*:*:*:*:*
|
vers:oracle/8.1.1.4 | |
|
vers:oracle/8.1.2.5
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.5:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.5 | |
|
vers:oracle/5.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/5.1.0.0.0 | |
|
vers:oracle/6.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/6.1.0.0.0 | |
|
vers:oracle/7.0.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:7.0.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.0.0.0.0 | |
|
vers:oracle/>=2.9.0.0.0|<=7.0.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0.0.0-7.0.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=2.9.0.0.0|<=7.0.0.0.0 | |
|
vers:semver/5.1.0.0.0
Oracle Corporation / Oracle Financial Services Revenue Management and Billing
|
vers:semver/5.1.0.0.0 | ||
|
vers:semver/6.1.0.0.0
Oracle Corporation / Oracle Financial Services Revenue Management and Billing
|
vers:semver/6.1.0.0.0 | ||
|
vers:semver/7.0.0.0.0
Oracle Corporation / Oracle Financial Services Revenue Management and Billing
|
vers:semver/7.0.0.0.0 | ||
|
vers:oracle/>=14.4.0.0.0|<=14.7.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.4.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=14.4.0.0.0|<=14.7.0.0.0 | |
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.5.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0 | |
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Origination
|
cpe:2.3:a:oracle:banking_origination:14.5.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0 | |
|
vers:unknown/8.0.8.1
Oracle / Oracle / Financial Services Behavior Detection Platform
|
vers:unknown/8.0.8.1 | ||
|
vers:unknown/8.1.2.7
Oracle / Oracle / Financial Services Behavior Detection Platform
|
vers:unknown/8.1.2.7 | ||
|
vers:unknown/8.1.2.8
Oracle / Oracle / Financial Services Behavior Detection Platform
|
vers:unknown/8.1.2.8 | ||
|
vers:oracle/8.0.8.1
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:*:*:*:*:*:*:*
|
vers:oracle/8.0.8.1 | |
|
vers:oracle/8.1.2.7
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.7 | |
|
vers:oracle/8.1.2.8
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.8:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.8 | |
|
vers:oracle/8.1.2.9
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.9:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.9 | |
|
vers:oracle/8.0.8
Oracle / Oracle Financial Services Applications / Oracle Financial Services Trade-Based Anti Money Laundering Enterprise Edition
|
cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering:8.0.8:*:*:*:enterprise:*:*:*
|
vers:oracle/8.0.8 | |
|
vers:unknown/14.7.0.7.0
Oracle / Oracle / Banking Liquidity Management
|
vers:unknown/14.7.0.7.0 | ||
|
vers:oracle/14.7.0.7.0
Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management
|
cpe:2.3:a:oracle:banking_liquidity_management:14.7.0.7.0:*:*:*:*:*:*:*
|
vers:oracle/14.7.0.7.0 | |
|
vers:oracle/14.7.5.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management
|
cpe:2.3:a:oracle:banking_liquidity_management:14.7.5.0.0:*:*:*:*:*:*:*
|
vers:oracle/14.7.5.0.0 | |
|
vers:unknown/8.1.2.6
Oracle / Oracle / Financial Services Compliance Studio
|
vers:unknown/8.1.2.6 | ||
|
vers:oracle/8.1.2.6
Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio
|
cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.6:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.6 | |
|
vers:oracle/8.1.2.9
Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio
|
cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.9:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.9 |
5.3 (Medium)
Affected products
Known affected
44 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/8.1.2.7.0
Oracle / Oracle / Financial Services Model Management and Governance
|
vers:unknown/8.1.2.7.0 | ||
|
vers:unknown/8.1.3.0
Oracle / Oracle / Financial Services Model Management and Governance
|
vers:unknown/8.1.3.0 | ||
|
vers:oracle/8.1.2.6
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.6:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.6 | |
|
vers:oracle/8.1.2.7
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.7 | |
|
vers:oracle/8.1.2.7.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7.0:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.7.0 | |
|
vers:oracle/8.1.3.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.3.0:*:*:*:*:*:*:*
|
vers:oracle/8.1.3.0 | |
|
vers:oracle/21.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking APIs
|
cpe:2.3:a:oracle:banking_apis:21.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.1.0.0.0 | |
|
vers:oracle/22.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking APIs
|
cpe:2.3:a:oracle:banking_apis:22.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.1.0.0.0 | |
|
vers:oracle/22.2.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking APIs
|
cpe:2.3:a:oracle:banking_apis:22.2.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.2.0.0.0 | |
|
vers:oracle/21.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience
|
cpe:2.3:a:oracle:banking_digital_experience:21.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.1.0.0.0 | |
|
vers:oracle/22.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience
|
cpe:2.3:a:oracle:banking_digital_experience:22.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.1.0.0.0 | |
|
vers:oracle/22.2.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience
|
cpe:2.3:a:oracle:banking_digital_experience:22.2.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.2.0.0.0 | |
|
vers:unknown/8.0.7.8
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.0.7.8 | ||
|
vers:unknown/8.0.8.6
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.0.8.6 | ||
|
vers:unknown/8.1.1.4
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.1.1.4 | ||
|
vers:oracle/8.0.7.8
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.8:*:*:*:*:*:*:*
|
vers:oracle/8.0.7.8 | |
|
vers:unknown/8.1.2.5
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.1.2.5 | ||
|
vers:oracle/8.0.8.6
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8.6:*:*:*:*:*:*:*
|
vers:oracle/8.0.8.6 | |
|
vers:oracle/8.1.1.4
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1.4:*:*:*:*:*:*:*
|
vers:oracle/8.1.1.4 | |
|
vers:oracle/8.1.2.5
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.5:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.5 | |
|
vers:oracle/5.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/5.1.0.0.0 | |
|
vers:oracle/6.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/6.1.0.0.0 | |
|
vers:oracle/7.0.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:7.0.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.0.0.0.0 | |
|
vers:oracle/>=2.9.0.0.0|<=7.0.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0.0.0-7.0.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=2.9.0.0.0|<=7.0.0.0.0 | |
|
vers:semver/5.1.0.0.0
Oracle Corporation / Oracle Financial Services Revenue Management and Billing
|
vers:semver/5.1.0.0.0 | ||
|
vers:semver/6.1.0.0.0
Oracle Corporation / Oracle Financial Services Revenue Management and Billing
|
vers:semver/6.1.0.0.0 | ||
|
vers:semver/7.0.0.0.0
Oracle Corporation / Oracle Financial Services Revenue Management and Billing
|
vers:semver/7.0.0.0.0 | ||
|
vers:oracle/>=14.4.0.0.0|<=14.7.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.4.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=14.4.0.0.0|<=14.7.0.0.0 | |
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.5.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0 | |
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Origination
|
cpe:2.3:a:oracle:banking_origination:14.5.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0 | |
|
vers:unknown/8.0.8.1
Oracle / Oracle / Financial Services Behavior Detection Platform
|
vers:unknown/8.0.8.1 | ||
|
vers:unknown/8.1.2.7
Oracle / Oracle / Financial Services Behavior Detection Platform
|
vers:unknown/8.1.2.7 | ||
|
vers:unknown/8.1.2.8
Oracle / Oracle / Financial Services Behavior Detection Platform
|
vers:unknown/8.1.2.8 | ||
|
vers:oracle/8.0.8.1
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:*:*:*:*:*:*:*
|
vers:oracle/8.0.8.1 | |
|
vers:oracle/8.1.2.7
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.7 | |
|
vers:oracle/8.1.2.8
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.8:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.8 | |
|
vers:oracle/8.1.2.9
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.9:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.9 | |
|
vers:oracle/8.0.8
Oracle / Oracle Financial Services Applications / Oracle Financial Services Trade-Based Anti Money Laundering Enterprise Edition
|
cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering:8.0.8:*:*:*:enterprise:*:*:*
|
vers:oracle/8.0.8 | |
|
vers:unknown/14.7.0.7.0
Oracle / Oracle / Banking Liquidity Management
|
vers:unknown/14.7.0.7.0 | ||
|
vers:oracle/14.7.0.7.0
Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management
|
cpe:2.3:a:oracle:banking_liquidity_management:14.7.0.7.0:*:*:*:*:*:*:*
|
vers:oracle/14.7.0.7.0 | |
|
vers:oracle/14.7.5.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management
|
cpe:2.3:a:oracle:banking_liquidity_management:14.7.5.0.0:*:*:*:*:*:*:*
|
vers:oracle/14.7.5.0.0 | |
|
vers:unknown/8.1.2.6
Oracle / Oracle / Financial Services Compliance Studio
|
vers:unknown/8.1.2.6 | ||
|
vers:oracle/8.1.2.6
Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio
|
cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.6:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.6 | |
|
vers:oracle/8.1.2.9
Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio
|
cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.9:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.9 |
7.5 (High)
Affected products
Known affected
44 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/8.1.2.7.0
Oracle / Oracle / Financial Services Model Management and Governance
|
vers:unknown/8.1.2.7.0 | ||
|
vers:unknown/8.1.3.0
Oracle / Oracle / Financial Services Model Management and Governance
|
vers:unknown/8.1.3.0 | ||
|
vers:oracle/8.1.2.6
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.6:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.6 | |
|
vers:oracle/8.1.2.7
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.7 | |
|
vers:oracle/8.1.2.7.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7.0:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.7.0 | |
|
vers:oracle/8.1.3.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.3.0:*:*:*:*:*:*:*
|
vers:oracle/8.1.3.0 | |
|
vers:oracle/21.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking APIs
|
cpe:2.3:a:oracle:banking_apis:21.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.1.0.0.0 | |
|
vers:oracle/22.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking APIs
|
cpe:2.3:a:oracle:banking_apis:22.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.1.0.0.0 | |
|
vers:oracle/22.2.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking APIs
|
cpe:2.3:a:oracle:banking_apis:22.2.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.2.0.0.0 | |
|
vers:oracle/21.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience
|
cpe:2.3:a:oracle:banking_digital_experience:21.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.1.0.0.0 | |
|
vers:oracle/22.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience
|
cpe:2.3:a:oracle:banking_digital_experience:22.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.1.0.0.0 | |
|
vers:oracle/22.2.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience
|
cpe:2.3:a:oracle:banking_digital_experience:22.2.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.2.0.0.0 | |
|
vers:unknown/8.0.7.8
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.0.7.8 | ||
|
vers:unknown/8.0.8.6
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.0.8.6 | ||
|
vers:unknown/8.1.1.4
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.1.1.4 | ||
|
vers:oracle/8.0.7.8
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.8:*:*:*:*:*:*:*
|
vers:oracle/8.0.7.8 | |
|
vers:unknown/8.1.2.5
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.1.2.5 | ||
|
vers:oracle/8.0.8.6
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8.6:*:*:*:*:*:*:*
|
vers:oracle/8.0.8.6 | |
|
vers:oracle/8.1.1.4
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1.4:*:*:*:*:*:*:*
|
vers:oracle/8.1.1.4 | |
|
vers:oracle/8.1.2.5
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.5:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.5 | |
|
vers:oracle/5.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/5.1.0.0.0 | |
|
vers:oracle/6.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/6.1.0.0.0 | |
|
vers:oracle/7.0.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:7.0.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.0.0.0.0 | |
|
vers:oracle/>=2.9.0.0.0|<=7.0.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0.0.0-7.0.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=2.9.0.0.0|<=7.0.0.0.0 | |
|
vers:semver/5.1.0.0.0
Oracle Corporation / Oracle Financial Services Revenue Management and Billing
|
vers:semver/5.1.0.0.0 | ||
|
vers:semver/6.1.0.0.0
Oracle Corporation / Oracle Financial Services Revenue Management and Billing
|
vers:semver/6.1.0.0.0 | ||
|
vers:semver/7.0.0.0.0
Oracle Corporation / Oracle Financial Services Revenue Management and Billing
|
vers:semver/7.0.0.0.0 | ||
|
vers:oracle/>=14.4.0.0.0|<=14.7.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.4.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=14.4.0.0.0|<=14.7.0.0.0 | |
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.5.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0 | |
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Origination
|
cpe:2.3:a:oracle:banking_origination:14.5.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0 | |
|
vers:unknown/8.0.8.1
Oracle / Oracle / Financial Services Behavior Detection Platform
|
vers:unknown/8.0.8.1 | ||
|
vers:unknown/8.1.2.7
Oracle / Oracle / Financial Services Behavior Detection Platform
|
vers:unknown/8.1.2.7 | ||
|
vers:unknown/8.1.2.8
Oracle / Oracle / Financial Services Behavior Detection Platform
|
vers:unknown/8.1.2.8 | ||
|
vers:oracle/8.0.8.1
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:*:*:*:*:*:*:*
|
vers:oracle/8.0.8.1 | |
|
vers:oracle/8.1.2.7
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.7 | |
|
vers:oracle/8.1.2.8
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.8:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.8 | |
|
vers:oracle/8.1.2.9
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.9:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.9 | |
|
vers:oracle/8.0.8
Oracle / Oracle Financial Services Applications / Oracle Financial Services Trade-Based Anti Money Laundering Enterprise Edition
|
cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering:8.0.8:*:*:*:enterprise:*:*:*
|
vers:oracle/8.0.8 | |
|
vers:unknown/14.7.0.7.0
Oracle / Oracle / Banking Liquidity Management
|
vers:unknown/14.7.0.7.0 | ||
|
vers:oracle/14.7.0.7.0
Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management
|
cpe:2.3:a:oracle:banking_liquidity_management:14.7.0.7.0:*:*:*:*:*:*:*
|
vers:oracle/14.7.0.7.0 | |
|
vers:oracle/14.7.5.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management
|
cpe:2.3:a:oracle:banking_liquidity_management:14.7.5.0.0:*:*:*:*:*:*:*
|
vers:oracle/14.7.5.0.0 | |
|
vers:unknown/8.1.2.6
Oracle / Oracle / Financial Services Compliance Studio
|
vers:unknown/8.1.2.6 | ||
|
vers:oracle/8.1.2.6
Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio
|
cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.6:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.6 | |
|
vers:oracle/8.1.2.9
Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio
|
cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.9:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.9 |
7.3 (High)
Affected products
Known affected
44 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/8.1.2.7.0
Oracle / Oracle / Financial Services Model Management and Governance
|
vers:unknown/8.1.2.7.0 | ||
|
vers:unknown/8.1.3.0
Oracle / Oracle / Financial Services Model Management and Governance
|
vers:unknown/8.1.3.0 | ||
|
vers:oracle/8.1.2.6
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.6:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.6 | |
|
vers:oracle/8.1.2.7
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.7 | |
|
vers:oracle/8.1.2.7.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7.0:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.7.0 | |
|
vers:oracle/8.1.3.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.3.0:*:*:*:*:*:*:*
|
vers:oracle/8.1.3.0 | |
|
vers:oracle/21.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking APIs
|
cpe:2.3:a:oracle:banking_apis:21.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.1.0.0.0 | |
|
vers:oracle/22.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking APIs
|
cpe:2.3:a:oracle:banking_apis:22.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.1.0.0.0 | |
|
vers:oracle/22.2.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking APIs
|
cpe:2.3:a:oracle:banking_apis:22.2.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.2.0.0.0 | |
|
vers:oracle/21.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience
|
cpe:2.3:a:oracle:banking_digital_experience:21.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.1.0.0.0 | |
|
vers:oracle/22.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience
|
cpe:2.3:a:oracle:banking_digital_experience:22.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.1.0.0.0 | |
|
vers:oracle/22.2.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience
|
cpe:2.3:a:oracle:banking_digital_experience:22.2.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.2.0.0.0 | |
|
vers:unknown/8.0.7.8
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.0.7.8 | ||
|
vers:unknown/8.0.8.6
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.0.8.6 | ||
|
vers:unknown/8.1.1.4
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.1.1.4 | ||
|
vers:oracle/8.0.7.8
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.8:*:*:*:*:*:*:*
|
vers:oracle/8.0.7.8 | |
|
vers:unknown/8.1.2.5
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.1.2.5 | ||
|
vers:oracle/8.0.8.6
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8.6:*:*:*:*:*:*:*
|
vers:oracle/8.0.8.6 | |
|
vers:oracle/8.1.1.4
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1.4:*:*:*:*:*:*:*
|
vers:oracle/8.1.1.4 | |
|
vers:oracle/8.1.2.5
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.5:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.5 | |
|
vers:oracle/5.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/5.1.0.0.0 | |
|
vers:oracle/6.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/6.1.0.0.0 | |
|
vers:oracle/7.0.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:7.0.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.0.0.0.0 | |
|
vers:oracle/>=2.9.0.0.0|<=7.0.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0.0.0-7.0.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=2.9.0.0.0|<=7.0.0.0.0 | |
|
vers:semver/5.1.0.0.0
Oracle Corporation / Oracle Financial Services Revenue Management and Billing
|
vers:semver/5.1.0.0.0 | ||
|
vers:semver/6.1.0.0.0
Oracle Corporation / Oracle Financial Services Revenue Management and Billing
|
vers:semver/6.1.0.0.0 | ||
|
vers:semver/7.0.0.0.0
Oracle Corporation / Oracle Financial Services Revenue Management and Billing
|
vers:semver/7.0.0.0.0 | ||
|
vers:oracle/>=14.4.0.0.0|<=14.7.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.4.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=14.4.0.0.0|<=14.7.0.0.0 | |
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.5.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0 | |
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Origination
|
cpe:2.3:a:oracle:banking_origination:14.5.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0 | |
|
vers:unknown/8.0.8.1
Oracle / Oracle / Financial Services Behavior Detection Platform
|
vers:unknown/8.0.8.1 | ||
|
vers:unknown/8.1.2.7
Oracle / Oracle / Financial Services Behavior Detection Platform
|
vers:unknown/8.1.2.7 | ||
|
vers:unknown/8.1.2.8
Oracle / Oracle / Financial Services Behavior Detection Platform
|
vers:unknown/8.1.2.8 | ||
|
vers:oracle/8.0.8.1
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:*:*:*:*:*:*:*
|
vers:oracle/8.0.8.1 | |
|
vers:oracle/8.1.2.7
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.7 | |
|
vers:oracle/8.1.2.8
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.8:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.8 | |
|
vers:oracle/8.1.2.9
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.9:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.9 | |
|
vers:oracle/8.0.8
Oracle / Oracle Financial Services Applications / Oracle Financial Services Trade-Based Anti Money Laundering Enterprise Edition
|
cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering:8.0.8:*:*:*:enterprise:*:*:*
|
vers:oracle/8.0.8 | |
|
vers:unknown/14.7.0.7.0
Oracle / Oracle / Banking Liquidity Management
|
vers:unknown/14.7.0.7.0 | ||
|
vers:oracle/14.7.0.7.0
Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management
|
cpe:2.3:a:oracle:banking_liquidity_management:14.7.0.7.0:*:*:*:*:*:*:*
|
vers:oracle/14.7.0.7.0 | |
|
vers:oracle/14.7.5.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management
|
cpe:2.3:a:oracle:banking_liquidity_management:14.7.5.0.0:*:*:*:*:*:*:*
|
vers:oracle/14.7.5.0.0 | |
|
vers:unknown/8.1.2.6
Oracle / Oracle / Financial Services Compliance Studio
|
vers:unknown/8.1.2.6 | ||
|
vers:oracle/8.1.2.6
Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio
|
cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.6:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.6 | |
|
vers:oracle/8.1.2.9
Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio
|
cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.9:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.9 |
5.7 (Medium)
Affected products
Known affected
44 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/8.1.2.7.0
Oracle / Oracle / Financial Services Model Management and Governance
|
vers:unknown/8.1.2.7.0 | ||
|
vers:unknown/8.1.3.0
Oracle / Oracle / Financial Services Model Management and Governance
|
vers:unknown/8.1.3.0 | ||
|
vers:oracle/8.1.2.6
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.6:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.6 | |
|
vers:oracle/8.1.2.7
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.7 | |
|
vers:oracle/8.1.2.7.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7.0:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.7.0 | |
|
vers:oracle/8.1.3.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.3.0:*:*:*:*:*:*:*
|
vers:oracle/8.1.3.0 | |
|
vers:oracle/21.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking APIs
|
cpe:2.3:a:oracle:banking_apis:21.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.1.0.0.0 | |
|
vers:oracle/22.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking APIs
|
cpe:2.3:a:oracle:banking_apis:22.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.1.0.0.0 | |
|
vers:oracle/22.2.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking APIs
|
cpe:2.3:a:oracle:banking_apis:22.2.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.2.0.0.0 | |
|
vers:oracle/21.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience
|
cpe:2.3:a:oracle:banking_digital_experience:21.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.1.0.0.0 | |
|
vers:oracle/22.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience
|
cpe:2.3:a:oracle:banking_digital_experience:22.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.1.0.0.0 | |
|
vers:oracle/22.2.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience
|
cpe:2.3:a:oracle:banking_digital_experience:22.2.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.2.0.0.0 | |
|
vers:unknown/8.0.7.8
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.0.7.8 | ||
|
vers:unknown/8.0.8.6
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.0.8.6 | ||
|
vers:unknown/8.1.1.4
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.1.1.4 | ||
|
vers:oracle/8.0.7.8
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.8:*:*:*:*:*:*:*
|
vers:oracle/8.0.7.8 | |
|
vers:unknown/8.1.2.5
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.1.2.5 | ||
|
vers:oracle/8.0.8.6
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8.6:*:*:*:*:*:*:*
|
vers:oracle/8.0.8.6 | |
|
vers:oracle/8.1.1.4
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1.4:*:*:*:*:*:*:*
|
vers:oracle/8.1.1.4 | |
|
vers:oracle/8.1.2.5
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.5:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.5 | |
|
vers:oracle/5.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/5.1.0.0.0 | |
|
vers:oracle/6.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/6.1.0.0.0 | |
|
vers:oracle/7.0.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:7.0.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.0.0.0.0 | |
|
vers:oracle/>=2.9.0.0.0|<=7.0.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0.0.0-7.0.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=2.9.0.0.0|<=7.0.0.0.0 | |
|
vers:semver/5.1.0.0.0
Oracle Corporation / Oracle Financial Services Revenue Management and Billing
|
vers:semver/5.1.0.0.0 | ||
|
vers:semver/6.1.0.0.0
Oracle Corporation / Oracle Financial Services Revenue Management and Billing
|
vers:semver/6.1.0.0.0 | ||
|
vers:semver/7.0.0.0.0
Oracle Corporation / Oracle Financial Services Revenue Management and Billing
|
vers:semver/7.0.0.0.0 | ||
|
vers:oracle/>=14.4.0.0.0|<=14.7.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.4.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=14.4.0.0.0|<=14.7.0.0.0 | |
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.5.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0 | |
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Origination
|
cpe:2.3:a:oracle:banking_origination:14.5.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0 | |
|
vers:unknown/8.0.8.1
Oracle / Oracle / Financial Services Behavior Detection Platform
|
vers:unknown/8.0.8.1 | ||
|
vers:unknown/8.1.2.7
Oracle / Oracle / Financial Services Behavior Detection Platform
|
vers:unknown/8.1.2.7 | ||
|
vers:unknown/8.1.2.8
Oracle / Oracle / Financial Services Behavior Detection Platform
|
vers:unknown/8.1.2.8 | ||
|
vers:oracle/8.0.8.1
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:*:*:*:*:*:*:*
|
vers:oracle/8.0.8.1 | |
|
vers:oracle/8.1.2.7
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.7 | |
|
vers:oracle/8.1.2.8
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.8:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.8 | |
|
vers:oracle/8.1.2.9
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.9:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.9 | |
|
vers:oracle/8.0.8
Oracle / Oracle Financial Services Applications / Oracle Financial Services Trade-Based Anti Money Laundering Enterprise Edition
|
cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering:8.0.8:*:*:*:enterprise:*:*:*
|
vers:oracle/8.0.8 | |
|
vers:unknown/14.7.0.7.0
Oracle / Oracle / Banking Liquidity Management
|
vers:unknown/14.7.0.7.0 | ||
|
vers:oracle/14.7.0.7.0
Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management
|
cpe:2.3:a:oracle:banking_liquidity_management:14.7.0.7.0:*:*:*:*:*:*:*
|
vers:oracle/14.7.0.7.0 | |
|
vers:oracle/14.7.5.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management
|
cpe:2.3:a:oracle:banking_liquidity_management:14.7.5.0.0:*:*:*:*:*:*:*
|
vers:oracle/14.7.5.0.0 | |
|
vers:unknown/8.1.2.6
Oracle / Oracle / Financial Services Compliance Studio
|
vers:unknown/8.1.2.6 | ||
|
vers:oracle/8.1.2.6
Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio
|
cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.6:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.6 | |
|
vers:oracle/8.1.2.9
Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio
|
cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.9:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.9 |
4.4 (Medium)
Affected products
Known affected
44 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/8.1.2.7.0
Oracle / Oracle / Financial Services Model Management and Governance
|
vers:unknown/8.1.2.7.0 | ||
|
vers:unknown/8.1.3.0
Oracle / Oracle / Financial Services Model Management and Governance
|
vers:unknown/8.1.3.0 | ||
|
vers:oracle/8.1.2.6
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.6:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.6 | |
|
vers:oracle/8.1.2.7
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.7 | |
|
vers:oracle/8.1.2.7.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7.0:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.7.0 | |
|
vers:oracle/8.1.3.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.3.0:*:*:*:*:*:*:*
|
vers:oracle/8.1.3.0 | |
|
vers:oracle/21.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking APIs
|
cpe:2.3:a:oracle:banking_apis:21.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.1.0.0.0 | |
|
vers:oracle/22.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking APIs
|
cpe:2.3:a:oracle:banking_apis:22.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.1.0.0.0 | |
|
vers:oracle/22.2.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking APIs
|
cpe:2.3:a:oracle:banking_apis:22.2.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.2.0.0.0 | |
|
vers:oracle/21.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience
|
cpe:2.3:a:oracle:banking_digital_experience:21.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.1.0.0.0 | |
|
vers:oracle/22.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience
|
cpe:2.3:a:oracle:banking_digital_experience:22.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.1.0.0.0 | |
|
vers:oracle/22.2.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience
|
cpe:2.3:a:oracle:banking_digital_experience:22.2.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.2.0.0.0 | |
|
vers:unknown/8.0.7.8
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.0.7.8 | ||
|
vers:unknown/8.0.8.6
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.0.8.6 | ||
|
vers:unknown/8.1.1.4
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.1.1.4 | ||
|
vers:oracle/8.0.7.8
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.8:*:*:*:*:*:*:*
|
vers:oracle/8.0.7.8 | |
|
vers:unknown/8.1.2.5
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.1.2.5 | ||
|
vers:oracle/8.0.8.6
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8.6:*:*:*:*:*:*:*
|
vers:oracle/8.0.8.6 | |
|
vers:oracle/8.1.1.4
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1.4:*:*:*:*:*:*:*
|
vers:oracle/8.1.1.4 | |
|
vers:oracle/8.1.2.5
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.5:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.5 | |
|
vers:oracle/5.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/5.1.0.0.0 | |
|
vers:oracle/6.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/6.1.0.0.0 | |
|
vers:oracle/7.0.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:7.0.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.0.0.0.0 | |
|
vers:oracle/>=2.9.0.0.0|<=7.0.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0.0.0-7.0.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=2.9.0.0.0|<=7.0.0.0.0 | |
|
vers:semver/5.1.0.0.0
Oracle Corporation / Oracle Financial Services Revenue Management and Billing
|
vers:semver/5.1.0.0.0 | ||
|
vers:semver/6.1.0.0.0
Oracle Corporation / Oracle Financial Services Revenue Management and Billing
|
vers:semver/6.1.0.0.0 | ||
|
vers:semver/7.0.0.0.0
Oracle Corporation / Oracle Financial Services Revenue Management and Billing
|
vers:semver/7.0.0.0.0 | ||
|
vers:oracle/>=14.4.0.0.0|<=14.7.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.4.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=14.4.0.0.0|<=14.7.0.0.0 | |
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.5.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0 | |
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Origination
|
cpe:2.3:a:oracle:banking_origination:14.5.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0 | |
|
vers:unknown/8.0.8.1
Oracle / Oracle / Financial Services Behavior Detection Platform
|
vers:unknown/8.0.8.1 | ||
|
vers:unknown/8.1.2.7
Oracle / Oracle / Financial Services Behavior Detection Platform
|
vers:unknown/8.1.2.7 | ||
|
vers:unknown/8.1.2.8
Oracle / Oracle / Financial Services Behavior Detection Platform
|
vers:unknown/8.1.2.8 | ||
|
vers:oracle/8.0.8.1
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:*:*:*:*:*:*:*
|
vers:oracle/8.0.8.1 | |
|
vers:oracle/8.1.2.7
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.7 | |
|
vers:oracle/8.1.2.8
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.8:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.8 | |
|
vers:oracle/8.1.2.9
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.9:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.9 | |
|
vers:oracle/8.0.8
Oracle / Oracle Financial Services Applications / Oracle Financial Services Trade-Based Anti Money Laundering Enterprise Edition
|
cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering:8.0.8:*:*:*:enterprise:*:*:*
|
vers:oracle/8.0.8 | |
|
vers:unknown/14.7.0.7.0
Oracle / Oracle / Banking Liquidity Management
|
vers:unknown/14.7.0.7.0 | ||
|
vers:oracle/14.7.0.7.0
Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management
|
cpe:2.3:a:oracle:banking_liquidity_management:14.7.0.7.0:*:*:*:*:*:*:*
|
vers:oracle/14.7.0.7.0 | |
|
vers:oracle/14.7.5.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management
|
cpe:2.3:a:oracle:banking_liquidity_management:14.7.5.0.0:*:*:*:*:*:*:*
|
vers:oracle/14.7.5.0.0 | |
|
vers:unknown/8.1.2.6
Oracle / Oracle / Financial Services Compliance Studio
|
vers:unknown/8.1.2.6 | ||
|
vers:oracle/8.1.2.6
Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio
|
cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.6:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.6 | |
|
vers:oracle/8.1.2.9
Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio
|
cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.9:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.9 |
8.1 (High)
Affected products
Known affected
44 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/8.1.2.7.0
Oracle / Oracle / Financial Services Model Management and Governance
|
vers:unknown/8.1.2.7.0 | ||
|
vers:unknown/8.1.3.0
Oracle / Oracle / Financial Services Model Management and Governance
|
vers:unknown/8.1.3.0 | ||
|
vers:oracle/8.1.2.6
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.6:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.6 | |
|
vers:oracle/8.1.2.7
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.7 | |
|
vers:oracle/8.1.2.7.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7.0:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.7.0 | |
|
vers:oracle/8.1.3.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.3.0:*:*:*:*:*:*:*
|
vers:oracle/8.1.3.0 | |
|
vers:oracle/21.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking APIs
|
cpe:2.3:a:oracle:banking_apis:21.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.1.0.0.0 | |
|
vers:oracle/22.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking APIs
|
cpe:2.3:a:oracle:banking_apis:22.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.1.0.0.0 | |
|
vers:oracle/22.2.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking APIs
|
cpe:2.3:a:oracle:banking_apis:22.2.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.2.0.0.0 | |
|
vers:oracle/21.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience
|
cpe:2.3:a:oracle:banking_digital_experience:21.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.1.0.0.0 | |
|
vers:oracle/22.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience
|
cpe:2.3:a:oracle:banking_digital_experience:22.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.1.0.0.0 | |
|
vers:oracle/22.2.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience
|
cpe:2.3:a:oracle:banking_digital_experience:22.2.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.2.0.0.0 | |
|
vers:unknown/8.0.7.8
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.0.7.8 | ||
|
vers:unknown/8.0.8.6
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.0.8.6 | ||
|
vers:unknown/8.1.1.4
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.1.1.4 | ||
|
vers:oracle/8.0.7.8
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.8:*:*:*:*:*:*:*
|
vers:oracle/8.0.7.8 | |
|
vers:unknown/8.1.2.5
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.1.2.5 | ||
|
vers:oracle/8.0.8.6
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8.6:*:*:*:*:*:*:*
|
vers:oracle/8.0.8.6 | |
|
vers:oracle/8.1.1.4
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1.4:*:*:*:*:*:*:*
|
vers:oracle/8.1.1.4 | |
|
vers:oracle/8.1.2.5
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.5:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.5 | |
|
vers:oracle/5.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/5.1.0.0.0 | |
|
vers:oracle/6.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/6.1.0.0.0 | |
|
vers:oracle/7.0.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:7.0.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.0.0.0.0 | |
|
vers:oracle/>=2.9.0.0.0|<=7.0.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0.0.0-7.0.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=2.9.0.0.0|<=7.0.0.0.0 | |
|
vers:semver/5.1.0.0.0
Oracle Corporation / Oracle Financial Services Revenue Management and Billing
|
vers:semver/5.1.0.0.0 | ||
|
vers:semver/6.1.0.0.0
Oracle Corporation / Oracle Financial Services Revenue Management and Billing
|
vers:semver/6.1.0.0.0 | ||
|
vers:semver/7.0.0.0.0
Oracle Corporation / Oracle Financial Services Revenue Management and Billing
|
vers:semver/7.0.0.0.0 | ||
|
vers:oracle/>=14.4.0.0.0|<=14.7.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.4.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=14.4.0.0.0|<=14.7.0.0.0 | |
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.5.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0 | |
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Origination
|
cpe:2.3:a:oracle:banking_origination:14.5.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0 | |
|
vers:unknown/8.0.8.1
Oracle / Oracle / Financial Services Behavior Detection Platform
|
vers:unknown/8.0.8.1 | ||
|
vers:unknown/8.1.2.7
Oracle / Oracle / Financial Services Behavior Detection Platform
|
vers:unknown/8.1.2.7 | ||
|
vers:unknown/8.1.2.8
Oracle / Oracle / Financial Services Behavior Detection Platform
|
vers:unknown/8.1.2.8 | ||
|
vers:oracle/8.0.8.1
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:*:*:*:*:*:*:*
|
vers:oracle/8.0.8.1 | |
|
vers:oracle/8.1.2.7
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.7 | |
|
vers:oracle/8.1.2.8
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.8:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.8 | |
|
vers:oracle/8.1.2.9
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.9:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.9 | |
|
vers:oracle/8.0.8
Oracle / Oracle Financial Services Applications / Oracle Financial Services Trade-Based Anti Money Laundering Enterprise Edition
|
cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering:8.0.8:*:*:*:enterprise:*:*:*
|
vers:oracle/8.0.8 | |
|
vers:unknown/14.7.0.7.0
Oracle / Oracle / Banking Liquidity Management
|
vers:unknown/14.7.0.7.0 | ||
|
vers:oracle/14.7.0.7.0
Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management
|
cpe:2.3:a:oracle:banking_liquidity_management:14.7.0.7.0:*:*:*:*:*:*:*
|
vers:oracle/14.7.0.7.0 | |
|
vers:oracle/14.7.5.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management
|
cpe:2.3:a:oracle:banking_liquidity_management:14.7.5.0.0:*:*:*:*:*:*:*
|
vers:oracle/14.7.5.0.0 | |
|
vers:unknown/8.1.2.6
Oracle / Oracle / Financial Services Compliance Studio
|
vers:unknown/8.1.2.6 | ||
|
vers:oracle/8.1.2.6
Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio
|
cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.6:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.6 | |
|
vers:oracle/8.1.2.9
Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio
|
cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.9:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.9 |
9.8 (Critical)
Affected products
Known affected
44 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/8.1.2.7.0
Oracle / Oracle / Financial Services Model Management and Governance
|
vers:unknown/8.1.2.7.0 | ||
|
vers:unknown/8.1.3.0
Oracle / Oracle / Financial Services Model Management and Governance
|
vers:unknown/8.1.3.0 | ||
|
vers:oracle/8.1.2.6
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.6:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.6 | |
|
vers:oracle/8.1.2.7
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.7 | |
|
vers:oracle/8.1.2.7.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7.0:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.7.0 | |
|
vers:oracle/8.1.3.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.3.0:*:*:*:*:*:*:*
|
vers:oracle/8.1.3.0 | |
|
vers:oracle/21.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking APIs
|
cpe:2.3:a:oracle:banking_apis:21.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.1.0.0.0 | |
|
vers:oracle/22.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking APIs
|
cpe:2.3:a:oracle:banking_apis:22.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.1.0.0.0 | |
|
vers:oracle/22.2.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking APIs
|
cpe:2.3:a:oracle:banking_apis:22.2.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.2.0.0.0 | |
|
vers:oracle/21.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience
|
cpe:2.3:a:oracle:banking_digital_experience:21.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.1.0.0.0 | |
|
vers:oracle/22.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience
|
cpe:2.3:a:oracle:banking_digital_experience:22.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.1.0.0.0 | |
|
vers:oracle/22.2.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience
|
cpe:2.3:a:oracle:banking_digital_experience:22.2.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.2.0.0.0 | |
|
vers:unknown/8.0.7.8
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.0.7.8 | ||
|
vers:unknown/8.0.8.6
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.0.8.6 | ||
|
vers:unknown/8.1.1.4
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.1.1.4 | ||
|
vers:oracle/8.0.7.8
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.8:*:*:*:*:*:*:*
|
vers:oracle/8.0.7.8 | |
|
vers:unknown/8.1.2.5
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.1.2.5 | ||
|
vers:oracle/8.0.8.6
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8.6:*:*:*:*:*:*:*
|
vers:oracle/8.0.8.6 | |
|
vers:oracle/8.1.1.4
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1.4:*:*:*:*:*:*:*
|
vers:oracle/8.1.1.4 | |
|
vers:oracle/8.1.2.5
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.5:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.5 | |
|
vers:oracle/5.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/5.1.0.0.0 | |
|
vers:oracle/6.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/6.1.0.0.0 | |
|
vers:oracle/7.0.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:7.0.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.0.0.0.0 | |
|
vers:oracle/>=2.9.0.0.0|<=7.0.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0.0.0-7.0.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=2.9.0.0.0|<=7.0.0.0.0 | |
|
vers:semver/5.1.0.0.0
Oracle Corporation / Oracle Financial Services Revenue Management and Billing
|
vers:semver/5.1.0.0.0 | ||
|
vers:semver/6.1.0.0.0
Oracle Corporation / Oracle Financial Services Revenue Management and Billing
|
vers:semver/6.1.0.0.0 | ||
|
vers:semver/7.0.0.0.0
Oracle Corporation / Oracle Financial Services Revenue Management and Billing
|
vers:semver/7.0.0.0.0 | ||
|
vers:oracle/>=14.4.0.0.0|<=14.7.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.4.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=14.4.0.0.0|<=14.7.0.0.0 | |
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.5.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0 | |
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Origination
|
cpe:2.3:a:oracle:banking_origination:14.5.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0 | |
|
vers:unknown/8.0.8.1
Oracle / Oracle / Financial Services Behavior Detection Platform
|
vers:unknown/8.0.8.1 | ||
|
vers:unknown/8.1.2.7
Oracle / Oracle / Financial Services Behavior Detection Platform
|
vers:unknown/8.1.2.7 | ||
|
vers:unknown/8.1.2.8
Oracle / Oracle / Financial Services Behavior Detection Platform
|
vers:unknown/8.1.2.8 | ||
|
vers:oracle/8.0.8.1
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:*:*:*:*:*:*:*
|
vers:oracle/8.0.8.1 | |
|
vers:oracle/8.1.2.7
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.7 | |
|
vers:oracle/8.1.2.8
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.8:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.8 | |
|
vers:oracle/8.1.2.9
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.9:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.9 | |
|
vers:oracle/8.0.8
Oracle / Oracle Financial Services Applications / Oracle Financial Services Trade-Based Anti Money Laundering Enterprise Edition
|
cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering:8.0.8:*:*:*:enterprise:*:*:*
|
vers:oracle/8.0.8 | |
|
vers:unknown/14.7.0.7.0
Oracle / Oracle / Banking Liquidity Management
|
vers:unknown/14.7.0.7.0 | ||
|
vers:oracle/14.7.0.7.0
Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management
|
cpe:2.3:a:oracle:banking_liquidity_management:14.7.0.7.0:*:*:*:*:*:*:*
|
vers:oracle/14.7.0.7.0 | |
|
vers:oracle/14.7.5.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management
|
cpe:2.3:a:oracle:banking_liquidity_management:14.7.5.0.0:*:*:*:*:*:*:*
|
vers:oracle/14.7.5.0.0 | |
|
vers:unknown/8.1.2.6
Oracle / Oracle / Financial Services Compliance Studio
|
vers:unknown/8.1.2.6 | ||
|
vers:oracle/8.1.2.6
Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio
|
cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.6:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.6 | |
|
vers:oracle/8.1.2.9
Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio
|
cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.9:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.9 |
4.8 (Medium)
Affected products
Known affected
44 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/8.1.2.7.0
Oracle / Oracle / Financial Services Model Management and Governance
|
vers:unknown/8.1.2.7.0 | ||
|
vers:unknown/8.1.3.0
Oracle / Oracle / Financial Services Model Management and Governance
|
vers:unknown/8.1.3.0 | ||
|
vers:oracle/8.1.2.6
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.6:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.6 | |
|
vers:oracle/8.1.2.7
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.7 | |
|
vers:oracle/8.1.2.7.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7.0:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.7.0 | |
|
vers:oracle/8.1.3.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.3.0:*:*:*:*:*:*:*
|
vers:oracle/8.1.3.0 | |
|
vers:oracle/21.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking APIs
|
cpe:2.3:a:oracle:banking_apis:21.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.1.0.0.0 | |
|
vers:oracle/22.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking APIs
|
cpe:2.3:a:oracle:banking_apis:22.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.1.0.0.0 | |
|
vers:oracle/22.2.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking APIs
|
cpe:2.3:a:oracle:banking_apis:22.2.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.2.0.0.0 | |
|
vers:oracle/21.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience
|
cpe:2.3:a:oracle:banking_digital_experience:21.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.1.0.0.0 | |
|
vers:oracle/22.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience
|
cpe:2.3:a:oracle:banking_digital_experience:22.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.1.0.0.0 | |
|
vers:oracle/22.2.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience
|
cpe:2.3:a:oracle:banking_digital_experience:22.2.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.2.0.0.0 | |
|
vers:unknown/8.0.7.8
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.0.7.8 | ||
|
vers:unknown/8.0.8.6
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.0.8.6 | ||
|
vers:unknown/8.1.1.4
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.1.1.4 | ||
|
vers:oracle/8.0.7.8
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.8:*:*:*:*:*:*:*
|
vers:oracle/8.0.7.8 | |
|
vers:unknown/8.1.2.5
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.1.2.5 | ||
|
vers:oracle/8.0.8.6
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8.6:*:*:*:*:*:*:*
|
vers:oracle/8.0.8.6 | |
|
vers:oracle/8.1.1.4
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1.4:*:*:*:*:*:*:*
|
vers:oracle/8.1.1.4 | |
|
vers:oracle/8.1.2.5
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.5:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.5 | |
|
vers:oracle/5.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/5.1.0.0.0 | |
|
vers:oracle/6.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/6.1.0.0.0 | |
|
vers:oracle/7.0.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:7.0.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.0.0.0.0 | |
|
vers:oracle/>=2.9.0.0.0|<=7.0.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0.0.0-7.0.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=2.9.0.0.0|<=7.0.0.0.0 | |
|
vers:semver/5.1.0.0.0
Oracle Corporation / Oracle Financial Services Revenue Management and Billing
|
vers:semver/5.1.0.0.0 | ||
|
vers:semver/6.1.0.0.0
Oracle Corporation / Oracle Financial Services Revenue Management and Billing
|
vers:semver/6.1.0.0.0 | ||
|
vers:semver/7.0.0.0.0
Oracle Corporation / Oracle Financial Services Revenue Management and Billing
|
vers:semver/7.0.0.0.0 | ||
|
vers:oracle/>=14.4.0.0.0|<=14.7.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.4.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=14.4.0.0.0|<=14.7.0.0.0 | |
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.5.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0 | |
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Origination
|
cpe:2.3:a:oracle:banking_origination:14.5.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0 | |
|
vers:unknown/8.0.8.1
Oracle / Oracle / Financial Services Behavior Detection Platform
|
vers:unknown/8.0.8.1 | ||
|
vers:unknown/8.1.2.7
Oracle / Oracle / Financial Services Behavior Detection Platform
|
vers:unknown/8.1.2.7 | ||
|
vers:unknown/8.1.2.8
Oracle / Oracle / Financial Services Behavior Detection Platform
|
vers:unknown/8.1.2.8 | ||
|
vers:oracle/8.0.8.1
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:*:*:*:*:*:*:*
|
vers:oracle/8.0.8.1 | |
|
vers:oracle/8.1.2.7
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.7 | |
|
vers:oracle/8.1.2.8
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.8:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.8 | |
|
vers:oracle/8.1.2.9
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.9:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.9 | |
|
vers:oracle/8.0.8
Oracle / Oracle Financial Services Applications / Oracle Financial Services Trade-Based Anti Money Laundering Enterprise Edition
|
cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering:8.0.8:*:*:*:enterprise:*:*:*
|
vers:oracle/8.0.8 | |
|
vers:unknown/14.7.0.7.0
Oracle / Oracle / Banking Liquidity Management
|
vers:unknown/14.7.0.7.0 | ||
|
vers:oracle/14.7.0.7.0
Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management
|
cpe:2.3:a:oracle:banking_liquidity_management:14.7.0.7.0:*:*:*:*:*:*:*
|
vers:oracle/14.7.0.7.0 | |
|
vers:oracle/14.7.5.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management
|
cpe:2.3:a:oracle:banking_liquidity_management:14.7.5.0.0:*:*:*:*:*:*:*
|
vers:oracle/14.7.5.0.0 | |
|
vers:unknown/8.1.2.6
Oracle / Oracle / Financial Services Compliance Studio
|
vers:unknown/8.1.2.6 | ||
|
vers:oracle/8.1.2.6
Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio
|
cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.6:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.6 | |
|
vers:oracle/8.1.2.9
Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio
|
cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.9:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.9 |
7.5 (High)
Affected products
Known affected
44 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/8.1.2.7.0
Oracle / Oracle / Financial Services Model Management and Governance
|
vers:unknown/8.1.2.7.0 | ||
|
vers:unknown/8.1.3.0
Oracle / Oracle / Financial Services Model Management and Governance
|
vers:unknown/8.1.3.0 | ||
|
vers:oracle/8.1.2.6
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.6:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.6 | |
|
vers:oracle/8.1.2.7
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.7 | |
|
vers:oracle/8.1.2.7.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7.0:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.7.0 | |
|
vers:oracle/8.1.3.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.3.0:*:*:*:*:*:*:*
|
vers:oracle/8.1.3.0 | |
|
vers:oracle/21.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking APIs
|
cpe:2.3:a:oracle:banking_apis:21.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.1.0.0.0 | |
|
vers:oracle/22.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking APIs
|
cpe:2.3:a:oracle:banking_apis:22.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.1.0.0.0 | |
|
vers:oracle/22.2.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking APIs
|
cpe:2.3:a:oracle:banking_apis:22.2.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.2.0.0.0 | |
|
vers:oracle/21.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience
|
cpe:2.3:a:oracle:banking_digital_experience:21.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.1.0.0.0 | |
|
vers:oracle/22.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience
|
cpe:2.3:a:oracle:banking_digital_experience:22.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.1.0.0.0 | |
|
vers:oracle/22.2.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience
|
cpe:2.3:a:oracle:banking_digital_experience:22.2.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.2.0.0.0 | |
|
vers:unknown/8.0.7.8
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.0.7.8 | ||
|
vers:unknown/8.0.8.6
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.0.8.6 | ||
|
vers:unknown/8.1.1.4
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.1.1.4 | ||
|
vers:oracle/8.0.7.8
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.8:*:*:*:*:*:*:*
|
vers:oracle/8.0.7.8 | |
|
vers:unknown/8.1.2.5
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.1.2.5 | ||
|
vers:oracle/8.0.8.6
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8.6:*:*:*:*:*:*:*
|
vers:oracle/8.0.8.6 | |
|
vers:oracle/8.1.1.4
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1.4:*:*:*:*:*:*:*
|
vers:oracle/8.1.1.4 | |
|
vers:oracle/8.1.2.5
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.5:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.5 | |
|
vers:oracle/5.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/5.1.0.0.0 | |
|
vers:oracle/6.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/6.1.0.0.0 | |
|
vers:oracle/7.0.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:7.0.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.0.0.0.0 | |
|
vers:oracle/>=2.9.0.0.0|<=7.0.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0.0.0-7.0.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=2.9.0.0.0|<=7.0.0.0.0 | |
|
vers:semver/5.1.0.0.0
Oracle Corporation / Oracle Financial Services Revenue Management and Billing
|
vers:semver/5.1.0.0.0 | ||
|
vers:semver/6.1.0.0.0
Oracle Corporation / Oracle Financial Services Revenue Management and Billing
|
vers:semver/6.1.0.0.0 | ||
|
vers:semver/7.0.0.0.0
Oracle Corporation / Oracle Financial Services Revenue Management and Billing
|
vers:semver/7.0.0.0.0 | ||
|
vers:oracle/>=14.4.0.0.0|<=14.7.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.4.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=14.4.0.0.0|<=14.7.0.0.0 | |
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.5.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0 | |
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Origination
|
cpe:2.3:a:oracle:banking_origination:14.5.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0 | |
|
vers:unknown/8.0.8.1
Oracle / Oracle / Financial Services Behavior Detection Platform
|
vers:unknown/8.0.8.1 | ||
|
vers:unknown/8.1.2.7
Oracle / Oracle / Financial Services Behavior Detection Platform
|
vers:unknown/8.1.2.7 | ||
|
vers:unknown/8.1.2.8
Oracle / Oracle / Financial Services Behavior Detection Platform
|
vers:unknown/8.1.2.8 | ||
|
vers:oracle/8.0.8.1
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:*:*:*:*:*:*:*
|
vers:oracle/8.0.8.1 | |
|
vers:oracle/8.1.2.7
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.7 | |
|
vers:oracle/8.1.2.8
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.8:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.8 | |
|
vers:oracle/8.1.2.9
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.9:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.9 | |
|
vers:oracle/8.0.8
Oracle / Oracle Financial Services Applications / Oracle Financial Services Trade-Based Anti Money Laundering Enterprise Edition
|
cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering:8.0.8:*:*:*:enterprise:*:*:*
|
vers:oracle/8.0.8 | |
|
vers:unknown/14.7.0.7.0
Oracle / Oracle / Banking Liquidity Management
|
vers:unknown/14.7.0.7.0 | ||
|
vers:oracle/14.7.0.7.0
Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management
|
cpe:2.3:a:oracle:banking_liquidity_management:14.7.0.7.0:*:*:*:*:*:*:*
|
vers:oracle/14.7.0.7.0 | |
|
vers:oracle/14.7.5.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management
|
cpe:2.3:a:oracle:banking_liquidity_management:14.7.5.0.0:*:*:*:*:*:*:*
|
vers:oracle/14.7.5.0.0 | |
|
vers:unknown/8.1.2.6
Oracle / Oracle / Financial Services Compliance Studio
|
vers:unknown/8.1.2.6 | ||
|
vers:oracle/8.1.2.6
Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio
|
cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.6:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.6 | |
|
vers:oracle/8.1.2.9
Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio
|
cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.9:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.9 |
7.5 (High)
Affected products
Known affected
44 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/8.1.2.7.0
Oracle / Oracle / Financial Services Model Management and Governance
|
vers:unknown/8.1.2.7.0 | ||
|
vers:unknown/8.1.3.0
Oracle / Oracle / Financial Services Model Management and Governance
|
vers:unknown/8.1.3.0 | ||
|
vers:oracle/8.1.2.6
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.6:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.6 | |
|
vers:oracle/8.1.2.7
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.7 | |
|
vers:oracle/8.1.2.7.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7.0:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.7.0 | |
|
vers:oracle/8.1.3.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.3.0:*:*:*:*:*:*:*
|
vers:oracle/8.1.3.0 | |
|
vers:oracle/21.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking APIs
|
cpe:2.3:a:oracle:banking_apis:21.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.1.0.0.0 | |
|
vers:oracle/22.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking APIs
|
cpe:2.3:a:oracle:banking_apis:22.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.1.0.0.0 | |
|
vers:oracle/22.2.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking APIs
|
cpe:2.3:a:oracle:banking_apis:22.2.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.2.0.0.0 | |
|
vers:oracle/21.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience
|
cpe:2.3:a:oracle:banking_digital_experience:21.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.1.0.0.0 | |
|
vers:oracle/22.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience
|
cpe:2.3:a:oracle:banking_digital_experience:22.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.1.0.0.0 | |
|
vers:oracle/22.2.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience
|
cpe:2.3:a:oracle:banking_digital_experience:22.2.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.2.0.0.0 | |
|
vers:unknown/8.0.7.8
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.0.7.8 | ||
|
vers:unknown/8.0.8.6
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.0.8.6 | ||
|
vers:unknown/8.1.1.4
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.1.1.4 | ||
|
vers:oracle/8.0.7.8
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.8:*:*:*:*:*:*:*
|
vers:oracle/8.0.7.8 | |
|
vers:unknown/8.1.2.5
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.1.2.5 | ||
|
vers:oracle/8.0.8.6
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8.6:*:*:*:*:*:*:*
|
vers:oracle/8.0.8.6 | |
|
vers:oracle/8.1.1.4
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1.4:*:*:*:*:*:*:*
|
vers:oracle/8.1.1.4 | |
|
vers:oracle/8.1.2.5
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.5:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.5 | |
|
vers:oracle/5.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/5.1.0.0.0 | |
|
vers:oracle/6.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/6.1.0.0.0 | |
|
vers:oracle/7.0.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:7.0.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.0.0.0.0 | |
|
vers:oracle/>=2.9.0.0.0|<=7.0.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0.0.0-7.0.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=2.9.0.0.0|<=7.0.0.0.0 | |
|
vers:semver/5.1.0.0.0
Oracle Corporation / Oracle Financial Services Revenue Management and Billing
|
vers:semver/5.1.0.0.0 | ||
|
vers:semver/6.1.0.0.0
Oracle Corporation / Oracle Financial Services Revenue Management and Billing
|
vers:semver/6.1.0.0.0 | ||
|
vers:semver/7.0.0.0.0
Oracle Corporation / Oracle Financial Services Revenue Management and Billing
|
vers:semver/7.0.0.0.0 | ||
|
vers:oracle/>=14.4.0.0.0|<=14.7.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.4.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=14.4.0.0.0|<=14.7.0.0.0 | |
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.5.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0 | |
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Origination
|
cpe:2.3:a:oracle:banking_origination:14.5.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0 | |
|
vers:unknown/8.0.8.1
Oracle / Oracle / Financial Services Behavior Detection Platform
|
vers:unknown/8.0.8.1 | ||
|
vers:unknown/8.1.2.7
Oracle / Oracle / Financial Services Behavior Detection Platform
|
vers:unknown/8.1.2.7 | ||
|
vers:unknown/8.1.2.8
Oracle / Oracle / Financial Services Behavior Detection Platform
|
vers:unknown/8.1.2.8 | ||
|
vers:oracle/8.0.8.1
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:*:*:*:*:*:*:*
|
vers:oracle/8.0.8.1 | |
|
vers:oracle/8.1.2.7
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.7 | |
|
vers:oracle/8.1.2.8
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.8:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.8 | |
|
vers:oracle/8.1.2.9
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.9:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.9 | |
|
vers:oracle/8.0.8
Oracle / Oracle Financial Services Applications / Oracle Financial Services Trade-Based Anti Money Laundering Enterprise Edition
|
cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering:8.0.8:*:*:*:enterprise:*:*:*
|
vers:oracle/8.0.8 | |
|
vers:unknown/14.7.0.7.0
Oracle / Oracle / Banking Liquidity Management
|
vers:unknown/14.7.0.7.0 | ||
|
vers:oracle/14.7.0.7.0
Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management
|
cpe:2.3:a:oracle:banking_liquidity_management:14.7.0.7.0:*:*:*:*:*:*:*
|
vers:oracle/14.7.0.7.0 | |
|
vers:oracle/14.7.5.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management
|
cpe:2.3:a:oracle:banking_liquidity_management:14.7.5.0.0:*:*:*:*:*:*:*
|
vers:oracle/14.7.5.0.0 | |
|
vers:unknown/8.1.2.6
Oracle / Oracle / Financial Services Compliance Studio
|
vers:unknown/8.1.2.6 | ||
|
vers:oracle/8.1.2.6
Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio
|
cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.6:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.6 | |
|
vers:oracle/8.1.2.9
Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio
|
cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.9:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.9 |
7.4 (High)
Affected products
Known affected
44 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/8.1.2.7.0
Oracle / Oracle / Financial Services Model Management and Governance
|
vers:unknown/8.1.2.7.0 | ||
|
vers:unknown/8.1.3.0
Oracle / Oracle / Financial Services Model Management and Governance
|
vers:unknown/8.1.3.0 | ||
|
vers:oracle/8.1.2.6
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.6:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.6 | |
|
vers:oracle/8.1.2.7
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.7 | |
|
vers:oracle/8.1.2.7.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7.0:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.7.0 | |
|
vers:oracle/8.1.3.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.3.0:*:*:*:*:*:*:*
|
vers:oracle/8.1.3.0 | |
|
vers:oracle/21.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking APIs
|
cpe:2.3:a:oracle:banking_apis:21.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.1.0.0.0 | |
|
vers:oracle/22.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking APIs
|
cpe:2.3:a:oracle:banking_apis:22.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.1.0.0.0 | |
|
vers:oracle/22.2.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking APIs
|
cpe:2.3:a:oracle:banking_apis:22.2.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.2.0.0.0 | |
|
vers:oracle/21.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience
|
cpe:2.3:a:oracle:banking_digital_experience:21.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.1.0.0.0 | |
|
vers:oracle/22.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience
|
cpe:2.3:a:oracle:banking_digital_experience:22.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.1.0.0.0 | |
|
vers:oracle/22.2.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience
|
cpe:2.3:a:oracle:banking_digital_experience:22.2.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.2.0.0.0 | |
|
vers:unknown/8.0.7.8
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.0.7.8 | ||
|
vers:unknown/8.0.8.6
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.0.8.6 | ||
|
vers:unknown/8.1.1.4
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.1.1.4 | ||
|
vers:oracle/8.0.7.8
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.8:*:*:*:*:*:*:*
|
vers:oracle/8.0.7.8 | |
|
vers:unknown/8.1.2.5
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.1.2.5 | ||
|
vers:oracle/8.0.8.6
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8.6:*:*:*:*:*:*:*
|
vers:oracle/8.0.8.6 | |
|
vers:oracle/8.1.1.4
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1.4:*:*:*:*:*:*:*
|
vers:oracle/8.1.1.4 | |
|
vers:oracle/8.1.2.5
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.5:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.5 | |
|
vers:oracle/5.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/5.1.0.0.0 | |
|
vers:oracle/6.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/6.1.0.0.0 | |
|
vers:oracle/7.0.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:7.0.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.0.0.0.0 | |
|
vers:oracle/>=2.9.0.0.0|<=7.0.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0.0.0-7.0.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=2.9.0.0.0|<=7.0.0.0.0 | |
|
vers:semver/5.1.0.0.0
Oracle Corporation / Oracle Financial Services Revenue Management and Billing
|
vers:semver/5.1.0.0.0 | ||
|
vers:semver/6.1.0.0.0
Oracle Corporation / Oracle Financial Services Revenue Management and Billing
|
vers:semver/6.1.0.0.0 | ||
|
vers:semver/7.0.0.0.0
Oracle Corporation / Oracle Financial Services Revenue Management and Billing
|
vers:semver/7.0.0.0.0 | ||
|
vers:oracle/>=14.4.0.0.0|<=14.7.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.4.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=14.4.0.0.0|<=14.7.0.0.0 | |
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.5.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0 | |
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Origination
|
cpe:2.3:a:oracle:banking_origination:14.5.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0 | |
|
vers:unknown/8.0.8.1
Oracle / Oracle / Financial Services Behavior Detection Platform
|
vers:unknown/8.0.8.1 | ||
|
vers:unknown/8.1.2.7
Oracle / Oracle / Financial Services Behavior Detection Platform
|
vers:unknown/8.1.2.7 | ||
|
vers:unknown/8.1.2.8
Oracle / Oracle / Financial Services Behavior Detection Platform
|
vers:unknown/8.1.2.8 | ||
|
vers:oracle/8.0.8.1
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:*:*:*:*:*:*:*
|
vers:oracle/8.0.8.1 | |
|
vers:oracle/8.1.2.7
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.7 | |
|
vers:oracle/8.1.2.8
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.8:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.8 | |
|
vers:oracle/8.1.2.9
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.9:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.9 | |
|
vers:oracle/8.0.8
Oracle / Oracle Financial Services Applications / Oracle Financial Services Trade-Based Anti Money Laundering Enterprise Edition
|
cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering:8.0.8:*:*:*:enterprise:*:*:*
|
vers:oracle/8.0.8 | |
|
vers:unknown/14.7.0.7.0
Oracle / Oracle / Banking Liquidity Management
|
vers:unknown/14.7.0.7.0 | ||
|
vers:oracle/14.7.0.7.0
Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management
|
cpe:2.3:a:oracle:banking_liquidity_management:14.7.0.7.0:*:*:*:*:*:*:*
|
vers:oracle/14.7.0.7.0 | |
|
vers:oracle/14.7.5.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management
|
cpe:2.3:a:oracle:banking_liquidity_management:14.7.5.0.0:*:*:*:*:*:*:*
|
vers:oracle/14.7.5.0.0 | |
|
vers:unknown/8.1.2.6
Oracle / Oracle / Financial Services Compliance Studio
|
vers:unknown/8.1.2.6 | ||
|
vers:oracle/8.1.2.6
Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio
|
cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.6:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.6 | |
|
vers:oracle/8.1.2.9
Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio
|
cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.9:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.9 |
9.8 (Critical)
Affected products
Known affected
44 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/8.1.2.7.0
Oracle / Oracle / Financial Services Model Management and Governance
|
vers:unknown/8.1.2.7.0 | ||
|
vers:unknown/8.1.3.0
Oracle / Oracle / Financial Services Model Management and Governance
|
vers:unknown/8.1.3.0 | ||
|
vers:oracle/8.1.2.6
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.6:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.6 | |
|
vers:oracle/8.1.2.7
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.7 | |
|
vers:oracle/8.1.2.7.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7.0:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.7.0 | |
|
vers:oracle/8.1.3.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.3.0:*:*:*:*:*:*:*
|
vers:oracle/8.1.3.0 | |
|
vers:oracle/21.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking APIs
|
cpe:2.3:a:oracle:banking_apis:21.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.1.0.0.0 | |
|
vers:oracle/22.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking APIs
|
cpe:2.3:a:oracle:banking_apis:22.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.1.0.0.0 | |
|
vers:oracle/22.2.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking APIs
|
cpe:2.3:a:oracle:banking_apis:22.2.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.2.0.0.0 | |
|
vers:oracle/21.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience
|
cpe:2.3:a:oracle:banking_digital_experience:21.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.1.0.0.0 | |
|
vers:oracle/22.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience
|
cpe:2.3:a:oracle:banking_digital_experience:22.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.1.0.0.0 | |
|
vers:oracle/22.2.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience
|
cpe:2.3:a:oracle:banking_digital_experience:22.2.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.2.0.0.0 | |
|
vers:unknown/8.0.7.8
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.0.7.8 | ||
|
vers:unknown/8.0.8.6
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.0.8.6 | ||
|
vers:unknown/8.1.1.4
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.1.1.4 | ||
|
vers:oracle/8.0.7.8
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.8:*:*:*:*:*:*:*
|
vers:oracle/8.0.7.8 | |
|
vers:unknown/8.1.2.5
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.1.2.5 | ||
|
vers:oracle/8.0.8.6
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8.6:*:*:*:*:*:*:*
|
vers:oracle/8.0.8.6 | |
|
vers:oracle/8.1.1.4
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1.4:*:*:*:*:*:*:*
|
vers:oracle/8.1.1.4 | |
|
vers:oracle/8.1.2.5
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.5:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.5 | |
|
vers:oracle/5.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/5.1.0.0.0 | |
|
vers:oracle/6.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/6.1.0.0.0 | |
|
vers:oracle/7.0.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:7.0.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.0.0.0.0 | |
|
vers:oracle/>=2.9.0.0.0|<=7.0.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0.0.0-7.0.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=2.9.0.0.0|<=7.0.0.0.0 | |
|
vers:semver/5.1.0.0.0
Oracle Corporation / Oracle Financial Services Revenue Management and Billing
|
vers:semver/5.1.0.0.0 | ||
|
vers:semver/6.1.0.0.0
Oracle Corporation / Oracle Financial Services Revenue Management and Billing
|
vers:semver/6.1.0.0.0 | ||
|
vers:semver/7.0.0.0.0
Oracle Corporation / Oracle Financial Services Revenue Management and Billing
|
vers:semver/7.0.0.0.0 | ||
|
vers:oracle/>=14.4.0.0.0|<=14.7.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.4.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=14.4.0.0.0|<=14.7.0.0.0 | |
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.5.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0 | |
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Origination
|
cpe:2.3:a:oracle:banking_origination:14.5.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0 | |
|
vers:unknown/8.0.8.1
Oracle / Oracle / Financial Services Behavior Detection Platform
|
vers:unknown/8.0.8.1 | ||
|
vers:unknown/8.1.2.7
Oracle / Oracle / Financial Services Behavior Detection Platform
|
vers:unknown/8.1.2.7 | ||
|
vers:unknown/8.1.2.8
Oracle / Oracle / Financial Services Behavior Detection Platform
|
vers:unknown/8.1.2.8 | ||
|
vers:oracle/8.0.8.1
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:*:*:*:*:*:*:*
|
vers:oracle/8.0.8.1 | |
|
vers:oracle/8.1.2.7
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.7 | |
|
vers:oracle/8.1.2.8
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.8:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.8 | |
|
vers:oracle/8.1.2.9
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.9:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.9 | |
|
vers:oracle/8.0.8
Oracle / Oracle Financial Services Applications / Oracle Financial Services Trade-Based Anti Money Laundering Enterprise Edition
|
cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering:8.0.8:*:*:*:enterprise:*:*:*
|
vers:oracle/8.0.8 | |
|
vers:unknown/14.7.0.7.0
Oracle / Oracle / Banking Liquidity Management
|
vers:unknown/14.7.0.7.0 | ||
|
vers:oracle/14.7.0.7.0
Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management
|
cpe:2.3:a:oracle:banking_liquidity_management:14.7.0.7.0:*:*:*:*:*:*:*
|
vers:oracle/14.7.0.7.0 | |
|
vers:oracle/14.7.5.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management
|
cpe:2.3:a:oracle:banking_liquidity_management:14.7.5.0.0:*:*:*:*:*:*:*
|
vers:oracle/14.7.5.0.0 | |
|
vers:unknown/8.1.2.6
Oracle / Oracle / Financial Services Compliance Studio
|
vers:unknown/8.1.2.6 | ||
|
vers:oracle/8.1.2.6
Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio
|
cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.6:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.6 | |
|
vers:oracle/8.1.2.9
Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio
|
cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.9:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.9 |
7.5 (High)
Affected products
Known affected
44 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/8.1.2.7.0
Oracle / Oracle / Financial Services Model Management and Governance
|
vers:unknown/8.1.2.7.0 | ||
|
vers:unknown/8.1.3.0
Oracle / Oracle / Financial Services Model Management and Governance
|
vers:unknown/8.1.3.0 | ||
|
vers:oracle/8.1.2.6
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.6:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.6 | |
|
vers:oracle/8.1.2.7
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.7 | |
|
vers:oracle/8.1.2.7.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7.0:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.7.0 | |
|
vers:oracle/8.1.3.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.3.0:*:*:*:*:*:*:*
|
vers:oracle/8.1.3.0 | |
|
vers:oracle/21.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking APIs
|
cpe:2.3:a:oracle:banking_apis:21.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.1.0.0.0 | |
|
vers:oracle/22.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking APIs
|
cpe:2.3:a:oracle:banking_apis:22.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.1.0.0.0 | |
|
vers:oracle/22.2.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking APIs
|
cpe:2.3:a:oracle:banking_apis:22.2.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.2.0.0.0 | |
|
vers:oracle/21.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience
|
cpe:2.3:a:oracle:banking_digital_experience:21.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.1.0.0.0 | |
|
vers:oracle/22.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience
|
cpe:2.3:a:oracle:banking_digital_experience:22.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.1.0.0.0 | |
|
vers:oracle/22.2.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience
|
cpe:2.3:a:oracle:banking_digital_experience:22.2.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.2.0.0.0 | |
|
vers:unknown/8.0.7.8
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.0.7.8 | ||
|
vers:unknown/8.0.8.6
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.0.8.6 | ||
|
vers:unknown/8.1.1.4
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.1.1.4 | ||
|
vers:oracle/8.0.7.8
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.8:*:*:*:*:*:*:*
|
vers:oracle/8.0.7.8 | |
|
vers:unknown/8.1.2.5
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.1.2.5 | ||
|
vers:oracle/8.0.8.6
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8.6:*:*:*:*:*:*:*
|
vers:oracle/8.0.8.6 | |
|
vers:oracle/8.1.1.4
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1.4:*:*:*:*:*:*:*
|
vers:oracle/8.1.1.4 | |
|
vers:oracle/8.1.2.5
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.5:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.5 | |
|
vers:oracle/5.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/5.1.0.0.0 | |
|
vers:oracle/6.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/6.1.0.0.0 | |
|
vers:oracle/7.0.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:7.0.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.0.0.0.0 | |
|
vers:oracle/>=2.9.0.0.0|<=7.0.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0.0.0-7.0.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=2.9.0.0.0|<=7.0.0.0.0 | |
|
vers:semver/5.1.0.0.0
Oracle Corporation / Oracle Financial Services Revenue Management and Billing
|
vers:semver/5.1.0.0.0 | ||
|
vers:semver/6.1.0.0.0
Oracle Corporation / Oracle Financial Services Revenue Management and Billing
|
vers:semver/6.1.0.0.0 | ||
|
vers:semver/7.0.0.0.0
Oracle Corporation / Oracle Financial Services Revenue Management and Billing
|
vers:semver/7.0.0.0.0 | ||
|
vers:oracle/>=14.4.0.0.0|<=14.7.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.4.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=14.4.0.0.0|<=14.7.0.0.0 | |
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.5.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0 | |
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Origination
|
cpe:2.3:a:oracle:banking_origination:14.5.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0 | |
|
vers:unknown/8.0.8.1
Oracle / Oracle / Financial Services Behavior Detection Platform
|
vers:unknown/8.0.8.1 | ||
|
vers:unknown/8.1.2.7
Oracle / Oracle / Financial Services Behavior Detection Platform
|
vers:unknown/8.1.2.7 | ||
|
vers:unknown/8.1.2.8
Oracle / Oracle / Financial Services Behavior Detection Platform
|
vers:unknown/8.1.2.8 | ||
|
vers:oracle/8.0.8.1
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:*:*:*:*:*:*:*
|
vers:oracle/8.0.8.1 | |
|
vers:oracle/8.1.2.7
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.7 | |
|
vers:oracle/8.1.2.8
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.8:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.8 | |
|
vers:oracle/8.1.2.9
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.9:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.9 | |
|
vers:oracle/8.0.8
Oracle / Oracle Financial Services Applications / Oracle Financial Services Trade-Based Anti Money Laundering Enterprise Edition
|
cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering:8.0.8:*:*:*:enterprise:*:*:*
|
vers:oracle/8.0.8 | |
|
vers:unknown/14.7.0.7.0
Oracle / Oracle / Banking Liquidity Management
|
vers:unknown/14.7.0.7.0 | ||
|
vers:oracle/14.7.0.7.0
Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management
|
cpe:2.3:a:oracle:banking_liquidity_management:14.7.0.7.0:*:*:*:*:*:*:*
|
vers:oracle/14.7.0.7.0 | |
|
vers:oracle/14.7.5.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management
|
cpe:2.3:a:oracle:banking_liquidity_management:14.7.5.0.0:*:*:*:*:*:*:*
|
vers:oracle/14.7.5.0.0 | |
|
vers:unknown/8.1.2.6
Oracle / Oracle / Financial Services Compliance Studio
|
vers:unknown/8.1.2.6 | ||
|
vers:oracle/8.1.2.6
Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio
|
cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.6:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.6 | |
|
vers:oracle/8.1.2.9
Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio
|
cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.9:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.9 |
6.0 (Medium)
Affected products
Known affected
44 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/8.1.2.7.0
Oracle / Oracle / Financial Services Model Management and Governance
|
vers:unknown/8.1.2.7.0 | ||
|
vers:unknown/8.1.3.0
Oracle / Oracle / Financial Services Model Management and Governance
|
vers:unknown/8.1.3.0 | ||
|
vers:oracle/8.1.2.6
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.6:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.6 | |
|
vers:oracle/8.1.2.7
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.7 | |
|
vers:oracle/8.1.2.7.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7.0:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.7.0 | |
|
vers:oracle/8.1.3.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.3.0:*:*:*:*:*:*:*
|
vers:oracle/8.1.3.0 | |
|
vers:oracle/21.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking APIs
|
cpe:2.3:a:oracle:banking_apis:21.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.1.0.0.0 | |
|
vers:oracle/22.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking APIs
|
cpe:2.3:a:oracle:banking_apis:22.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.1.0.0.0 | |
|
vers:oracle/22.2.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking APIs
|
cpe:2.3:a:oracle:banking_apis:22.2.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.2.0.0.0 | |
|
vers:oracle/21.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience
|
cpe:2.3:a:oracle:banking_digital_experience:21.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.1.0.0.0 | |
|
vers:oracle/22.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience
|
cpe:2.3:a:oracle:banking_digital_experience:22.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.1.0.0.0 | |
|
vers:oracle/22.2.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience
|
cpe:2.3:a:oracle:banking_digital_experience:22.2.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.2.0.0.0 | |
|
vers:unknown/8.0.7.8
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.0.7.8 | ||
|
vers:unknown/8.0.8.6
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.0.8.6 | ||
|
vers:unknown/8.1.1.4
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.1.1.4 | ||
|
vers:oracle/8.0.7.8
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.8:*:*:*:*:*:*:*
|
vers:oracle/8.0.7.8 | |
|
vers:unknown/8.1.2.5
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.1.2.5 | ||
|
vers:oracle/8.0.8.6
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8.6:*:*:*:*:*:*:*
|
vers:oracle/8.0.8.6 | |
|
vers:oracle/8.1.1.4
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1.4:*:*:*:*:*:*:*
|
vers:oracle/8.1.1.4 | |
|
vers:oracle/8.1.2.5
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.5:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.5 | |
|
vers:oracle/5.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/5.1.0.0.0 | |
|
vers:oracle/6.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/6.1.0.0.0 | |
|
vers:oracle/7.0.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:7.0.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.0.0.0.0 | |
|
vers:oracle/>=2.9.0.0.0|<=7.0.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0.0.0-7.0.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=2.9.0.0.0|<=7.0.0.0.0 | |
|
vers:semver/5.1.0.0.0
Oracle Corporation / Oracle Financial Services Revenue Management and Billing
|
vers:semver/5.1.0.0.0 | ||
|
vers:semver/6.1.0.0.0
Oracle Corporation / Oracle Financial Services Revenue Management and Billing
|
vers:semver/6.1.0.0.0 | ||
|
vers:semver/7.0.0.0.0
Oracle Corporation / Oracle Financial Services Revenue Management and Billing
|
vers:semver/7.0.0.0.0 | ||
|
vers:oracle/>=14.4.0.0.0|<=14.7.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.4.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=14.4.0.0.0|<=14.7.0.0.0 | |
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.5.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0 | |
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Origination
|
cpe:2.3:a:oracle:banking_origination:14.5.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0 | |
|
vers:unknown/8.0.8.1
Oracle / Oracle / Financial Services Behavior Detection Platform
|
vers:unknown/8.0.8.1 | ||
|
vers:unknown/8.1.2.7
Oracle / Oracle / Financial Services Behavior Detection Platform
|
vers:unknown/8.1.2.7 | ||
|
vers:unknown/8.1.2.8
Oracle / Oracle / Financial Services Behavior Detection Platform
|
vers:unknown/8.1.2.8 | ||
|
vers:oracle/8.0.8.1
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:*:*:*:*:*:*:*
|
vers:oracle/8.0.8.1 | |
|
vers:oracle/8.1.2.7
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.7 | |
|
vers:oracle/8.1.2.8
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.8:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.8 | |
|
vers:oracle/8.1.2.9
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.9:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.9 | |
|
vers:oracle/8.0.8
Oracle / Oracle Financial Services Applications / Oracle Financial Services Trade-Based Anti Money Laundering Enterprise Edition
|
cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering:8.0.8:*:*:*:enterprise:*:*:*
|
vers:oracle/8.0.8 | |
|
vers:unknown/14.7.0.7.0
Oracle / Oracle / Banking Liquidity Management
|
vers:unknown/14.7.0.7.0 | ||
|
vers:oracle/14.7.0.7.0
Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management
|
cpe:2.3:a:oracle:banking_liquidity_management:14.7.0.7.0:*:*:*:*:*:*:*
|
vers:oracle/14.7.0.7.0 | |
|
vers:oracle/14.7.5.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management
|
cpe:2.3:a:oracle:banking_liquidity_management:14.7.5.0.0:*:*:*:*:*:*:*
|
vers:oracle/14.7.5.0.0 | |
|
vers:unknown/8.1.2.6
Oracle / Oracle / Financial Services Compliance Studio
|
vers:unknown/8.1.2.6 | ||
|
vers:oracle/8.1.2.6
Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio
|
cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.6:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.6 | |
|
vers:oracle/8.1.2.9
Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio
|
cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.9:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.9 |
CWE-400
- Uncontrolled Resource Consumption
Affected products
Known affected
44 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/8.1.2.7.0
Oracle / Oracle / Financial Services Model Management and Governance
|
vers:unknown/8.1.2.7.0 | ||
|
vers:unknown/8.1.3.0
Oracle / Oracle / Financial Services Model Management and Governance
|
vers:unknown/8.1.3.0 | ||
|
vers:oracle/8.1.2.6
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.6:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.6 | |
|
vers:oracle/8.1.2.7
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.7 | |
|
vers:oracle/8.1.2.7.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7.0:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.7.0 | |
|
vers:oracle/8.1.3.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.3.0:*:*:*:*:*:*:*
|
vers:oracle/8.1.3.0 | |
|
vers:oracle/21.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking APIs
|
cpe:2.3:a:oracle:banking_apis:21.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.1.0.0.0 | |
|
vers:oracle/22.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking APIs
|
cpe:2.3:a:oracle:banking_apis:22.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.1.0.0.0 | |
|
vers:oracle/22.2.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking APIs
|
cpe:2.3:a:oracle:banking_apis:22.2.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.2.0.0.0 | |
|
vers:oracle/21.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience
|
cpe:2.3:a:oracle:banking_digital_experience:21.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.1.0.0.0 | |
|
vers:oracle/22.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience
|
cpe:2.3:a:oracle:banking_digital_experience:22.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.1.0.0.0 | |
|
vers:oracle/22.2.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience
|
cpe:2.3:a:oracle:banking_digital_experience:22.2.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.2.0.0.0 | |
|
vers:unknown/8.0.7.8
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.0.7.8 | ||
|
vers:unknown/8.0.8.6
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.0.8.6 | ||
|
vers:unknown/8.1.1.4
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.1.1.4 | ||
|
vers:oracle/8.0.7.8
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.8:*:*:*:*:*:*:*
|
vers:oracle/8.0.7.8 | |
|
vers:unknown/8.1.2.5
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.1.2.5 | ||
|
vers:oracle/8.0.8.6
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8.6:*:*:*:*:*:*:*
|
vers:oracle/8.0.8.6 | |
|
vers:oracle/8.1.1.4
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1.4:*:*:*:*:*:*:*
|
vers:oracle/8.1.1.4 | |
|
vers:oracle/8.1.2.5
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.5:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.5 | |
|
vers:oracle/5.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/5.1.0.0.0 | |
|
vers:oracle/6.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/6.1.0.0.0 | |
|
vers:oracle/7.0.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:7.0.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.0.0.0.0 | |
|
vers:oracle/>=2.9.0.0.0|<=7.0.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0.0.0-7.0.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=2.9.0.0.0|<=7.0.0.0.0 | |
|
vers:semver/5.1.0.0.0
Oracle Corporation / Oracle Financial Services Revenue Management and Billing
|
vers:semver/5.1.0.0.0 | ||
|
vers:semver/6.1.0.0.0
Oracle Corporation / Oracle Financial Services Revenue Management and Billing
|
vers:semver/6.1.0.0.0 | ||
|
vers:semver/7.0.0.0.0
Oracle Corporation / Oracle Financial Services Revenue Management and Billing
|
vers:semver/7.0.0.0.0 | ||
|
vers:oracle/>=14.4.0.0.0|<=14.7.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.4.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=14.4.0.0.0|<=14.7.0.0.0 | |
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.5.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0 | |
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Origination
|
cpe:2.3:a:oracle:banking_origination:14.5.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0 | |
|
vers:unknown/8.0.8.1
Oracle / Oracle / Financial Services Behavior Detection Platform
|
vers:unknown/8.0.8.1 | ||
|
vers:unknown/8.1.2.7
Oracle / Oracle / Financial Services Behavior Detection Platform
|
vers:unknown/8.1.2.7 | ||
|
vers:unknown/8.1.2.8
Oracle / Oracle / Financial Services Behavior Detection Platform
|
vers:unknown/8.1.2.8 | ||
|
vers:oracle/8.0.8.1
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:*:*:*:*:*:*:*
|
vers:oracle/8.0.8.1 | |
|
vers:oracle/8.1.2.7
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.7 | |
|
vers:oracle/8.1.2.8
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.8:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.8 | |
|
vers:oracle/8.1.2.9
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.9:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.9 | |
|
vers:oracle/8.0.8
Oracle / Oracle Financial Services Applications / Oracle Financial Services Trade-Based Anti Money Laundering Enterprise Edition
|
cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering:8.0.8:*:*:*:enterprise:*:*:*
|
vers:oracle/8.0.8 | |
|
vers:unknown/14.7.0.7.0
Oracle / Oracle / Banking Liquidity Management
|
vers:unknown/14.7.0.7.0 | ||
|
vers:oracle/14.7.0.7.0
Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management
|
cpe:2.3:a:oracle:banking_liquidity_management:14.7.0.7.0:*:*:*:*:*:*:*
|
vers:oracle/14.7.0.7.0 | |
|
vers:oracle/14.7.5.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management
|
cpe:2.3:a:oracle:banking_liquidity_management:14.7.5.0.0:*:*:*:*:*:*:*
|
vers:oracle/14.7.5.0.0 | |
|
vers:unknown/8.1.2.6
Oracle / Oracle / Financial Services Compliance Studio
|
vers:unknown/8.1.2.6 | ||
|
vers:oracle/8.1.2.6
Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio
|
cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.6:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.6 | |
|
vers:oracle/8.1.2.9
Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio
|
cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.9:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.9 |
7.5 (High)
Affected products
Known affected
44 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/8.1.2.7.0
Oracle / Oracle / Financial Services Model Management and Governance
|
vers:unknown/8.1.2.7.0 | ||
|
vers:unknown/8.1.3.0
Oracle / Oracle / Financial Services Model Management and Governance
|
vers:unknown/8.1.3.0 | ||
|
vers:oracle/8.1.2.6
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.6:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.6 | |
|
vers:oracle/8.1.2.7
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.7 | |
|
vers:oracle/8.1.2.7.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7.0:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.7.0 | |
|
vers:oracle/8.1.3.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.3.0:*:*:*:*:*:*:*
|
vers:oracle/8.1.3.0 | |
|
vers:oracle/21.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking APIs
|
cpe:2.3:a:oracle:banking_apis:21.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.1.0.0.0 | |
|
vers:oracle/22.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking APIs
|
cpe:2.3:a:oracle:banking_apis:22.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.1.0.0.0 | |
|
vers:oracle/22.2.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking APIs
|
cpe:2.3:a:oracle:banking_apis:22.2.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.2.0.0.0 | |
|
vers:oracle/21.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience
|
cpe:2.3:a:oracle:banking_digital_experience:21.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.1.0.0.0 | |
|
vers:oracle/22.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience
|
cpe:2.3:a:oracle:banking_digital_experience:22.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.1.0.0.0 | |
|
vers:oracle/22.2.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience
|
cpe:2.3:a:oracle:banking_digital_experience:22.2.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/22.2.0.0.0 | |
|
vers:unknown/8.0.7.8
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.0.7.8 | ||
|
vers:unknown/8.0.8.6
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.0.8.6 | ||
|
vers:unknown/8.1.1.4
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.1.1.4 | ||
|
vers:oracle/8.0.7.8
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.8:*:*:*:*:*:*:*
|
vers:oracle/8.0.7.8 | |
|
vers:unknown/8.1.2.5
Oracle / Oracle / Financial Services Analytical Applications Infrastructure
|
vers:unknown/8.1.2.5 | ||
|
vers:oracle/8.0.8.6
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8.6:*:*:*:*:*:*:*
|
vers:oracle/8.0.8.6 | |
|
vers:oracle/8.1.1.4
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1.4:*:*:*:*:*:*:*
|
vers:oracle/8.1.1.4 | |
|
vers:oracle/8.1.2.5
Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.5:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.5 | |
|
vers:oracle/5.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/5.1.0.0.0 | |
|
vers:oracle/6.1.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.1.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/6.1.0.0.0 | |
|
vers:oracle/7.0.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:7.0.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/7.0.0.0.0 | |
|
vers:oracle/>=2.9.0.0.0|<=7.0.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0.0.0-7.0.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=2.9.0.0.0|<=7.0.0.0.0 | |
|
vers:semver/5.1.0.0.0
Oracle Corporation / Oracle Financial Services Revenue Management and Billing
|
vers:semver/5.1.0.0.0 | ||
|
vers:semver/6.1.0.0.0
Oracle Corporation / Oracle Financial Services Revenue Management and Billing
|
vers:semver/6.1.0.0.0 | ||
|
vers:semver/7.0.0.0.0
Oracle Corporation / Oracle Financial Services Revenue Management and Billing
|
vers:semver/7.0.0.0.0 | ||
|
vers:oracle/>=14.4.0.0.0|<=14.7.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.4.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=14.4.0.0.0|<=14.7.0.0.0 | |
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.5.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0 | |
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Origination
|
cpe:2.3:a:oracle:banking_origination:14.5.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=14.5.0.0.0|<=14.7.0.0.0 | |
|
vers:unknown/8.0.8.1
Oracle / Oracle / Financial Services Behavior Detection Platform
|
vers:unknown/8.0.8.1 | ||
|
vers:unknown/8.1.2.7
Oracle / Oracle / Financial Services Behavior Detection Platform
|
vers:unknown/8.1.2.7 | ||
|
vers:unknown/8.1.2.8
Oracle / Oracle / Financial Services Behavior Detection Platform
|
vers:unknown/8.1.2.8 | ||
|
vers:oracle/8.0.8.1
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:*:*:*:*:*:*:*
|
vers:oracle/8.0.8.1 | |
|
vers:oracle/8.1.2.7
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.7 | |
|
vers:oracle/8.1.2.8
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.8:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.8 | |
|
vers:oracle/8.1.2.9
Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.9:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.9 | |
|
vers:oracle/8.0.8
Oracle / Oracle Financial Services Applications / Oracle Financial Services Trade-Based Anti Money Laundering Enterprise Edition
|
cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering:8.0.8:*:*:*:enterprise:*:*:*
|
vers:oracle/8.0.8 | |
|
vers:unknown/14.7.0.7.0
Oracle / Oracle / Banking Liquidity Management
|
vers:unknown/14.7.0.7.0 | ||
|
vers:oracle/14.7.0.7.0
Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management
|
cpe:2.3:a:oracle:banking_liquidity_management:14.7.0.7.0:*:*:*:*:*:*:*
|
vers:oracle/14.7.0.7.0 | |
|
vers:oracle/14.7.5.0.0
Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management
|
cpe:2.3:a:oracle:banking_liquidity_management:14.7.5.0.0:*:*:*:*:*:*:*
|
vers:oracle/14.7.5.0.0 | |
|
vers:unknown/8.1.2.6
Oracle / Oracle / Financial Services Compliance Studio
|
vers:unknown/8.1.2.6 | ||
|
vers:oracle/8.1.2.6
Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio
|
cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.6:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.6 | |
|
vers:oracle/8.1.2.9
Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio
|
cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.9:*:*:*:*:*:*:*
|
vers:oracle/8.1.2.9 |
References
20 references
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "Oracle heeft kwetsbaarheden verholpen in verschillende Financial Services producten",
"title": "Feiten"
},
{
"category": "description",
"text": "De kwetsbaarheden stellen niet-geauthenticeerde kwaadwillenden in staat om via HTTP toegang te krijgen tot kritieke gegevens, wat kan leiden tot ongeautoriseerde gegevenstoegang en andere beveiligingsrisico\u0027s. Kwaadwillenden kunnen ook gebruik maken van misconfiguraties en kwetsbaarheden in de software om privilege-escalatie, denial-of-service en remote code execution uit te voeren.",
"title": "Interpretaties"
},
{
"category": "description",
"text": "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Always-Incorrect Control Flow Implementation",
"title": "CWE-670"
},
{
"category": "general",
"text": "Use of Potentially Dangerous Function",
"title": "CWE-676"
},
{
"category": "general",
"text": "Storage of Sensitive Data in a Mechanism without Access Control",
"title": "CWE-921"
},
{
"category": "general",
"text": "Insecure Storage of Sensitive Information",
"title": "CWE-922"
},
{
"category": "general",
"text": "Incorrect Resource Transfer Between Spheres",
"title": "CWE-669"
},
{
"category": "general",
"text": "Improper Handling of Case Sensitivity",
"title": "CWE-178"
},
{
"category": "general",
"text": "Incorrect Implementation of Authentication Algorithm",
"title": "CWE-303"
},
{
"category": "general",
"text": "Incorrect Permission Assignment for Critical Resource",
"title": "CWE-732"
},
{
"category": "general",
"text": "Time-of-check Time-of-use (TOCTOU) Race Condition",
"title": "CWE-367"
},
{
"category": "general",
"text": "Integer Overflow to Buffer Overflow",
"title": "CWE-680"
},
{
"category": "general",
"text": "Authorization Bypass Through User-Controlled Key",
"title": "CWE-639"
},
{
"category": "general",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "general",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "general",
"text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"title": "CWE-119"
},
{
"category": "general",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "general",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
},
{
"category": "general",
"text": "Uncontrolled Recursion",
"title": "CWE-674"
},
{
"category": "general",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"title": "CWE-22"
},
{
"category": "general",
"text": "Improper Restriction of XML External Entity Reference",
"title": "CWE-611"
},
{
"category": "general",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
},
{
"category": "general",
"text": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"title": "CWE-120"
},
{
"category": "general",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Reference - cveprojectv5; nvd; oracle",
"url": "https://www.oracle.com/security-alerts/cpuapr2025.html"
}
],
"title": "Kwetsbaarheden verholpen in Oracle Financial Services",
"tracking": {
"current_release_date": "2025-04-16T15:00:12.952979Z",
"generator": {
"date": "2025-02-25T15:15:00Z",
"engine": {
"name": "V.A.",
"version": "1.0"
}
},
"id": "NCSC-2025-0127",
"initial_release_date": "2025-04-16T15:00:12.952979Z",
"revision_history": [
{
"date": "2025-04-16T15:00:12.952979Z",
"number": "1.0.0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/8.1.2.7.0",
"product": {
"name": "vers:unknown/8.1.2.7.0",
"product_id": "CSAFPID-2698335"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/8.1.3.0",
"product": {
"name": "vers:unknown/8.1.3.0",
"product_id": "CSAFPID-1838588"
}
}
],
"category": "product_name",
"name": "Financial Services Model Management and Governance"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/8.0.7.8",
"product": {
"name": "vers:unknown/8.0.7.8",
"product_id": "CSAFPID-1838570"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/8.0.8.6",
"product": {
"name": "vers:unknown/8.0.8.6",
"product_id": "CSAFPID-1838583"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/8.1.1.4",
"product": {
"name": "vers:unknown/8.1.1.4",
"product_id": "CSAFPID-2698354"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/8.1.2.5",
"product": {
"name": "vers:unknown/8.1.2.5",
"product_id": "CSAFPID-1838577"
}
}
],
"category": "product_name",
"name": "Financial Services Analytical Applications Infrastructure"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/8.0.8.1",
"product": {
"name": "vers:unknown/8.0.8.1",
"product_id": "CSAFPID-1199519"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/8.1.2.7",
"product": {
"name": "vers:unknown/8.1.2.7",
"product_id": "CSAFPID-1838573"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/8.1.2.8",
"product": {
"name": "vers:unknown/8.1.2.8",
"product_id": "CSAFPID-1838574"
}
}
],
"category": "product_name",
"name": "Financial Services Behavior Detection Platform"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/14.7.0.7.0",
"product": {
"name": "vers:unknown/14.7.0.7.0",
"product_id": "CSAFPID-2698380"
}
}
],
"category": "product_name",
"name": "Banking Liquidity Management"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/8.1.2.6",
"product": {
"name": "vers:unknown/8.1.2.6",
"product_id": "CSAFPID-1838589"
}
}
],
"category": "product_name",
"name": "Financial Services Compliance Studio"
}
],
"category": "product_family",
"name": "Oracle"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/8.1.2.6",
"product": {
"name": "vers:oracle/8.1.2.6",
"product_id": "CSAFPID-1839860",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.6:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/8.1.2.7",
"product": {
"name": "vers:oracle/8.1.2.7",
"product_id": "CSAFPID-1839857",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/8.1.2.7.0",
"product": {
"name": "vers:oracle/8.1.2.7.0",
"product_id": "CSAFPID-2699019",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/8.1.3.0",
"product": {
"name": "vers:oracle/8.1.3.0",
"product_id": "CSAFPID-1839858",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.3.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Financial Services Model Management and Governance"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/21.1.0.0.0",
"product": {
"name": "vers:oracle/21.1.0.0.0",
"product_id": "CSAFPID-2698953",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:banking_apis:21.1.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/22.1.0.0.0",
"product": {
"name": "vers:oracle/22.1.0.0.0",
"product_id": "CSAFPID-2698951",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:banking_apis:22.1.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/22.2.0.0.0",
"product": {
"name": "vers:oracle/22.2.0.0.0",
"product_id": "CSAFPID-2698952",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:banking_apis:22.2.0.0.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Banking APIs"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/21.1.0.0.0",
"product": {
"name": "vers:oracle/21.1.0.0.0",
"product_id": "CSAFPID-2698992",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:banking_digital_experience:21.1.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/22.1.0.0.0",
"product": {
"name": "vers:oracle/22.1.0.0.0",
"product_id": "CSAFPID-2698990",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:banking_digital_experience:22.1.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/22.2.0.0.0",
"product": {
"name": "vers:oracle/22.2.0.0.0",
"product_id": "CSAFPID-2698994",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:banking_digital_experience:22.2.0.0.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Banking Digital Experience"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/8.0.7.8",
"product": {
"name": "vers:oracle/8.0.7.8",
"product_id": "CSAFPID-1839976",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.8:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/8.0.8.6",
"product": {
"name": "vers:oracle/8.0.8.6",
"product_id": "CSAFPID-1839966",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8.6:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/8.1.1.4",
"product": {
"name": "vers:oracle/8.1.1.4",
"product_id": "CSAFPID-2699017",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/8.1.2.5",
"product": {
"name": "vers:oracle/8.1.2.5",
"product_id": "CSAFPID-1839974",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.5:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Financial Services Analytical Applications Infrastructure"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/5.1.0.0.0",
"product": {
"name": "vers:oracle/5.1.0.0.0",
"product_id": "CSAFPID-2699099",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.1.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/6.1.0.0.0",
"product": {
"name": "vers:oracle/6.1.0.0.0",
"product_id": "CSAFPID-2699100",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.1.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/7.0.0.0.0",
"product": {
"name": "vers:oracle/7.0.0.0.0",
"product_id": "CSAFPID-2699101",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:7.0.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/\u003e=2.9.0.0.0|\u003c=7.0.0.0.0",
"product": {
"name": "vers:oracle/\u003e=2.9.0.0.0|\u003c=7.0.0.0.0",
"product_id": "CSAFPID-1839884",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0.0.0-7.0.0.0.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Financial Services Revenue Management and Billing"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/\u003e=14.4.0.0.0|\u003c=14.7.0.0.0",
"product": {
"name": "vers:oracle/\u003e=14.4.0.0.0|\u003c=14.7.0.0.0",
"product_id": "CSAFPID-1839866",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.4.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/\u003e=14.5.0.0.0|\u003c=14.7.0.0.0",
"product": {
"name": "vers:oracle/\u003e=14.5.0.0.0|\u003c=14.7.0.0.0",
"product_id": "CSAFPID-2698995",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.5.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Banking Corporate Lending Process Management"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/\u003e=14.5.0.0.0|\u003c=14.7.0.0.0",
"product": {
"name": "vers:oracle/\u003e=14.5.0.0.0|\u003c=14.7.0.0.0",
"product_id": "CSAFPID-1839867",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:banking_origination:14.5.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Banking Origination"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/8.0.8.1",
"product": {
"name": "vers:oracle/8.0.8.1",
"product_id": "CSAFPID-1839881",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/8.1.2.7",
"product": {
"name": "vers:oracle/8.1.2.7",
"product_id": "CSAFPID-1839880",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/8.1.2.8",
"product": {
"name": "vers:oracle/8.1.2.8",
"product_id": "CSAFPID-1839882",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.8:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/8.1.2.9",
"product": {
"name": "vers:oracle/8.1.2.9",
"product_id": "CSAFPID-2698954",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.9:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Financial Services Behavior Detection Platform"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/8.0.8",
"product": {
"name": "vers:oracle/8.0.8",
"product_id": "CSAFPID-1839878",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering:8.0.8:*:*:*:enterprise:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Financial Services Trade-Based Anti Money Laundering Enterprise Edition"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/14.7.0.7.0",
"product": {
"name": "vers:oracle/14.7.0.7.0",
"product_id": "CSAFPID-2698938",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:banking_liquidity_management:14.7.0.7.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/14.7.5.0.0",
"product": {
"name": "vers:oracle/14.7.5.0.0",
"product_id": "CSAFPID-1839923",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:banking_liquidity_management:14.7.5.0.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Banking Liquidity Management"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/8.1.2.6",
"product": {
"name": "vers:oracle/8.1.2.6",
"product_id": "CSAFPID-1839871",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.6:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/8.1.2.9",
"product": {
"name": "vers:oracle/8.1.2.9",
"product_id": "CSAFPID-2699005",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.9:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Financial Services Compliance Studio"
}
],
"category": "product_family",
"name": "Oracle Financial Services Applications"
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:semver/5.1.0.0.0",
"product": {
"name": "vers:semver/5.1.0.0.0",
"product_id": "CSAFPID-2698450"
}
},
{
"category": "product_version_range",
"name": "vers:semver/6.1.0.0.0",
"product": {
"name": "vers:semver/6.1.0.0.0",
"product_id": "CSAFPID-2698451"
}
},
{
"category": "product_version_range",
"name": "vers:semver/7.0.0.0.0",
"product": {
"name": "vers:semver/7.0.0.0.0",
"product_id": "CSAFPID-2698452"
}
}
],
"category": "product_name",
"name": "Oracle Financial Services Revenue Management and Billing"
}
],
"category": "vendor",
"name": "Oracle Corporation"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-28170",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2021-28170",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-28170.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
}
],
"title": "CVE-2021-28170"
},
{
"cve": "CVE-2023-39410",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"notes": [
{
"category": "other",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-39410",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-39410.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
}
],
"title": "CVE-2023-39410"
},
{
"cve": "CVE-2023-49582",
"cwe": {
"id": "CWE-732",
"name": "Incorrect Permission Assignment for Critical Resource"
},
"notes": [
{
"category": "other",
"text": "Incorrect Permission Assignment for Critical Resource",
"title": "CWE-732"
},
{
"category": "other",
"text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"title": "CWE-119"
},
{
"category": "general",
"text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-49582",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-49582.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
}
],
"title": "CVE-2023-49582"
},
{
"cve": "CVE-2024-5206",
"cwe": {
"id": "CWE-921",
"name": "Storage of Sensitive Data in a Mechanism without Access Control"
},
"notes": [
{
"category": "other",
"text": "Storage of Sensitive Data in a Mechanism without Access Control",
"title": "CWE-921"
},
{
"category": "other",
"text": "Insecure Storage of Sensitive Information",
"title": "CWE-922"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-5206",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5206.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
}
],
"title": "CVE-2024-5206"
},
{
"cve": "CVE-2024-28168",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"notes": [
{
"category": "other",
"text": "Improper Restriction of XML External Entity Reference",
"title": "CWE-611"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-28168",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28168.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
}
],
"title": "CVE-2024-28168"
},
{
"cve": "CVE-2024-28219",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"notes": [
{
"category": "other",
"text": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"title": "CWE-120"
},
{
"category": "other",
"text": "Use of Potentially Dangerous Function",
"title": "CWE-676"
},
{
"category": "other",
"text": "Integer Overflow to Buffer Overflow",
"title": "CWE-680"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-28219",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28219.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
}
],
"title": "CVE-2024-28219"
},
{
"cve": "CVE-2024-35195",
"cwe": {
"id": "CWE-670",
"name": "Always-Incorrect Control Flow Implementation"
},
"notes": [
{
"category": "other",
"text": "Always-Incorrect Control Flow Implementation",
"title": "CWE-670"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-35195",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-35195.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
}
],
"title": "CVE-2024-35195"
},
{
"cve": "CVE-2024-37891",
"cwe": {
"id": "CWE-669",
"name": "Incorrect Resource Transfer Between Spheres"
},
"notes": [
{
"category": "other",
"text": "Incorrect Resource Transfer Between Spheres",
"title": "CWE-669"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-37891",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37891.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
}
],
"title": "CVE-2024-37891"
},
{
"cve": "CVE-2024-38819",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"title": "CWE-22"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38819",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38819.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
}
],
"title": "CVE-2024-38819"
},
{
"cve": "CVE-2024-38820",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"notes": [
{
"category": "other",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "other",
"text": "Improper Handling of Case Sensitivity",
"title": "CWE-178"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38820",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38820.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
}
],
"title": "CVE-2024-38820"
},
{
"cve": "CVE-2024-38827",
"cwe": {
"id": "CWE-639",
"name": "Authorization Bypass Through User-Controlled Key"
},
"notes": [
{
"category": "other",
"text": "Authorization Bypass Through User-Controlled Key",
"title": "CWE-639"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38827",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38827.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
}
],
"title": "CVE-2024-38827"
},
{
"cve": "CVE-2024-47072",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
},
{
"category": "other",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-47072",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47072.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
}
],
"title": "CVE-2024-47072"
},
{
"cve": "CVE-2024-47554",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-47554",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47554.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
}
],
"title": "CVE-2024-47554"
},
{
"cve": "CVE-2024-56128",
"cwe": {
"id": "CWE-303",
"name": "Incorrect Implementation of Authentication Algorithm"
},
"notes": [
{
"category": "other",
"text": "Incorrect Implementation of Authentication Algorithm",
"title": "CWE-303"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-56128",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-56128.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
}
],
"title": "CVE-2024-56128"
},
{
"cve": "CVE-2024-56337",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"notes": [
{
"category": "other",
"text": "Time-of-check Time-of-use (TOCTOU) Race Condition",
"title": "CWE-367"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-56337",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-56337.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
}
],
"title": "CVE-2024-56337"
},
{
"cve": "CVE-2024-57699",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Uncontrolled Recursion",
"title": "CWE-674"
},
{
"category": "general",
"text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-57699",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-57699.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
}
],
"title": "CVE-2024-57699"
},
{
"cve": "CVE-2025-21573",
"product_status": {
"known_affected": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21573",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21573.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
}
],
"title": "CVE-2025-21573"
},
{
"cve": "CVE-2025-23184",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-23184",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-23184.json"
}
],
"title": "CVE-2025-23184"
},
{
"cve": "CVE-2025-24970",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-24970",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24970.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
}
],
"title": "CVE-2025-24970"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…