cve-2018-8032
Vulnerability from cvelistv5
Published
2018-08-02 13:00
Modified
2024-09-16 16:29
Severity ?
Summary
Apache Axis 1.x up to and including 1.4 is vulnerable to a cross-site scripting (XSS) attack in the default servlet/services.
References
security@apache.orghttp://mail-archives.apache.org/mod_mbox/axis-java-dev/201807.mbox/%3CJIRA.13170716.1531060536000.93536.1531060560060%40Atlassian.JIRA%3E
security@apache.orghttps://issues.apache.org/jira/browse/AXIS-2924Issue Tracking, Patch, Vendor Advisory
security@apache.orghttps://lists.apache.org/thread.html/3b89bc9e9d055db7eba8835ff6501f3f5db99d2a0928ec0be9b1d17b%40%3Cjava-dev.axis.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/d06ed5e4eeb77d00e8d594ec01ee8ee1cba173a01ac4b18f1579d041%40%3Cjava-dev.axis.apache.org%3E
security@apache.orghttps://lists.debian.org/debian-lts-announce/2021/11/msg00015.htmlMailing List, Third Party Advisory
security@apache.orghttps://security.netapp.com/advisory/ntap-20240621-0006/
security@apache.orghttps://www.oracle.com/security-alerts/cpuApr2021.htmlThird Party Advisory
security@apache.orghttps://www.oracle.com/security-alerts/cpuapr2020.htmlThird Party Advisory
security@apache.orghttps://www.oracle.com/security-alerts/cpuapr2022.htmlPatch, Third Party Advisory
security@apache.orghttps://www.oracle.com/security-alerts/cpujan2020.htmlThird Party Advisory
security@apache.orghttps://www.oracle.com/security-alerts/cpujan2021.htmlThird Party Advisory
security@apache.orghttps://www.oracle.com/security-alerts/cpujul2020.htmlThird Party Advisory
security@apache.orghttps://www.oracle.com/security-alerts/cpujul2022.html
security@apache.orghttps://www.oracle.com/security-alerts/cpuoct2021.htmlThird Party Advisory
security@apache.orghttps://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.htmlPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://mail-archives.apache.org/mod_mbox/axis-java-dev/201807.mbox/%3CJIRA.13170716.1531060536000.93536.1531060560060%40Atlassian.JIRA%3E
af854a3a-2127-422b-91ae-364da2661108https://issues.apache.org/jira/browse/AXIS-2924Issue Tracking, Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/3b89bc9e9d055db7eba8835ff6501f3f5db99d2a0928ec0be9b1d17b%40%3Cjava-dev.axis.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/d06ed5e4eeb77d00e8d594ec01ee8ee1cba173a01ac4b18f1579d041%40%3Cjava-dev.axis.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2021/11/msg00015.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://security.netapp.com/advisory/ntap-20240621-0006/
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/security-alerts/cpuApr2021.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/security-alerts/cpuapr2020.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/security-alerts/cpuapr2022.htmlPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/security-alerts/cpujan2020.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/security-alerts/cpujan2021.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/security-alerts/cpujul2020.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/security-alerts/cpujul2022.html
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/security-alerts/cpuoct2021.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.htmlPatch, Third Party Advisory
Impacted products
Vendor Product Version
Apache Software Foundation Apache Axis Version: 1.x up to and including 1.4
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T06:46:12.311Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "[axis-java-dev] 20180708 [jira] [Created] (AXIS-2924) CVE-2018-8032 XSS vulnerability",
                  tags: [
                     "mailing-list",
                     "x_transferred",
                  ],
                  url: "http://mail-archives.apache.org/mod_mbox/axis-java-dev/201807.mbox/%3CJIRA.13170716.1531060536000.93536.1531060560060%40Atlassian.JIRA%3E",
               },
               {
                  name: "[axis-java-dev] 20190925 [jira] [Commented] (AXIS-2924) CVE-2018-8032 XSS vulnerability",
                  tags: [
                     "mailing-list",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/d06ed5e4eeb77d00e8d594ec01ee8ee1cba173a01ac4b18f1579d041%40%3Cjava-dev.axis.apache.org%3E",
               },
               {
                  name: "[axis-java-dev] 20190929 [jira] [Commented] (AXIS-2924) CVE-2018-8032 XSS vulnerability",
                  tags: [
                     "mailing-list",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/3b89bc9e9d055db7eba8835ff6501f3f5db99d2a0928ec0be9b1d17b%40%3Cjava-dev.axis.apache.org%3E",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.oracle.com/security-alerts/cpuapr2020.html",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.oracle.com/security-alerts/cpujul2020.html",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.oracle.com/security-alerts/cpujan2020.html",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://issues.apache.org/jira/browse/AXIS-2924",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.oracle.com/security-alerts/cpujan2021.html",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.oracle.com/security-alerts/cpuApr2021.html",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
               },
               {
                  name: "[debian-lts-announce] 20211117 [SECURITY] [DLA 2821-1] axis security update",
                  tags: [
                     "mailing-list",
                     "x_transferred",
                  ],
                  url: "https://lists.debian.org/debian-lts-announce/2021/11/msg00015.html",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.oracle.com/security-alerts/cpuapr2022.html",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.oracle.com/security-alerts/cpujul2022.html",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://security.netapp.com/advisory/ntap-20240621-0006/",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "Apache Axis",
               vendor: "Apache Software Foundation",
               versions: [
                  {
                     status: "affected",
                     version: "1.x up to and including 1.4",
                  },
               ],
            },
         ],
         datePublic: "2018-07-08T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "Apache Axis 1.x up to and including 1.4 is vulnerable to a cross-site scripting (XSS) attack in the default servlet/services.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "Cross-site Scripting",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-06-21T19:08:01.869746",
            orgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09",
            shortName: "apache",
         },
         references: [
            {
               name: "[axis-java-dev] 20180708 [jira] [Created] (AXIS-2924) CVE-2018-8032 XSS vulnerability",
               tags: [
                  "mailing-list",
               ],
               url: "http://mail-archives.apache.org/mod_mbox/axis-java-dev/201807.mbox/%3CJIRA.13170716.1531060536000.93536.1531060560060%40Atlassian.JIRA%3E",
            },
            {
               name: "[axis-java-dev] 20190925 [jira] [Commented] (AXIS-2924) CVE-2018-8032 XSS vulnerability",
               tags: [
                  "mailing-list",
               ],
               url: "https://lists.apache.org/thread.html/d06ed5e4eeb77d00e8d594ec01ee8ee1cba173a01ac4b18f1579d041%40%3Cjava-dev.axis.apache.org%3E",
            },
            {
               name: "[axis-java-dev] 20190929 [jira] [Commented] (AXIS-2924) CVE-2018-8032 XSS vulnerability",
               tags: [
                  "mailing-list",
               ],
               url: "https://lists.apache.org/thread.html/3b89bc9e9d055db7eba8835ff6501f3f5db99d2a0928ec0be9b1d17b%40%3Cjava-dev.axis.apache.org%3E",
            },
            {
               url: "https://www.oracle.com/security-alerts/cpuapr2020.html",
            },
            {
               url: "https://www.oracle.com/security-alerts/cpujul2020.html",
            },
            {
               url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html",
            },
            {
               url: "https://www.oracle.com/security-alerts/cpujan2020.html",
            },
            {
               url: "https://issues.apache.org/jira/browse/AXIS-2924",
            },
            {
               url: "https://www.oracle.com/security-alerts/cpujan2021.html",
            },
            {
               url: "https://www.oracle.com/security-alerts/cpuApr2021.html",
            },
            {
               url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
            },
            {
               name: "[debian-lts-announce] 20211117 [SECURITY] [DLA 2821-1] axis security update",
               tags: [
                  "mailing-list",
               ],
               url: "https://lists.debian.org/debian-lts-announce/2021/11/msg00015.html",
            },
            {
               url: "https://www.oracle.com/security-alerts/cpuapr2022.html",
            },
            {
               url: "https://www.oracle.com/security-alerts/cpujul2022.html",
            },
            {
               url: "https://security.netapp.com/advisory/ntap-20240621-0006/",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09",
      assignerShortName: "apache",
      cveId: "CVE-2018-8032",
      datePublished: "2018-08-02T13:00:00Z",
      dateReserved: "2018-03-09T00:00:00",
      dateUpdated: "2024-09-16T16:29:01.816Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
   "vulnerability-lookup:meta": {
      nvd: "{\"cve\":{\"id\":\"CVE-2018-8032\",\"sourceIdentifier\":\"security@apache.org\",\"published\":\"2018-08-02T13:29:00.363\",\"lastModified\":\"2024-11-21T04:13:08.053\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Apache Axis 1.x up to and including 1.4 is vulnerable to a cross-site scripting (XSS) attack in the default servlet/services.\"},{\"lang\":\"es\",\"value\":\"Apache Axis en versiones 1.x hasta la 1.4 (incluida) es vulnerable a un ataque de Cross-Site Scripting (XSS) en el servlet/services por defecto.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":6.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":2.7}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:P/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:axis:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.0\",\"versionEndIncluding\":\"1.4\",\"matchCriteriaId\":\"5114D26C-501B-4F51-B12C-D8A4537BEC80\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:agile_engineering_data_management:6.2.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80C9DBB8-3D50-4D5D-859A-B022EB7C2E64\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:agile_product_lifecycle_management_framework:9.3.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8454A130-2E9B-4528-A24D-1B3D0FFCC860\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:application_testing_suite:13.2.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"10F17843-32EA-4C31-B65C-F424447BEF7B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A125E817-F974-4509-872C-B71933F42AD1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:big_data_discovery:1.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C4C38FF-B75B-4DF1-BFB3-C91BDD10D90E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_asap_cartridges:7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D4CE3535-FC9D-4FB2-8739-19E7477B07FF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_asap_cartridges:7.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"58A06A98-0374-4B56-9045-D939F30BF479\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_design_studio:7.3.4.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"313F42E5-1BBB-4773-A153-B114C3FDF701\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_design_studio:7.3.5.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AC75FE72-6C3F-428E-9C9A-60982455238B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_design_studio:7.4.0.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B370B017-2E3B-438B-86B9-EEF70E3A5D3A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_design_studio:7.4.1.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"63C81E5E-3C53-4731-96C3-0F5767874B11\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_element_manager:8.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED5503EC-63B6-47EB-AE37-14DD317DDDD8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_element_manager:8.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A99F85F8-F374-48B0-9534-BB9C07AFE76E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0C57FD3A-0CC1-4BA9-879A-8C4A40234162\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"698FB6D0-B26F-4760-9B9B-1C65FBFF2126\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_network_integrity:7.3.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB92D8A7-2ABD-4B70-A32C-4B6B866C5B8B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_network_integrity:7.3.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B21E6EEF-2AB7-4E96-B092-1F49D11B4175\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_order_and_service_management:7.3.0.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB472856-38AB-4062-B752-E204B177DE72\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_order_and_service_management:7.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F015E20-7886-4713-B4EC-FE7894066D09\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_session_report_manager:8.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7DDF6809-53A7-4F7D-9FA8-B522BE8F7A21\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_session_report_manager:8.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AA86A15F-FAB8-4DF5-95AC-DA3D1CF7A720\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB43DFD4-D058-4001-BD19-488E059F4532\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"086E2E5C-44EB-4C07-B298-C04189533996\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_session_route_manager:8.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B042935-BC42-4CA8-9379-7F0F894F9653\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_session_route_manager:8.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B374F86-4EC8-4797-A8C3-5C1FF1DFC9F8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5682DAEB-3810-4541-833A-568C868BCE0B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"01BC9AED-F81D-4344-AD97-EEF19B6EA8C7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:endeca_information_discovery_studio:3.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D03A8C9-35A5-4B75-9711-7A4A60457307\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:enterprise_manager_base_platform:12.1.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36E39918-B2D6-43F0-A607-8FD8BFF6F340\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:enterprise_manager_base_platform:13.3.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7582B307-3899-4BBB-B868-BC912A4D0109\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:enterprise_manager_for_fusion_middleware:12.1.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"14480702-4398-4C28-82A6-E7329FB3B650\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.3.3\",\"versionEndIncluding\":\"7.3.5\",\"matchCriteriaId\":\"B5BC32AA-78BE-468B-B92A-5A0FFFA970FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.0.0\",\"versionEndIncluding\":\"8.0.8\",\"matchCriteriaId\":\"F6E8C634-FC3E-418F-8D7D-B71E1A3E2DBE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_compliance_regulatory_reporting:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.0.6\",\"versionEndIncluding\":\"8.0.8\",\"matchCriteriaId\":\"1DDD1A52-5794-4837-847C-E5F073330774\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.0.2\",\"versionEndIncluding\":\"8.0.7\",\"matchCriteriaId\":\"547D042E-51DE-430D-B4BA-F0698646BC80\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:flexcube_core_banking:11.7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"87416B3B-3B2B-486B-B931-19199EF07000\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:flexcube_core_banking:11.8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1102B6BC-D99E-4AC0-9375-FB8517A4A71F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:flexcube_core_banking:11.9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D22386C-FEC4-4984-8E2A-8FE4796BEFBE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:flexcube_core_banking:11.10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B283B614-9E31-4148-8688-B0672B3A77B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:flexcube_private_banking:12.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6762F207-93C7-4363-B2F9-7A7C6F8AF993\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:flexcube_private_banking:12.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B74B912-152D-4F38-9FC1-741D6D0B27FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:hospitality_guest_access:4.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A3DC116-2844-47A1-BEC2-D0675DD97148\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:hospitality_guest_access:4.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0F1DF3E-0F2D-4EFC-9A3E-F72149C8AE94\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"82EA4BA7-C38B-4AF3-8914-9E3D089EBDD4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B9C9BC66-FA5F-4774-9BDA-7AB88E2839C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F69B9A5-F21B-4904-9F27-95C0F7A628E3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:internet_directory:12.2.1.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"68F2A706-3250-4026-9498-CB4B38B23CEC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:internet_directory:12.2.1.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7360EC9B-814F-4FF5-AA9D-9E55A380B2C5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:knowledge:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.6.0\",\"versionEndIncluding\":\"8.6.3\",\"matchCriteriaId\":\"9E587602-BA7D-4087-BE29-ACE0B01BD590\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:peoplesoft_enterprise_human_capital_management_human_resources:9.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"344A3A9E-3113-4096-B9F8-CA0AD705242B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0A735B4-4F3C-416B-8C08-9CB21BAD2889\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E1E416B-920B-49A0-9523-382898C2979D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D9DB4A14-2EF5-4B54-95D2-75E6CF9AA0A9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:policy_automation_connector_for_siebel:10.4.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0DB5E2C7-9C68-4D3B-95AD-9CBF65DE1E94\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_gateway:16.2.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1DFB9704-6B99-4113-8537-E4AE0F791B86\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_gateway:17.12.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F5647E5-B051-41A6-B186-3584C725908B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"17.7\",\"versionEndIncluding\":\"17.12\",\"matchCriteriaId\":\"08FA59A8-6A62-4B33-8952-D6E658F8DAC9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_unifier:16.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D55A54FD-7DD1-49CD-BE81-0BE73990943C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_unifier:16.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"82EB08C0-2D46-4635-88DF-E54F6452D3A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"202AD518-2E9B-4062-B063-9858AE1F9CE2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"10864586-270E-4ACF-BDCC-ECFCD299305F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:rapid_planning:12.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"19A0F1AF-F2E6-44E7-8E2D-190E103B72D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:rapid_planning:12.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D53690D-3390-4A27-988A-709CD89DD05B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:real-time_decision_server:3.2.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DD2288B1-FF5E-46BC-8551-4CC6B046A0D0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_order_broker:15.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE8CF045-09BB-4069-BCEC-496D5AE3B780\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_order_broker:16.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"38E74E68-7F19-4EF3-AC00-3C249EAAA39E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_order_broker:18.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0783F0D1-8FAC-4BCA-A6F5-C5C60E86D56D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A0ED83E3-E6BF-4EAA-AF8F-33485A88A218\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:secure_global_desktop:5.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5265C91-FF5C-4451-A7C2-D388A65ACFA2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:secure_global_desktop:5.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2B933E8-DBC4-4443-B837-BA8BAF8CC249\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:siebel_ui_framework:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"21.0\",\"matchCriteriaId\":\"EAC9E8DC-5139-4420-9BD6-0B5F2FA3150E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:tuxedo:12.1.1.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"92A6A7BA-CCE6-426F-8434-7A578A245180\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:tuxedo:12.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BBC28867-E828-4ABC-BE7B-3E5C2E826879\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D6A4F71A-4269-40FC-8F61-1D1301F2B728\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]}],\"references\":[{\"url\":\"http://mail-archives.apache.org/mod_mbox/axis-java-dev/201807.mbox/%3CJIRA.13170716.1531060536000.93536.1531060560060%40Atlassian.JIRA%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://issues.apache.org/jira/browse/AXIS-2924\",\"source\":\"security@apache.org\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/3b89bc9e9d055db7eba8835ff6501f3f5db99d2a0928ec0be9b1d17b%40%3Cjava-dev.axis.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/d06ed5e4eeb77d00e8d594ec01ee8ee1cba173a01ac4b18f1579d041%40%3Cjava-dev.axis.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/11/msg00015.html\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20240621-0006/\",\"source\":\"security@apache.org\"},{\"url\":\"https://www.oracle.com/security-alerts/cpuApr2021.html\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2020.html\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2022.html\",\"source\":\"security@apache.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2020.html\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2021.html\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujul2020.html\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujul2022.html\",\"source\":\"security@apache.org\"},{\"url\":\"https://www.oracle.com/security-alerts/cpuoct2021.html\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html\",\"source\":\"security@apache.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://mail-archives.apache.org/mod_mbox/axis-java-dev/201807.mbox/%3CJIRA.13170716.1531060536000.93536.1531060560060%40Atlassian.JIRA%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://issues.apache.org/jira/browse/AXIS-2924\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/3b89bc9e9d055db7eba8835ff6501f3f5db99d2a0928ec0be9b1d17b%40%3Cjava-dev.axis.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/d06ed5e4eeb77d00e8d594ec01ee8ee1cba173a01ac4b18f1579d041%40%3Cjava-dev.axis.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/11/msg00015.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20240621-0006/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.oracle.com/security-alerts/cpuApr2021.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2022.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2021.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujul2020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujul2022.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.oracle.com/security-alerts/cpuoct2021.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]}]}}",
   },
}


Log in or create an account to share your comment.

Security Advisory comment format.

This schema specifies the format of a comment related to a security advisory.

UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).



Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.