cvelist/2019/2xxx/CVE-2019-2725.json

{
    "CVE_data_meta": {
        "ASSIGNER": "secalert_us@oracle.com",
        "ID": "CVE-2019-2725",
        "STATE": "PUBLIC"
    },
    "affects": {
        "vendor": {
            "vendor_data": [
                {
                    "product": {
                        "product_data": [
                            {
                                "product_name": "Tape Virtual VSM GUI - Virtual Storage Manager GUI",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_value": "6.2",
                                            "version_affected": "="
                                        }
                                    ]
                                }
                            }
                        ]
                    },
                    "vendor_name": "Oracle Corporation"
                }
            ]
        }
    },
    "data_format": "MITRE",
    "data_type": "CVE",
    "data_version": "4.0",
    "description": {
        "description_data": [
            {
                "lang": "eng",
                "value": "Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services). Supported versions that are affected are 10.3.6.0.0 and 12.1.3.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)."
            }
        ]
    },
    "problemtype": {
        "problemtype_data": [
            {
                "description": [
                    {
                        "lang": "eng",
                        "value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server.  Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server."
                    }
                ]
            }
        ]
    },
    "references": {
        "reference_data": [
            {
                "refsource": "BID",
                "name": "108074",
                "url": "http://www.securityfocus.com/bid/108074"
            },
            {
                "url": "http://www.oracle.com/technetwork/security-advisory/alert-cve-2019-2725-5466295.html",
                "refsource": "MISC",
                "name": "http://www.oracle.com/technetwork/security-advisory/alert-cve-2019-2725-5466295.html"
            },
            {
                "refsource": "CONFIRM",
                "name": "https://support.f5.com/csp/article/K90059138",
                "url": "https://support.f5.com/csp/article/K90059138"
            },
            {
                "refsource": "EXPLOIT-DB",
                "name": "46780",
                "url": "https://www.exploit-db.com/exploits/46780/"
            },
            {
                "refsource": "MISC",
                "name": "http://packetstormsecurity.com/files/152756/Oracle-Weblogic-Server-Deserialization-Remote-Code-Execution.html",
                "url": "http://packetstormsecurity.com/files/152756/Oracle-Weblogic-Server-Deserialization-Remote-Code-Execution.html"
            },
            {
                "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
                "refsource": "MISC",
                "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
            }
        ]
    }
}
"-Synchronized-Data." 2019-04-26 19:00:47 +00:00			`{`
			`"CVE_data_meta": {`
			`"ASSIGNER": "secalert_us@oracle.com",`
			`"ID": "CVE-2019-2725",`
			`"STATE": "PUBLIC"`
			`},`
			`"affects": {`
			`"vendor": {`
			`"vendor_data": [`
			`{`
			`"product": {`
			`"product_data": [`
			`{`
"-Synchronized-Data." 2019-07-23 23:01:24 +00:00			`"product_name": "Tape Virtual VSM GUI - Virtual Storage Manager GUI",`
"-Synchronized-Data." 2019-04-26 19:00:47 +00:00			`"version": {`
			`"version_data": [`
			`{`
"-Synchronized-Data." 2019-07-23 23:01:24 +00:00			`"version_value": "6.2",`
"-Synchronized-Data." 2019-04-26 19:00:47 +00:00			`"version_affected": "="`
			`}`
			`]`
			`}`
			`}`
			`]`
			`},`
"-Synchronized-Data." 2019-07-23 23:01:24 +00:00			`"vendor_name": "Oracle Corporation"`
"-Synchronized-Data." 2019-04-26 19:00:47 +00:00			`}`
Bill Situ <Bill.Situ@oracle.com> This update is for the Oracle Security Alert Advisory - CVE-2019-2725. On branch cna/Oracle/AlertCVE-2019-2725 Changes to be committed: modified: 2019/2xxx/CVE-2019-2725.json 2019-04-26 11:07:56 -07:00			`]`
"-Synchronized-Data." 2019-04-26 19:00:47 +00:00			`}`
			`},`
			`"data_format": "MITRE",`
			`"data_type": "CVE",`
			`"data_version": "4.0",`
			`"description": {`
			`"description_data": [`
"-Synchronized-Data." 2019-03-18 03:25:45 +00:00			`{`
"-Synchronized-Data." 2019-04-26 19:00:47 +00:00			`"lang": "eng",`
			"value": "Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services). Supported versions that are affected are 10.3.6.0.0 and 12.1.3.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)."
"-Synchronized-Data." 2019-03-18 03:25:45 +00:00			`}`
"-Synchronized-Data." 2019-04-26 19:00:47 +00:00			`]`
			`},`
			`"problemtype": {`
			`"problemtype_data": [`
Bill Situ <Bill.Situ@oracle.com> This update is for the Oracle Security Alert Advisory - CVE-2019-2725. On branch cna/Oracle/AlertCVE-2019-2725 Changes to be committed: modified: 2019/2xxx/CVE-2019-2725.json 2019-04-26 11:07:56 -07:00			`{`
"-Synchronized-Data." 2019-04-26 19:00:47 +00:00			`"description": [`
			`{`
			`"lang": "eng",`
			`"value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server."`
			`}`
			`]`
Bill Situ <Bill.Situ@oracle.com> This update is for the Oracle Security Alert Advisory - CVE-2019-2725. On branch cna/Oracle/AlertCVE-2019-2725 Changes to be committed: modified: 2019/2xxx/CVE-2019-2725.json 2019-04-26 11:07:56 -07:00			`}`
"-Synchronized-Data." 2019-04-26 19:00:47 +00:00			`]`
			`},`
			`"references": {`
			`"reference_data": [`
"-Synchronized-Data." 2019-05-02 14:00:44 +00:00			`{`
			`"refsource": "BID",`
			`"name": "108074",`
			`"url": "http://www.securityfocus.com/bid/108074"`
			`},`
Bill Situ <Bill.Situ@oracle.com> This update is for the Oracle Security Alert Advisory - CVE-2019-2725. On branch cna/Oracle/AlertCVE-2019-2725 Changes to be committed: modified: 2019/2xxx/CVE-2019-2725.json 2019-04-26 11:07:56 -07:00			`{`
"-Synchronized-Data." 2019-04-26 19:00:47 +00:00			`"url": "http://www.oracle.com/technetwork/security-advisory/alert-cve-2019-2725-5466295.html",`
			`"refsource": "MISC",`
			`"name": "http://www.oracle.com/technetwork/security-advisory/alert-cve-2019-2725-5466295.html"`
"-Synchronized-Data." 2019-04-30 14:00:44 +00:00			`},`
			`{`
			`"refsource": "CONFIRM",`
			`"name": "https://support.f5.com/csp/article/K90059138",`
			`"url": "https://support.f5.com/csp/article/K90059138"`
"-Synchronized-Data." 2019-04-30 18:00:43 +00:00			`},`
			`{`
			`"refsource": "EXPLOIT-DB",`
			`"name": "46780",`
			`"url": "https://www.exploit-db.com/exploits/46780/"`
"-Synchronized-Data." 2019-05-07 18:00:49 +00:00			`},`
			`{`
			`"refsource": "MISC",`
			`"name": "http://packetstormsecurity.com/files/152756/Oracle-Weblogic-Server-Deserialization-Remote-Code-Execution.html",`
			`"url": "http://packetstormsecurity.com/files/152756/Oracle-Weblogic-Server-Deserialization-Remote-Code-Execution.html"`
Bill Situ <Bill.Situ@Oracle.com> Oracle Critical Patch Update Advisory - July 2019 update. On branch cna/Oracle/CPU2019Jul Changes to be committed: modified: 2014/0xxx/CVE-2014-0114.json modified: 2015/0xxx/CVE-2015-0226.json modified: 2015/0xxx/CVE-2015-0227.json modified: 2015/9xxx/CVE-2015-9251.json modified: 2016/0xxx/CVE-2016-0701.json modified: 2016/1000xxx/CVE-2016-1000031.json modified: 2016/1xxx/CVE-2016-1181.json modified: 2016/1xxx/CVE-2016-1182.json modified: 2016/2xxx/CVE-2016-2183.json modified: 2016/5xxx/CVE-2016-5007.json modified: 2016/6xxx/CVE-2016-6306.json modified: 2016/6xxx/CVE-2016-6497.json modified: 2016/6xxx/CVE-2016-6814.json modified: 2016/7xxx/CVE-2016-7103.json modified: 2016/8xxx/CVE-2016-8610.json modified: 2016/8xxx/CVE-2016-8735.json modified: 2016/9xxx/CVE-2016-9572.json modified: 2016/9xxx/CVE-2016-9878.json modified: 2017/14xxx/CVE-2017-14735.json modified: 2017/15xxx/CVE-2017-15095.json modified: 2017/3xxx/CVE-2017-3164.json modified: 2017/3xxx/CVE-2017-3735.json modified: 2017/3xxx/CVE-2017-3736.json modified: 2017/3xxx/CVE-2017-3737.json modified: 2017/3xxx/CVE-2017-3738.json modified: 2017/5xxx/CVE-2017-5645.json modified: 2017/5xxx/CVE-2017-5647.json modified: 2017/5xxx/CVE-2017-5664.json modified: 2017/5xxx/CVE-2017-5715.json modified: 2017/7xxx/CVE-2017-7525.json modified: 2018/0xxx/CVE-2018-0732.json modified: 2018/0xxx/CVE-2018-0733.json modified: 2018/0xxx/CVE-2018-0734.json modified: 2018/0xxx/CVE-2018-0735.json modified: 2018/0xxx/CVE-2018-0737.json modified: 2018/0xxx/CVE-2018-0739.json modified: 2018/1000xxx/CVE-2018-1000120.json modified: 2018/1000xxx/CVE-2018-1000121.json modified: 2018/1000xxx/CVE-2018-1000122.json modified: 2018/1000xxx/CVE-2018-1000180.json modified: 2018/1000xxx/CVE-2018-1000301.json modified: 2018/1000xxx/CVE-2018-1000613.json modified: 2018/1000xxx/CVE-2018-1000873.json modified: 2018/11xxx/CVE-2018-11039.json modified: 2018/11xxx/CVE-2018-11040.json modified: 2018/11xxx/CVE-2018-11054.json modified: 2018/11xxx/CVE-2018-11055.json modified: 2018/11xxx/CVE-2018-11056.json modified: 2018/11xxx/CVE-2018-11057.json modified: 2018/11xxx/CVE-2018-11058.json modified: 2018/11xxx/CVE-2018-11307.json modified: 2018/11xxx/CVE-2018-11775.json modified: 2018/11xxx/CVE-2018-11784.json modified: 2018/12xxx/CVE-2018-12022.json modified: 2018/12xxx/CVE-2018-12023.json modified: 2018/14xxx/CVE-2018-14719.json modified: 2018/14xxx/CVE-2018-14720.json modified: 2018/14xxx/CVE-2018-14721.json modified: 2018/15xxx/CVE-2018-15756.json modified: 2018/15xxx/CVE-2018-15769.json modified: 2018/16xxx/CVE-2018-16890.json modified: 2018/17xxx/CVE-2018-17189.json modified: 2018/17xxx/CVE-2018-17197.json modified: 2018/17xxx/CVE-2018-17199.json modified: 2018/17xxx/CVE-2018-17960.json modified: 2018/18xxx/CVE-2018-18311.json modified: 2018/19xxx/CVE-2018-19360.json modified: 2018/19xxx/CVE-2018-19361.json modified: 2018/19xxx/CVE-2018-19362.json modified: 2018/1xxx/CVE-2018-1257.json modified: 2018/1xxx/CVE-2018-1258.json modified: 2018/1xxx/CVE-2018-1270.json modified: 2018/1xxx/CVE-2018-1271.json modified: 2018/1xxx/CVE-2018-1272.json modified: 2018/1xxx/CVE-2018-1275.json modified: 2018/1xxx/CVE-2018-1304.json modified: 2018/1xxx/CVE-2018-1305.json modified: 2018/2xxx/CVE-2018-2883.json modified: 2018/3xxx/CVE-2018-3111.json modified: 2018/3xxx/CVE-2018-3315.json modified: 2018/3xxx/CVE-2018-3316.json modified: 2018/5xxx/CVE-2018-5407.json modified: 2018/7xxx/CVE-2018-7489.json modified: 2018/8xxx/CVE-2018-8013.json modified: 2018/8xxx/CVE-2018-8034.json modified: 2018/8xxx/CVE-2018-8039.json modified: 2018/9xxx/CVE-2018-9861.json modified: 2019/0xxx/CVE-2019-0190.json modified: 2019/0xxx/CVE-2019-0192.json modified: 2019/0xxx/CVE-2019-0196.json modified: 2019/0xxx/CVE-2019-0197.json modified: 2019/0xxx/CVE-2019-0199.json modified: 2019/0xxx/CVE-2019-0211.json modified: 2019/0xxx/CVE-2019-0215.json modified: 2019/0xxx/CVE-2019-0217.json modified: 2019/0xxx/CVE-2019-0220.json modified: 2019/0xxx/CVE-2019-0222.json modified: 2019/0xxx/CVE-2019-0232.json modified: 2019/11xxx/CVE-2019-11358.json modified: 2019/12xxx/CVE-2019-12086.json modified: 2019/12xxx/CVE-2019-12814.json modified: 2019/1xxx/CVE-2019-1543.json modified: 2019/1xxx/CVE-2019-1559.json modified: 2019/2xxx/CVE-2019-2484.json modified: 2019/2xxx/CVE-2019-2561.json modified: 2019/2xxx/CVE-2019-2569.json modified: 2019/2xxx/CVE-2019-2599.json modified: 2019/2xxx/CVE-2019-2666.json modified: 2019/2xxx/CVE-2019-2668.json modified: 2019/2xxx/CVE-2019-2672.json modified: 2019/2xxx/CVE-2019-2725.json modified: 2019/2xxx/CVE-2019-2727.json modified: 2019/2xxx/CVE-2019-2728.json modified: 2019/2xxx/CVE-2019-2729.json modified: 2019/2xxx/CVE-2019-2730.json modified: 2019/2xxx/CVE-2019-2731.json modified: 2019/2xxx/CVE-2019-2732.json modified: 2019/2xxx/CVE-2019-2733.json modified: 2019/2xxx/CVE-2019-2735.json modified: 2019/2xxx/CVE-2019-2736.json modified: 2019/2xxx/CVE-2019-2737.json modified: 2019/2xxx/CVE-2019-2738.json modified: 2019/2xxx/CVE-2019-2739.json modified: 2019/2xxx/CVE-2019-2740.json modified: 2019/2xxx/CVE-2019-2741.json modified: 2019/2xxx/CVE-2019-2742.json modified: 2019/2xxx/CVE-2019-2743.json modified: 2019/2xxx/CVE-2019-2744.json modified: 2019/2xxx/CVE-2019-2745.json modified: 2019/2xxx/CVE-2019-2746.json modified: 2019/2xxx/CVE-2019-2747.json modified: 2019/2xxx/CVE-2019-2748.json modified: 2019/2xxx/CVE-2019-2749.json modified: 2019/2xxx/CVE-2019-2750.json modified: 2019/2xxx/CVE-2019-2751.json modified: 2019/2xxx/CVE-2019-2752.json modified: 2019/2xxx/CVE-2019-2753.json modified: 2019/2xxx/CVE-2019-2754.json modified: 2019/2xxx/CVE-2019-2755.json modified: 2019/2xxx/CVE-2019-2756.json modified: 2019/2xxx/CVE-2019-2757.json modified: 2019/2xxx/CVE-2019-2758.json modified: 2019/2xxx/CVE-2019-2759.json modified: 2019/2xxx/CVE-2019-2760.json modified: 2019/2xxx/CVE-2019-2761.json modified: 2019/2xxx/CVE-2019-2762.json modified: 2019/2xxx/CVE-2019-2763.json modified: 2019/2xxx/CVE-2019-2764.json modified: 2019/2xxx/CVE-2019-2766.json modified: 2019/2xxx/CVE-2019-2767.json modified: 2019/2xxx/CVE-2019-2768.json modified: 2019/2xxx/CVE-2019-2769.json modified: 2019/2xxx/CVE-2019-2770.json modified: 2019/2xxx/CVE-2019-2771.json modified: 2019/2xxx/CVE-2019-2772.json modified: 2019/2xxx/CVE-2019-2773.json modified: 2019/2xxx/CVE-2019-2774.json modified: 2019/2xxx/CVE-2019-2775.json modified: 2019/2xxx/CVE-2019-2776.json modified: 2019/2xxx/CVE-2019-2777.json modified: 2019/2xxx/CVE-2019-2778.json modified: 2019/2xxx/CVE-2019-2779.json modified: 2019/2xxx/CVE-2019-2780.json modified: 2019/2xxx/CVE-2019-2781.json modified: 2019/2xxx/CVE-2019-2782.json modified: 2019/2xxx/CVE-2019-2783.json modified: 2019/2xxx/CVE-2019-2784.json modified: 2019/2xxx/CVE-2019-2785.json modified: 2019/2xxx/CVE-2019-2786.json modified: 2019/2xxx/CVE-2019-2787.json modified: 2019/2xxx/CVE-2019-2788.json modified: 2019/2xxx/CVE-2019-2789.json modified: 2019/2xxx/CVE-2019-2790.json modified: 2019/2xxx/CVE-2019-2791.json modified: 2019/2xxx/CVE-2019-2792.json modified: 2019/2xxx/CVE-2019-2793.json modified: 2019/2xxx/CVE-2019-2794.json modified: 2019/2xxx/CVE-2019-2795.json modified: 2019/2xxx/CVE-2019-2796.json modified: 2019/2xxx/CVE-2019-2797.json modified: 2019/2xxx/CVE-2019-2798.json modified: 2019/2xxx/CVE-2019-2799.json modified: 2019/2xxx/CVE-2019-2800.json modified: 2019/2xxx/CVE-2019-2801.json modified: 2019/2xxx/CVE-2019-2802.json modified: 2019/2xxx/CVE-2019-2803.json modified: 2019/2xxx/CVE-2019-2804.json modified: 2019/2xxx/CVE-2019-2805.json modified: 2019/2xxx/CVE-2019-2807.json modified: 2019/2xxx/CVE-2019-2808.json modified: 2019/2xxx/CVE-2019-2809.json modified: 2019/2xxx/CVE-2019-2810.json modified: 2019/2xxx/CVE-2019-2811.json modified: 2019/2xxx/CVE-2019-2812.json modified: 2019/2xxx/CVE-2019-2813.json modified: 2019/2xxx/CVE-2019-2814.json modified: 2019/2xxx/CVE-2019-2815.json modified: 2019/2xxx/CVE-2019-2816.json modified: 2019/2xxx/CVE-2019-2817.json modified: 2019/2xxx/CVE-2019-2818.json modified: 2019/2xxx/CVE-2019-2819.json modified: 2019/2xxx/CVE-2019-2820.json modified: 2019/2xxx/CVE-2019-2821.json modified: 2019/2xxx/CVE-2019-2822.json modified: 2019/2xxx/CVE-2019-2823.json modified: 2019/2xxx/CVE-2019-2824.json modified: 2019/2xxx/CVE-2019-2825.json modified: 2019/2xxx/CVE-2019-2826.json modified: 2019/2xxx/CVE-2019-2827.json modified: 2019/2xxx/CVE-2019-2828.json modified: 2019/2xxx/CVE-2019-2829.json modified: 2019/2xxx/CVE-2019-2830.json modified: 2019/2xxx/CVE-2019-2831.json modified: 2019/2xxx/CVE-2019-2832.json modified: 2019/2xxx/CVE-2019-2833.json modified: 2019/2xxx/CVE-2019-2834.json modified: 2019/2xxx/CVE-2019-2835.json modified: 2019/2xxx/CVE-2019-2836.json modified: 2019/2xxx/CVE-2019-2837.json modified: 2019/2xxx/CVE-2019-2838.json modified: 2019/2xxx/CVE-2019-2839.json modified: 2019/2xxx/CVE-2019-2840.json modified: 2019/2xxx/CVE-2019-2841.json modified: 2019/2xxx/CVE-2019-2842.json modified: 2019/2xxx/CVE-2019-2843.json modified: 2019/2xxx/CVE-2019-2844.json modified: 2019/2xxx/CVE-2019-2845.json modified: 2019/2xxx/CVE-2019-2846.json modified: 2019/2xxx/CVE-2019-2847.json modified: 2019/2xxx/CVE-2019-2848.json modified: 2019/2xxx/CVE-2019-2850.json modified: 2019/2xxx/CVE-2019-2852.json modified: 2019/2xxx/CVE-2019-2853.json modified: 2019/2xxx/CVE-2019-2854.json modified: 2019/2xxx/CVE-2019-2855.json modified: 2019/2xxx/CVE-2019-2856.json modified: 2019/2xxx/CVE-2019-2857.json modified: 2019/2xxx/CVE-2019-2858.json modified: 2019/2xxx/CVE-2019-2859.json modified: 2019/2xxx/CVE-2019-2860.json modified: 2019/2xxx/CVE-2019-2861.json modified: 2019/2xxx/CVE-2019-2862.json modified: 2019/2xxx/CVE-2019-2863.json modified: 2019/2xxx/CVE-2019-2864.json modified: 2019/2xxx/CVE-2019-2865.json modified: 2019/2xxx/CVE-2019-2866.json modified: 2019/2xxx/CVE-2019-2867.json modified: 2019/2xxx/CVE-2019-2868.json modified: 2019/2xxx/CVE-2019-2869.json modified: 2019/2xxx/CVE-2019-2870.json modified: 2019/2xxx/CVE-2019-2871.json modified: 2019/2xxx/CVE-2019-2873.json modified: 2019/2xxx/CVE-2019-2874.json modified: 2019/2xxx/CVE-2019-2875.json modified: 2019/2xxx/CVE-2019-2876.json modified: 2019/2xxx/CVE-2019-2877.json modified: 2019/2xxx/CVE-2019-2878.json modified: 2019/2xxx/CVE-2019-2879.json modified: 2019/3xxx/CVE-2019-3822.json modified: 2019/3xxx/CVE-2019-3823.json modified: 2019/5xxx/CVE-2019-5597.json modified: 2019/5xxx/CVE-2019-5598.json modified: 2019/6xxx/CVE-2019-6129.json modified: 2019/7xxx/CVE-2019-7317.json 2019-07-16 13:25:12 -07:00			`},`
			`{`
"-Synchronized-Data." 2019-07-23 23:01:24 +00:00			`"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",`
			`"refsource": "MISC",`
			`"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"`
Bill Situ <Bill.Situ@oracle.com> This update is for the Oracle Security Alert Advisory - CVE-2019-2725. On branch cna/Oracle/AlertCVE-2019-2725 Changes to be committed: modified: 2019/2xxx/CVE-2019-2725.json 2019-04-26 11:07:56 -07:00			`}`
"-Synchronized-Data." 2019-04-26 19:00:47 +00:00			`]`
			`}`
			`}`