admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2019/2xxx/CVE-2019-2904.json
CVE Team 699950d927
"-Synchronized-Data."
2021-04-22 22:00:48 +00:00

111 lines
4.6 KiB
JSON
Raw Blame History

{
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2019-2904",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Enterprise Repository",
"version": {
"version_data": [
{
"version_value": "11.1.1.7.0",
"version_affected": "="
}
]
}
},
{
"product_name": "Rapid Planning",
"version": {
"version_data": [
{
"version_value": "12.1.3",
"version_affected": "="
}
]
}
}
]
},
"vendor_name": "Oracle Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the Oracle JDeveloper and ADF product of Oracle Fusion Middleware (component: ADF Faces). Supported versions that are affected are 11.1.1.9.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle JDeveloper and ADF. Successful attacks of this vulnerability can result in takeover of Oracle JDeveloper and ADF. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)."
}
]
},
"impact": {
"cvss": {
"baseScore": "9.8",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle JDeveloper and ADF. Successful attacks of this vulnerability can result in takeover of Oracle JDeveloper and ADF."
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2020.html"
},
{
"url": "https://www.oracle.com/security-alerts/cpujul2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"url": "https://www.oracle.com/security-alerts/cpujan2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpujan2020.html"
},
{
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html",
"refsource": "MISC",
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
},
{
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-19-1024/",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-1024/"
},
{
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2021.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2021.html"
}
]
}
}
Reference in New Issue View Git Blame Copy Permalink