mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-09-17 18:45:49 +00:00
850 lines
30 KiB
JSON
850 lines
30 KiB
JSON
{
|
|
"id": "CVE-2019-16942",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2019-10-01T17:15:10.323",
|
|
"lastModified": "2024-11-21T04:31:23.477",
|
|
"vulnStatus": "Modified",
|
|
"cveTags": [],
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the commons-dbcp (1.4) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of org.apache.commons.dbcp.datasources.SharedPoolDataSource and org.apache.commons.dbcp.datasources.PerUserPoolDataSource mishandling."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Se descubri\u00f3 un problema de escritura polim\u00f3rfica en FasterXML jackson-databind versi\u00f3n 2.0.0 hasta 2.9.10. Cuando la Escritura Predeterminada est\u00e1 habilitada (tanto globalmente o para una propiedad espec\u00edfica) para un end point JSON expuesto externamente y el servicio posee el jar commons-dbcp (versi\u00f3n 1.4) en el classpath, y un atacante puede encontrar un end point de servicio RMI para acceder, es posible lograr que el servicio ejecute una carga maliciosa. Este problema se presenta debido a un manejo inapropiado de org.apache.commons.dbcp.datasources.SharedPoolDataSource y org.apache.commons.dbcp.datasources.PerUserPoolDataSource"
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV31": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "3.1",
|
|
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
|
"baseScore": 9.8,
|
|
"baseSeverity": "CRITICAL",
|
|
"attackVector": "NETWORK",
|
|
"attackComplexity": "LOW",
|
|
"privilegesRequired": "NONE",
|
|
"userInteraction": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"confidentialityImpact": "HIGH",
|
|
"integrityImpact": "HIGH",
|
|
"availabilityImpact": "HIGH"
|
|
},
|
|
"exploitabilityScore": 3.9,
|
|
"impactScore": 5.9
|
|
}
|
|
],
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
|
"baseScore": 7.5,
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "LOW",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "PARTIAL",
|
|
"integrityImpact": "PARTIAL",
|
|
"availabilityImpact": "PARTIAL"
|
|
},
|
|
"baseSeverity": "HIGH",
|
|
"exploitabilityScore": 10.0,
|
|
"impactScore": 6.4,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-502"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "2.0.0",
|
|
"versionEndExcluding": "2.6.7.3",
|
|
"matchCriteriaId": "7036DA13-110D-40B3-8494-E361BBF4AFCD"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "2.8.0",
|
|
"versionEndExcluding": "2.8.11.5",
|
|
"matchCriteriaId": "BF323F3D-B2A4-41E7-94F9-5539C9B7025E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "2.9.0",
|
|
"versionEndExcluding": "2.9.10.1",
|
|
"matchCriteriaId": "18324CA7-89A0-4212-B603-E9C3DD998219"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "80F0FA5D-8D3B-4C0E-81E2-87998286AF33"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "0952BA1A-5DF9-400F-B01F-C3A398A8A2D4"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B4911A72-5FAE-47C5-A141-2E3CA8E1CCAB"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:linux:*:*",
|
|
"versionStartIncluding": "7.3",
|
|
"matchCriteriaId": "9FBC1BD0-FF12-4691-8751-5F245D991989"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:windows:*:*",
|
|
"versionStartIncluding": "7.3",
|
|
"matchCriteriaId": "BD075607-09B7-493E-8611-66D041FFDA62"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vmware_vsphere:*:*",
|
|
"versionStartIncluding": "9.5",
|
|
"matchCriteriaId": "0CB28AF5-5AF0-4475-A7B6-12E1795FFDCB"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:netapp:oncommand_api_services:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "5EC98B22-FFAA-4B59-8E63-EBAA4336AD13"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "5735E553-9731-4AAC-BCFF-989377F817B3"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:netapp:service_level_manager:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "7081652A-D28B-494E-94EF-CA88117F23EE"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E94F7F59-1785-493F-91A7-5F5EA5E87E4D"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:banking_platform:2.4.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C2BEE49E-A5AA-42D3-B422-460454505480"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:banking_platform:2.4.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F4FF66F7-10C8-4A1C-910A-EF7D12A4284C"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:banking_platform:2.5.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "35AD0C07-9688-4397-8D45-FBB88C0F0C11"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:banking_platform:2.6.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "8972497F-6E24-45A9-9A18-EB0E842CB1D4"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:banking_platform:2.6.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "400509A8-D6F2-432C-A2F1-AD5B8778D0D9"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:banking_platform:2.6.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "132CE62A-FBFC-4001-81EC-35D81F73AF48"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:banking_platform:2.7.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "282150FF-C945-4A3E-8A80-E8757A8907EA"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:banking_platform:2.7.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "645AA3D1-C8B5-4CD2-8ACE-31541FA267F0"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:banking_platform:2.9.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "AB9FC9AB-1070-420F-870E-A5EC43A924A4"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5.0.23.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "790A89FD-6B86-49AE-9B4F-AE7262915E13"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.3.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E39D442D-1997-49AF-8B02-5640BE2A26CC"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:communications_calendar_server:8.0.0.2.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "559579F1-3975-45C5-9F62-2F0A5AF13E84"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:communications_calendar_server:8.0.0.3.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "50882F8D-9740-4CC0-B2C6-CCE4F6D90C7C"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:1.2.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "ADE6EF8F-1F05-429B-A916-76FDB20CEB81"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:communications_evolved_communications_application_server:7.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "987811D5-DA5E-493D-8709-F9231A84E5F9"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:database_server:12.2.0.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "5C614BA7-7103-4ED7-ADD0-56064FE256A3"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:database_server:18c:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "6833701E-5510-4180-9523-9CFD318DEE6A"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:database_server:19c:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B2204841-585F-40C7-A1D9-C34E612808CA"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:global_lifecycle_management_nextgen_oui_framework:12.2.1.3.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "08A37FE9-B626-48C3-8FE0-D4F1A559E0B8"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:global_lifecycle_management_nextgen_oui_framework:12.2.1.4.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "6495B29F-3DA2-4628-9CC0-39617871F3AD"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:global_lifecycle_management_nextgen_oui_framework:13.9.4.2.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "5A6FFB5C-EB44-499F-BE81-24ED2B1F201A"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:goldengate_application_adapters:19.1.0.0.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E7BE0590-31BD-4FCD-B50E-A5F86196F99E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:jd_edwards_enterpriseone_orchestrator:9.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "989598A3-7012-4F57-B172-02404E20D16D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "41684398-18A4-4DC6-B8A2-3EBAA0CBF9A6"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "17.12.0",
|
|
"versionEndIncluding": "17.12.6",
|
|
"matchCriteriaId": "BA6FCD1C-9093-4630-8016-B70F25C34358"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "18.8.0",
|
|
"versionEndIncluding": "18.8.8",
|
|
"matchCriteriaId": "597495A7-FE17-4B31-804D-B28C2B872B4D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:primavera_gateway:19.12.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B201A85E-1310-46B8-8A3B-FF7675F84E09"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "17.7",
|
|
"versionEndIncluding": "17.12",
|
|
"matchCriteriaId": "08FA59A8-6A62-4B33-8952-D6E658F8DAC9"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:primavera_unifier:16.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "D55A54FD-7DD1-49CD-BE81-0BE73990943C"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:primavera_unifier:16.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "82EB08C0-2D46-4635-88DF-E54F6452D3A3"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "202AD518-2E9B-4062-B063-9858AE1F9CE2"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "10864586-270E-4ACF-BDCC-ECFCD299305F"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:retail_merchandising_system:15.0.3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E7C9BB48-50B2-4735-9E2F-E492C708C36D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:retail_merchandising_system:16.0.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "4A848888-0A4A-4B6D-8176-9A2685B37AC2"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:retail_merchandising_system:16.0.3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F8383028-B719-41FD-9B6A-71F8EB4C5F8D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:retail_sales_audit:14.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "7DA6E92C-AC3B-40CF-96AE-22CD8769886F"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:siebel_engineering_-_installer_\\&_deployment:*:*:*:*:*:*:*:*",
|
|
"versionEndIncluding": "2.20.5",
|
|
"matchCriteriaId": "A83C7FAE-9848-427E-88F8-BFA24134A84B"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:siebel_ui_framework:*:*:*:*:*:*:*:*",
|
|
"versionEndIncluding": "20.5",
|
|
"matchCriteriaId": "F510ED6D-7BF8-4548-BF0F-3CF926EB135E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:siebel_ui_framework:20.6:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E66708CA-D7AC-4FE8-97D5-E8998A40CC85"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "D6A4F71A-4269-40FC-8F61-1D1301F2B728"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "5A502118-5B2B-47AE-82EC-1999BD841103"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:webcenter_sites:12.2.1.3.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "D551CAB1-4312-44AA-BDA8-A030817E153A"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:webcenter_sites:12.2.1.4.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "174A6D2E-E42E-4C92-A194-C6A820CD7EF4"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F14A818F-AA16-4438-A3E4-E64C9287AC66"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "4A5BB153-68E0-4DDA-87D1-0D9AB7F0A418"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "https://access.redhat.com/errata/RHSA-2019:3901",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Third Party Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://access.redhat.com/errata/RHSA-2020:0159",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Third Party Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://access.redhat.com/errata/RHSA-2020:0160",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Third Party Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://access.redhat.com/errata/RHSA-2020:0161",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Third Party Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://access.redhat.com/errata/RHSA-2020:0164",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Third Party Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://access.redhat.com/errata/RHSA-2020:0445",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Third Party Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://github.com/FasterXML/jackson-databind/issues/2478",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Patch",
|
|
"Third Party Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://issues.apache.org/jira/browse/GEODE-7255",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Issue Tracking",
|
|
"Third Party Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://lists.apache.org/thread.html/7782a937c9259a58337ee36b2961f00e2d744feafc13084e176d0df5%40%3Cissues.geode.apache.org%3E",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://lists.apache.org/thread.html/a430dbc9be874c41314cc69e697384567a9a24025e819d9485547954%40%3Cissues.geode.apache.org%3E",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://lists.apache.org/thread.html/b2e23c94f9dfef53e04c492e5d02e5c75201734be7adc73a49ef2370%40%3Cissues.geode.apache.org%3E",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00001.html",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Mailing List",
|
|
"Third Party Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q7CANA7KV53JROZDX5Z5P26UG5VN2K43/",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TH5VFUN4P7CCIP7KSEXYA5MUTFCUDUJT/",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://medium.com/%40cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://seclists.org/bugtraq/2019/Oct/6",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Issue Tracking",
|
|
"Mailing List",
|
|
"Third Party Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://security.netapp.com/advisory/ntap-20191017-0006/",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Third Party Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://www.debian.org/security/2019/dsa-4542",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Mailing List",
|
|
"Third Party Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://www.oracle.com//security-alerts/cpujul2021.html",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Patch",
|
|
"Third Party Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://www.oracle.com/security-alerts/cpuApr2021.html",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Patch",
|
|
"Third Party Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Third Party Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://www.oracle.com/security-alerts/cpujan2020.html",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Third Party Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://www.oracle.com/security-alerts/cpujul2020.html",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Third Party Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Patch",
|
|
"Third Party Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://access.redhat.com/errata/RHSA-2019:3901",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108",
|
|
"tags": [
|
|
"Third Party Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://access.redhat.com/errata/RHSA-2020:0159",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108",
|
|
"tags": [
|
|
"Third Party Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://access.redhat.com/errata/RHSA-2020:0160",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108",
|
|
"tags": [
|
|
"Third Party Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://access.redhat.com/errata/RHSA-2020:0161",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108",
|
|
"tags": [
|
|
"Third Party Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://access.redhat.com/errata/RHSA-2020:0164",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108",
|
|
"tags": [
|
|
"Third Party Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://access.redhat.com/errata/RHSA-2020:0445",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108",
|
|
"tags": [
|
|
"Third Party Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://github.com/FasterXML/jackson-databind/issues/2478",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108",
|
|
"tags": [
|
|
"Patch",
|
|
"Third Party Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://issues.apache.org/jira/browse/GEODE-7255",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108",
|
|
"tags": [
|
|
"Issue Tracking",
|
|
"Third Party Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "https://lists.apache.org/thread.html/7782a937c9259a58337ee36b2961f00e2d744feafc13084e176d0df5%40%3Cissues.geode.apache.org%3E",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "https://lists.apache.org/thread.html/a430dbc9be874c41314cc69e697384567a9a24025e819d9485547954%40%3Cissues.geode.apache.org%3E",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "https://lists.apache.org/thread.html/b2e23c94f9dfef53e04c492e5d02e5c75201734be7adc73a49ef2370%40%3Cissues.geode.apache.org%3E",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00001.html",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108",
|
|
"tags": [
|
|
"Mailing List",
|
|
"Third Party Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q7CANA7KV53JROZDX5Z5P26UG5VN2K43/",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TH5VFUN4P7CCIP7KSEXYA5MUTFCUDUJT/",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "https://medium.com/%40cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "https://seclists.org/bugtraq/2019/Oct/6",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108",
|
|
"tags": [
|
|
"Issue Tracking",
|
|
"Mailing List",
|
|
"Third Party Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://security.netapp.com/advisory/ntap-20191017-0006/",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108",
|
|
"tags": [
|
|
"Third Party Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://www.debian.org/security/2019/dsa-4542",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108",
|
|
"tags": [
|
|
"Mailing List",
|
|
"Third Party Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://www.oracle.com//security-alerts/cpujul2021.html",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108",
|
|
"tags": [
|
|
"Patch",
|
|
"Third Party Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://www.oracle.com/security-alerts/cpuApr2021.html",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108",
|
|
"tags": [
|
|
"Patch",
|
|
"Third Party Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108",
|
|
"tags": [
|
|
"Third Party Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://www.oracle.com/security-alerts/cpujan2020.html",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108",
|
|
"tags": [
|
|
"Third Party Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://www.oracle.com/security-alerts/cpujul2020.html",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108",
|
|
"tags": [
|
|
"Third Party Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108",
|
|
"tags": [
|
|
"Patch",
|
|
"Third Party Advisory"
|
|
]
|
|
}
|
|
]
|
|
} |