Oracle Communications Element Manager 8.2.0/8.2.1/8.2.2 denial of service

entryeditHistoryDiffjsonxmlCTI

A vulnerability, which was classified as critical, was found in Oracle Communications Element Manager 8.2.0/8.2.1/8.2.2 (Cloud Software). Affected is an unknown functionality. Upgrading eliminates this vulnerability. A possible mitigation has been published immediately after the disclosure of the vulnerability.

Field11/21/2020 07:34 AM11/22/2020 04:00 PM11/22/2020 04:06 PM
vendorOracleOracleOracle
nameCommunications Element ManagerCommunications Element ManagerCommunications Element Manager
cveCVE-2019-12402CVE-2019-12402CVE-2019-12402
risk222
cwe404 (denial of service)404 (denial of service)404 (denial of service)
cvss3_vuldb_avNNN
cvss3_vuldb_acLLL
cvss3_vuldb_prNNN
cvss3_vuldb_uiNNN
cvss3_vuldb_sUUU
cvss3_vuldb_cNNN
cvss3_vuldb_iNNN
cvss3_vuldb_aHHH
cvss3_vuldb_rlOOO
cvss3_vuldb_rcCCC
version8.2.0/8.2.1/8.2.28.2.0/8.2.1/8.2.28.2.0/8.2.1/8.2.2
urlhttps://www.oracle.com/security-alerts/cpuoct2020.htmlhttps://www.oracle.com/security-alerts/cpuoct2020.htmlhttps://www.oracle.com/security-alerts/cpuoct2020.html
date1603144800 (10/20/2020)1603144800 (10/20/2020)1603144800 (10/20/2020)
identifierOracle Critical Patch Update Advisory - October 2020Oracle Critical Patch Update Advisory - October 2020Oracle Critical Patch Update Advisory - October 2020
nameUpgradeUpgradeUpgrade
date1603144800 (10/20/2020)1603144800 (10/20/2020)1603144800 (10/20/2020)
typeCloud SoftwareCloud SoftwareCloud Software
cvss2_vuldb_avNNN
cvss2_vuldb_acLLL
cvss2_vuldb_auNNN
cvss2_vuldb_ciNNN
cvss2_vuldb_iiNNN
cvss2_vuldb_aiCCC
cvss2_vuldb_eNDNDND
cvss2_vuldb_rlNDNDND
cvss2_vuldb_rcNDNDND
cvss3_vuldb_eXXX
cvss2_vuldb_basescore7.87.87.8
cvss2_vuldb_tempscore6.86.86.8
cvss3_vuldb_basescore7.57.57.5
cvss3_vuldb_tempscore7.27.27.2
cvss3_meta_basescore7.57.57.5
cvss3_meta_tempscore7.27.27.2
price_0day$5k-$25k$5k-$25k$5k-$25k
cvss2_nvd_basescore5.05.05.0
cvss3_nvd_basescore7.57.57.5
cve_assigned15589944001558994400
cve_nvd_summaryThe file name encoding algorithm used internally in Apache Commons Compress 1.15 to 1.18 can get into an infinite loop when faced with specially crafted inputs. This can lead to a denial of service attack if an attacker can choose the file names inside of an archive created by Compress.The file name encoding algorithm used internally in Apache Commons Compress 1.15 to 1.18 can get into an infinite loop when faced with specially crafted inputs. This can lead to a denial of service attack if an attacker can choose the file names inside of an archive created by Compress.
cvss3_nvd_avN
cvss3_nvd_acL
cvss3_nvd_prN
cvss3_nvd_uiN
cvss3_nvd_sU
cvss3_nvd_cN
cvss3_nvd_iN
cvss3_nvd_aH
cvss2_nvd_avN
cvss2_nvd_acL
cvss2_nvd_auN
cvss2_nvd_ciN
cvss2_nvd_iiN
cvss2_nvd_aiP

Do you know our Splunk app?

Download it now for free!