Oracle Fusion Middleware Vulnerabilities

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Version

8.3.726
8.3.524
11.1.1.512
10.1.3.6.010
11.1.1.3.010

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Remediation

Official Fix140
Temporary Fix0
Workaround0
Unavailable0
Not Defined70

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Exploitability

High4
Functional0
Proof-of-Concept14
Unproven22
Not Defined170

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Access Vector

Not Defined0
Physical0
Local44
Adjacent2
Network164

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Authentication

Not Defined0
High2
Low38
None170

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

User Interaction

Not Defined0
Required16
None194

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

C3BM Index

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

CVSSv3 Base

≤10
≤20
≤32
≤440
≤526
≤680
≤718
≤822
≤910
≤1012

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

CVSSv3 Temp

≤10
≤20
≤38
≤436
≤538
≤670
≤726
≤816
≤96
≤1010

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

VulDB

≤10
≤20
≤32
≤440
≤526
≤684
≤716
≤826
≤94
≤1012

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

NVD

≤10
≤20
≤30
≤40
≤52
≤62
≤76
≤810
≤92
≤1012

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

CNA

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤92
≤100

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

≤10
≤20
≤30
≤40
≤50
≤62
≤74
≤84
≤92
≤108

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Exploit 0-day

<1k0
<2k4
<5k20
<10k76
<25k76
<50k32
<100k0
≥100k2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Exploit Today

<1k128
<2k18
<5k20
<10k28
<25k16
<50k0
<100k0
≥100k0

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Exploit Market Volume

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

🔴 CTI Activities

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Affected Versions (103): 2.0, 2.1.1, 2.2.2, 2.3, 2.4, 3.0, 3.0.0.4, 3.0.0.11, 3.0.1, 3.1, 3.1.2, 6.0, 6.1, 6.2, 6.3, 7, 7.0.1, 7.0.2, 7.0.3, 7.3, 7.4, 7.5.1.1, 7.5.2, 7.6, 7.6.1, 7.6.2, 8.1, 8.1.6, 8.3, 8.3.1, 8.3.2, 8.3.3, 8.3.4, 8.3.5, 8.3.7, 8.4, 8.5, 8.5.1, 8.5.2, 9.0, 9.1.0.4, 9.2.3, 9.2.4, 10.0.2, 10.1.2.3, 10.1.3.1, 10.1.3.4, 10.1.3.4.1, 10.1.3.4.2, 10.1.3.5, 10.1.3.5.1, 10.1.3.6, 10.1.4.0.1, 10.1.4.3, 10.3, 10.3.1, 10.3.2, 10.3.3, 10.3.4, 10.3.4.2, 10.3.5, 10.3.6, 11.1, 11.1.1, 11.1.1.1, 11.1.1.2, 11.1.1.3, 11.1.1.4, 11.1.1.5, 11.1.1.6, 11.1.1.6.1, 11.1.1.6.2, 11.1.1.7, 11.1.1.7.4, 11.1.1.8, 11.1.1.9, 11.1.2, 11.1.2.1, 11.1.2.2, 11.1.2.3, 11.1.2.4, 12.1.0.5, 12.1.1, 12.1.2, 12.1.3, 12.2.1.1, 12.2.1.2, 12.2.1.3, 12.2.1.4, 12.2.2, 13.2, 13.3, 27.7, 27.7.1, 27.7.2, 27.7.3, 28.2, 28.2.1, 28.2.2, 28.2.3, 28.2.4, EECS 2.0.6.2.3, MSS 3.0

Link to Product Website: https://www.oracle.com

Software Type: Middleware

PublishedBaseTempVulnerability0dayTodayExpRemCTICVE
07/20/20216.76.4Oracle Fusion Middleware MapViewer Apache Batik input validation$5k-$25k$0-$5kNot DefinedOfficial Fix0.01CVE-2020-11987
04/21/20216.15.8Oracle Fusion Middleware MapViewer Install cross site scripting$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2020-11022
04/21/20217.37.0Oracle Fusion Middleware Centralized Thirdparty Jars deserialization$5k-$25k$0-$5kNot DefinedOfficial Fix0.03CVE-2019-10086
04/21/20217.57.2Oracle Fusion Middleware MapViewer Install server-side request forgery$5k-$25k$0-$5kNot DefinedOfficial Fix0.01CVE-2019-17566
04/21/20217.77.3Oracle Fusion Middleware Centralized Thirdparty Jars Privilege Escalation$25k-$100k$0-$5kNot DefinedOfficial Fix0.01CVE-2020-5421
04/21/20219.89.4Oracle Fusion Middleware Centralized Thirdparty Jars xml external entity reference$25k-$100k$5k-$25kNot DefinedOfficial Fix0.01CVE-2020-10683
04/21/20216.56.2Oracle Enterprise Manager for Fusion Middleware FMW Control Plugin denial of service$0-$5k$0-$5kNot DefinedOfficial Fix0.03CVE-2021-2134
04/21/20217.37.0Oracle Enterprise Manager for Fusion Middleware FMW Control Plugin Remote Code Execution$5k-$25k$0-$5kNot DefinedOfficial Fix0.06CVE-2021-2008
01/20/20217.37.0Oracle Fusion Middleware MapViewer Install deserialization$5k-$25k$0-$5kNot DefinedOfficial Fix0.03CVE-2019-10086
01/19/20214.84.7Oracle Fusion Middleware MapViewer Install path traversal$5k-$25k$0-$5kNot DefinedOfficial Fix0.03CVE-2021-29425
01/19/20218.38.1Oracle Fusion Middleware Centralized Third-party Jars Remote Code Execution$25k-$100k$0-$5kNot DefinedOfficial Fix0.00CVE-2021-2351
07/15/20203.73.6Oracle Fusion Middleware MapViewer Install certificate validation$5k-$25k$0-$5kNot DefinedOfficial Fix0.01CVE-2020-9488
07/15/20206.15.8Oracle Fusion Middleware MapViewer Tile Server cross site scripting$5k-$25k$0-$5kNot DefinedOfficial Fix0.03CVE-2020-14607
07/15/20208.27.8Oracle Fusion Middleware MapViewer Tile Server unknown vulnerability$5k-$25k$0-$5kNot DefinedOfficial Fix0.01CVE-2020-14608
07/15/20208.48.0Oracle Enterprise Manager for Fusion Middleware Coherence Management server-side request forgery$5k-$25k$0-$5kNot DefinedOfficial Fix0.04CVE-2019-0227
04/15/20206.15.8Oracle Fusion Middleware MapViewer Install cross site scripting$5k-$25k$0-$5kNot DefinedOfficial Fix0.04CVE-2019-11358
04/15/20209.89.4Oracle Fusion Middleware MapViewer Install xml external entity reference$25k-$100k$5k-$25kNot DefinedOfficial Fix0.06CVE-2019-13990
01/15/20206.05.7Oracle Enterprise Manager for Fusion Middleware APM Mesh denial of service$5k-$25k$0-$5kNot DefinedOfficial Fix0.01CVE-2020-2614
07/16/20197.57.2Oracle Enterprise Manager for Fusion Middleware Apache Commons FileUpload risky encryption$5k-$25k$0-$5kNot DefinedOfficial Fix0.02CVE-2018-1000180
06/18/20199.08.6Oracle Fusion Middleware WebLogic Server access control$5k-$25k$0-$5kNot DefinedOfficial Fix0.02CVE-2019-2729
04/26/20199.89.8Oracle Fusion Middleware WebLogic Server access control$5k-$25k$0-$5kHighNot Defined0.00CVE-2019-2725
04/16/20196.15.8Oracle Fusion Middleware MapViewer Install Local Privilege Escalation$5k-$25k$0-$5kNot DefinedOfficial Fix0.03CVE-2015-9251
01/16/20199.89.4Oracle Fusion Middleware MapViewer Freeimage access control$25k-$100k$5k-$25kNot DefinedOfficial Fix0.01CVE-2016-1000031
10/16/20186.15.8Oracle Fusion Middleware MapViewer Install cross site scripting$5k-$25k$0-$5kNot DefinedOfficial Fix0.02CVE-2017-14735
07/18/20185.35.1Oracle Fusion Middleware Nofication Service access control$5k-$25k$0-$5kNot DefinedOfficial Fix0.01CVE-2018-3108

185 more entries are not shown

more entries by Oracle

Interested in the pricing of exploits?

See the underground prices here!