CVE-2023-2976 in Oracle Utilities Network Management Systeminfo

Summary

Use of Java's default temporary directory for file creation in `FileBackedOutputStream` in Google Guava versions 1.0 to 31.1 on Unix systems and Android Ice Cream Sandwich allows other users and apps on the machine with access to the default Java temporary directory to be able to access the files created by the class. Even though the security vulnerability is fixed in version 32.0.0, we recommend using version 32.0.1 as version 32.0.0 breaks some functionality under Windows.

Responsible

Google Inc.

Reservation

05/30/2023

Disclosure

06/14/2023

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
251318	Oracle Utilities Network Management System User file access	552	Not defined	Official fix	CVE-2023-2976
251306	Oracle Agile PLM Security file access	552	Not defined	Official fix	CVE-2023-2976
251292	Oracle PeopleSoft Enterprise PeopleTools Open Search/Elastic Search/File Processing file access	552	Not defined	Official fix	CVE-2023-2976
251183	Oracle JDeveloper ADF Faces file access	552	Not defined	Official fix	CVE-2023-2976
251182	Oracle Business Process Management Suite SOA file access	552	Not defined	Official fix	CVE-2023-2976
251138	Oracle FLEXCUBE Investor Servicing Infrastructure Code file access	552	Not defined	Official fix	CVE-2023-2976
251136	Oracle Financial Services Lending and Leasing Internal Operations file access	552	Not defined	Official fix	CVE-2023-2976
251135	Oracle Financial Services Behavior Detection Platform Application file access	552	Not defined	Official fix	CVE-2023-2976
251134	Oracle Financial Services Analytical Applications Infrastructure file access	552	Not defined	Official fix	CVE-2023-2976
251133	Oracle Banking Virtual Account Management Common Core file access	552	Not defined	Official fix	CVE-2023-2976
251132	Oracle Banking Party Management Web UI file access	552	Not defined	Official fix	CVE-2023-2976
251131	Oracle Banking Enterprise Default Management Collections file access	552	Not defined	Official fix	CVE-2023-2976
251130	Oracle Banking Collections and Recovery Infrastructure file access	552	Not defined	Official fix	CVE-2023-2976
251055	Oracle Primavera Unifier Platform file access	552	Not defined	Official fix	CVE-2023-2976
251054	Oracle Primavera P6 Enterprise Project Portfolio Management Web file access	552	Not defined	Official fix	CVE-2023-2976
251041	Oracle Communications Diameter Signaling Router Platform file access	552	Not defined	Official fix	CVE-2023-2976
250986	Oracle Communications Service Catalog and Design PSR Designer file access	552	Not defined	Official fix	CVE-2023-2976
250985	Oracle Communications Messaging Server Security file access	552	Not defined	Official fix	CVE-2023-2976
250984	Oracle Communications Convergence Application file access	552	Not defined	Official fix	CVE-2023-2976
250983	Oracle Communications BRM - Elastic Charging Engine file access	552	Not defined	Official fix	CVE-2023-2976
242809	Oracle Retail Integration Bus RIB Kernal file access	552	Not defined	Official fix	CVE-2023-2976
242808	Oracle Retail Financial Integration PeopleSoft Integration Bugs file access	552	Not defined	Official fix	CVE-2023-2976
242807	Oracle Retail Customer Management and Segmentation Foundation Security file access	552	Not defined	Official fix	CVE-2023-2976
242763	Oracle MySQL Enterprise Monitor Monitoring file access	552	Not defined	Official fix	CVE-2023-2976
242713	Oracle WebLogic Server Centralized Thirdparty Jars file access	552	Not defined	Official fix	CVE-2023-2976
242710	Oracle Fusion Middleware MapViewer Install file access	552	Not defined	Official fix	CVE-2023-2976
242620	Oracle FLEXCUBE Enterprise Limits and Collateral Management Infrastructure file access	552	Not defined	Official fix	CVE-2023-2976
242619	Oracle Banking Trade Finance Process Management Dashboard file access	552	Not defined	Official fix	CVE-2023-2976
242618	Oracle Banking Supply Chain Finance Security file access	552	Not defined	Official fix	CVE-2023-2976
242617	Oracle Banking Payments Core file access	552	Not defined	Official fix	CVE-2023-2976
242616	Oracle Banking Origination Onboarding Batch Processes file access	552	Not defined	Official fix	CVE-2023-2976
242615	Oracle Banking Liquidity Management Common file access	552	Not defined	Official fix	CVE-2023-2976
242614	Oracle Banking Digital Experience UI file access	552	Not defined	Official fix	CVE-2023-2976
242613	Oracle Banking Credit Facilities Process Management Common file access	552	Not defined	Official fix	CVE-2023-2976
242612	Oracle Banking Corporate Lending Process Management Core file access	552	Not defined	Official fix	CVE-2023-2976
242611	Oracle Banking Corporate Lending Core file access	552	Not defined	Official fix	CVE-2023-2976
242610	Oracle Banking Cash Management Accessibility file access	552	Not defined	Official fix	CVE-2023-2976
242609	Oracle Banking Branch Reports file access	552	Not defined	Official fix	CVE-2023-2976
242608	Oracle Banking APIs IDM Authentication file access	552	Not defined	Official fix	CVE-2023-2976
242566	Oracle Primavera Gateway Admin file access	552	Not defined	Official fix	CVE-2023-2976
242528	Oracle Communications Session Report Manager General file access	552	Not defined	Official fix	CVE-2023-2976
242527	Oracle Communications Policy Management CMP file access	552	Not defined	Official fix	CVE-2023-2976
242526	Oracle Communications Element Manager General file access	552	Not defined	Official fix	CVE-2023-2976
242525	Oracle Communications Cloud Native Core Unified Data Repository Signaling file access	552	Not defined	Official fix	CVE-2023-2976
242524	Oracle Communications Cloud Native Core Security Edge Protection Proxy Configuration file access	552	Not defined	Official fix	CVE-2023-2976
242523	Oracle Communications Cloud Native Core Policy Alarms/KPI/Measurements file access	552	Not defined	Official fix	CVE-2023-2976
242522	Oracle Communications Cloud Native Core Network Repository Function Install/Upgrade file access	552	Not defined	Official fix	CVE-2023-2976
242521	Oracle Communications Cloud Native Core Network Exposure Function Platform file access	552	Not defined	Official fix	CVE-2023-2976
242520	Oracle Communications Cloud Native Core Console Configuration file access	552	Not defined	Official fix	CVE-2023-2976
242519	Oracle Communications Cloud Native Core Binding Support Function Install/Upgrade file access	552	Not defined	Official fix	CVE-2023-2976

1 More entries are not shown

🔒 Login Required

You need to signup and login to see more of the remaining 1 results.

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

◂ PreviousOverviewNext ▸

Might our Artificial Intelligence support you?

Check our Alexa App!