Oracle Application Server Schwachstellen

Zeitverlauf

Vergangenes Jahr

Version

9.0.4.3	24
15.0.3	12
16.0.3	10
7.1	9
9.0.2.3	9

Massnahmen

Official Fix	112
Temporary Fix	0
Workaround	3
Unavailable	1
Not Defined	91

Ausnutzbarkeit

High	1
Functional	0
Proof-of-Concept	91
Unproven	0
Not Defined	115

Zugriffsart

Not Defined	0
Physical	0
Local	30
Adjacent	0
Network	177

Authentisierung

Not Defined	0
High	1
Low	40
None	166

Benutzeraktivität

Not Defined	0
Required	32
None	175

CVSSv3 Base

≤1	0
≤2	0
≤3	2
≤4	13
≤5	14
≤6	56
≤7	16
≤8	45
≤9	28
≤10	33

CVSSv3 Temp

≤1	0
≤2	0
≤3	3
≤4	15
≤5	28
≤6	44
≤7	35
≤8	34
≤9	26
≤10	22

VulDB

≤1	0
≤2	0
≤3	2
≤4	13
≤5	14
≤6	56
≤7	15
≤8	45
≤9	27
≤10	35

NVD

≤1	0
≤2	0
≤3	0
≤4	1
≤5	1
≤6	7
≤7	8
≤8	12
≤9	7
≤10	11

CNA

≤1	0
≤2	0
≤3	0
≤4	0
≤5	1
≤6	1
≤7	0
≤8	1
≤9	1
≤10	1

Hersteller

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	3
≤7	1
≤8	5
≤9	6
≤10	10

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Exploit 0-day

<1k	0
<2k	0
<5k	5
<10k	55
<25k	75
<50k	61
<100k	9
≥100k	2

Exploit heute

<1k	151
<2k	26
<5k	13
<10k	9
<25k	8
<50k	0
<100k	0
≥100k	0

Affected Versions (105): 0.9.8, 1, 1.0, 1.0.1, 1.0.2, 1.0.2.0.1, 1.0.2.1s, 1.0.2.2, 1.1.8.26, 2, 2.0.0.1, 2.0.0.2, 2.1, 2.1.1, 3, 3.0.1, 3.0.2, 3.0.3, 3.0.4, 3.0.5, 3.0.6, 3.0.7, 3.1, 3.1.1, 3.1.2, 4.0, 4.0.8, 4.0.8.2, 5.1, 5.6.2, 6.0, 6.0.8.26 Ps17, 6.0.8.26(ps17), 6.1, 6.2, 7, 7.0, 7.0.4.3, 7.0.4.4, 7.1, 7.4.9, 8, 8.0, 8.1, 8.1.7, 8.1.9, 8.2, 8.3, 9, 9.0, 9.0.0.4, 9.0.1, 9.0.2, 9.0.2.0.1, 9.0.2.3, 9.0.3, 9.0.3.1, 9.0.4, 9.0.4.1, 9.0.4.2, 9.0.4.3, 9.2.0.1, 9.2.0.6, 9.2.1, 10.1.0.4.2, 10.1.0.5, 10.1.2, 10.1.2.0.1, 10.1.2.0.2, 10.1.2.2, 10.1.2.3, 10.1.3, 10.1.3.1, 10.1.3.2, 10.1.3.3, 10.1.3.4, 10.1.3.4.1, 10.1.4.1, 10g, 12.1.3, 13.1, 13.2, 13.3, 13.3.3, 13.4, 13.4.3, 14.0, 14.0.3, 14.0.3.26, 14.1, 14.1.3, 14.1.3.37, 14.1.3.46, 14.1.3.47, 15.0, 15.0.2, 15.0.3, 15.0.3.1, 15.0.3.115, 15.0.3.116, 16, 16.0, 16.0.3, 16.0.3.24, 16.0.3.26

Link to Product Website: https://www.oracle.com

Softwaretyp: Application Server Software

Veröffentlicht	Base	Temp	Schwachstelle	0day	Heute	Aus	Mas	CTI	CVE
18.07.2023	6.5	6.3	Oracle Retail Predictive Application Server RPAS Server Denial of Service	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2023-20863
18.07.2023	7.0	6.9	Oracle Communications Converged Application Server - Service Controller Third Party Denial of Service	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2023-1436
18.04.2023	9.8	9.6	Oracle Retail Predictive Application Server RPAS Server Pufferüberlauf	$25k-$100k	$5k-$25k	Not Defined	Official Fix	0.02	CVE-2022-37434
18.04.2023	8.1	8.0	Oracle Retail Predictive Application Server RPAS Server schwache Verschlüsselung	$25k-$100k	$5k-$25k	Not Defined	Official Fix	0.00	CVE-2020-35168
17.01.2023	9.8	9.6	Oracle Communications Converged Application Server Core Remote Code Execution	$25k-$100k	$5k-$25k	Not Defined	Official Fix	0.00	CVE-2023-21890
19.10.2022	6.5	6.3	Oracle Retail Predictive Application Server RPAS Server Denial of Service	$0-$5k	$0-$5k	Not Defined	Official Fix	0.02	CVE-2022-22971
19.10.2022	7.5	7.3	Oracle Communications Evolved Communications Application Server Platform Denial of Service	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2020-36518
19.10.2022	7.5	7.3	Oracle Communications Converged Application Server-Service Controller Platform Denial of Service	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2021-28165
19.04.2022	6.6	6.4	Oracle Communications Evolved Communications Application Server SDC/SCF erweiterte Rechte	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2021-44832
19.10.2021	5.5	5.4	Oracle Retail Predictive Application Server Apache Ant Denial of Service	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2021-36374
19.10.2021	7.8	7.6	Oracle Retail Predictive Application Server Spring Framework erweiterte Rechte	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2021-22118
19.10.2021	5.3	5.2	Oracle Communications Converged Application Server - Service Controller Apache Commons IO Information Disclosure	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2021-29425
20.07.2021	5.5	5.3	Oracle Communications Evolved Communications Application Server Apache Groovy Information Disclosure	$0-$5k	Wird berechnet	Not Defined	Official Fix	0.00	CVE-2020-17521
20.07.2021	7.3	7.0	Oracle Communications Evolved Communications Application Server Apache Commons BeanUtils erweiterte Rechte	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2019-10086
20.07.2021	7.5	7.2	Oracle Communications Evolved Communications Application Server jackson-databind XML External Entity	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2020-25649
21.04.2021	6.5	6.2	Oracle Retail Predictive Application Server RPAS Server Information Disclosure	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2019-3740
21.04.2021	7.3	7.0	Oracle Retail Predictive Application Server RPAS Fusion Client erweiterte Rechte	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2019-10086
21.04.2021	7.5	7.2	Oracle Retail Predictive Application Server RPAS Fusion Client unbekannte Schwachstelle	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2020-11979
21.04.2021	7.7	7.3	Oracle Retail Predictive Application Server RPAS Fusion Client Privilege Escalation	$25k-$100k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2020-5421
21.04.2021	7.5	7.2	Oracle Application Server OpenSSL Denial of Service	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2020-1967
21.04.2021	4.8	4.6	Oracle Communications Converged Application Server SC Admin server unbekannte Schwachstelle	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2020-27218
19.01.2021	5.9	5.8	Oracle Retail Predictive Application Server RPAS Server Denial of Service	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2021-45105
19.01.2021	8.3	8.1	Oracle Retail Predictive Application Server RPAS Server Remote Code Execution	$25k-$100k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2021-2351
17.12.2020	6.3	6.3	Oracle Application Server Websocket erweiterte Rechte	$5k-$25k	$5k-$25k	Not Defined	Not Defined	0.00	CVE-2020-25096
20.10.2020	3.7	3.6	Oracle Retail Predictive Application Server RPAS Fusion Client Information Disclosure	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2020-9488

Oracle Application Server Schwachstellen

Zeitverlauf

Vergangenes Jahr

Version

Massnahmen

Ausnutzbarkeit

Zugriffsart

Authentisierung

Benutzeraktivität

C3BM Index

Vergangenes Jahr

CVSSv3 Base

CVSSv3 Temp

VulDB

NVD

CNA

Hersteller

Research

Exploit 0-day

Exploit heute

Exploitmarktvolumen

Vergangenes Jahr

🔴 CTI Aktivitäten

🔒 Login Required

Are you interested in using VulDB?