Oracle Application Session Controller Vulnerabilidad

Cronología

Versión

3.9m0p14
3.9m0p24
3.04
3.14
3.24

Contramedidas

Official Fix22
Temporary Fix0
Workaround0
Unavailable0
Not Defined0

Explotabilidad

High0
Functional0
Proof-of-Concept2
Unproven0
Not Defined20

Vector de acceso

Not Defined0
Physical0
Local2
Adjacent0
Network20

Autenticación

Not Defined0
High0
Low4
None18

La interacción del usuario

Not Defined0
Required2
None20

C3BM Index

CVSSv3 Base

≤10
≤20
≤30
≤42
≤50
≤62
≤74
≤88
≤90
≤106

CVSSv3 Temp

≤10
≤20
≤30
≤42
≤50
≤64
≤72
≤88
≤94
≤102

VulDB

≤10
≤20
≤30
≤42
≤50
≤64
≤72
≤88
≤92
≤104

NVD

≤10
≤20
≤30
≤42
≤50
≤62
≤74
≤84
≤92
≤106

CNA

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Proveedor

≤10
≤20
≤30
≤40
≤50
≤62
≤70
≤82
≤92
≤102

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Explotar día 0

<1k0
<2k0
<5k0
<10k4
<25k14
<50k2
<100k2
≥100k0

Explotar hoy

<1k14
<2k4
<5k2
<10k2
<25k0
<50k0
<100k0
≥100k0

Explotar el volumen del mercado

Affected Versions (15): 3.0, 3.1, 3.2, 3.3, 3.4, 3.5, 3.6, 3.7, 3.7.1, 3.8, 3.8m0, 3.9, 3.9m0p1, 3.9m0p2, 3.9m0p3

Link to Product Website: https://www.oracle.com

Tipo de software: Cloud Software

Fecha de publicaciónBaseTempVulnerabilidad0dayHoyExpConCTICVE
2021-10-195.35.2Oracle Communications Application Session Controller Apache Commons IO divulgación de información$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2021-29425
2021-10-198.38.1Oracle Communications Application Session Controller JDBC Remote Code Execution$25k-$100k$0-$5kNot DefinedOfficial Fix0.00CVE-2021-2351
2021-07-207.57.2Oracle Communications Application Session Controller dojo escalada de privilegios$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2020-5258
2021-04-216.76.4Oracle Communications Application Session Controller Security escalada de privilegios$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2020-11987
2021-04-219.08.6Oracle Communications Application Session Controller Bouncy Castle Java Library Remote Code Execution$100k y más$5k-$25kNot DefinedOfficial Fix0.00CVE-2020-28052
2021-01-207.57.2Oracle Communications Application Session Controller Apache Batik escalada de privilegios$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2019-17566
2021-01-207.47.1Oracle Communications Application Session Controller Eclipse Jetty Local Privilege Escalation$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2020-27216
2020-10-203.73.6Oracle Communications Application Session Controller WS/WEB divulgación de información$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2020-9488
2020-10-206.15.8Oracle Communications Application Session Controller cross site scripting$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2020-11022
2020-10-209.49.0Oracle Communications Application Session Controller WS/WEB escalada de privilegios$25k-$100k$0-$5kNot DefinedOfficial Fix0.00CVE-2019-17638

11 no se muestran más entradas

más entradas por Oracle

Might our Artificial Intelligence support you?

Check our Alexa App!