Oracle Http Server Luki w zabezpieczeniach

Oś czasu

Ostatni rok

Wersja

12.2.1.4.041
12.2.1.3.025
11.1.1.7.023
12.1.2.015
11.1.1.9.013

Przeciwdziałanie

Official Fix109
Temporary Fix0
Workaround1
Unavailable0
Not Defined6

Wykorzystywanie

High6
Functional0
Proof-of-Concept24
Unproven8
Not Defined78

Wektor dostępu

Not Defined0
Physical0
Local10
Adjacent0
Network106

Uwierzytelnianie

Not Defined0
High1
Low10
None105

Interakcja z użytkownikiem

Not Defined0
Required19
None97

C3BM Index

Ostatni rok

CVSSv3 Base

≤10
≤20
≤30
≤48
≤510
≤645
≤710
≤823
≤94
≤1016

CVSSv3 Temp

≤10
≤20
≤31
≤410
≤523
≤632
≤716
≤815
≤98
≤1011

VulDB

≤10
≤20
≤30
≤49
≤59
≤645
≤711
≤823
≤93
≤1016

NVD

≤10
≤20
≤30
≤42
≤50
≤610
≤77
≤814
≤94
≤1013

CNA

≤10
≤20
≤30
≤41
≤50
≤63
≤71
≤82
≤90
≤101

Sprzedawca

≤10
≤20
≤30
≤41
≤50
≤66
≤72
≤84
≤91
≤101

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Exploit 0-day

<1k0
<2k0
<5k1
<10k47
<25k46
<50k9
<100k10
≥100k3

Wykorzystaj dzisiaj

<1k84
<2k11
<5k8
<10k2
<25k10
<50k1
<100k0
≥100k0

Wykorzystaj wielkość rynku

Ostatni rok

🔴 CTI Zajęcia

Affected Versions (18): 1.3.22, 2.1, 2.2.9, 9.2.0.7, 9.2.0.8, 10.1.3.5, 11.1.1.5, 11.1.1.6, 11.1.1.7, 11.1.1.9, 11.1.2.1, 12.1.2, 12.1.3, 12.2.1.1, 12.2.1.2, 12.2.1.3, 12.2.1.4, 12.2.1.5

Link to Product Website: https://www.oracle.com

Typ oprogramowania: Web Server

OpublikowanoBaseTempSłaby punkt0dayDzisiajWykPrzCTICVE
2024-04-175.35.2Oracle HTTP Server Web Listener information disclosure$5k-$25k$0-$5kNot DefinedOfficial Fix0.04CVE-2024-20991
2024-01-165.35.2Oracle HTTP Server SSL Module denial of service$5k-$25k$0-$5kNot DefinedOfficial Fix0.04CVE-2023-3817
2024-01-169.89.6Oracle HTTP Server Third Party memory corruption$25k-$100k$5k-$25kNot DefinedOfficial Fix0.04CVE-2023-38545
2023-10-175.35.2Oracle HTTP Server SSL Module privilege escalation$5k-$25k$0-$5kNot DefinedOfficial Fix0.04CVE-2022-37436
2023-10-176.56.3Oracle HTTP Server SSL Module denial of service$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2023-28484
2023-10-176.56.2Oracle HTTP Server SSL Module denial of service$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2023-2650
2023-10-177.57.3Oracle HTTP Server Web Listener information disclosure$5k-$25k$0-$5kNot DefinedOfficial Fix0.02CVE-2023-22019
2023-07-187.57.3Oracle HTTP Server Thirdparty denial of service$5k-$25k$0-$5kNot DefinedOfficial Fix0.02CVE-2022-43680
2023-07-189.18.9Oracle HTTP Server SSL Module weak encryption$25k-$100k$5k-$25kNot DefinedOfficial Fix0.03CVE-2023-23914
2023-07-189.89.6Oracle HTTP Server SSL Module privilege escalation$25k-$100k$25k-$100kNot DefinedOfficial Fix0.02CVE-2023-25690
2023-04-187.57.3Oracle HTTP Server SSL Module information disclosure$5k-$25k$0-$5kNot DefinedOfficial Fix0.03CVE-2022-43551
2023-04-187.57.3Oracle HTTP Server SSL Module denial of service$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2021-34798
2023-04-187.87.6Oracle HTTP Server SSL Module XML External Entity$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2022-40304
2023-04-189.89.6Oracle HTTP Server SSL Module memory corruption$25k-$100k$5k-$25kNot DefinedOfficial Fix0.00CVE-2022-37434
2023-01-176.56.3Oracle HTTP Server SSL Module denial of service$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2022-29824
2023-01-177.57.3Oracle HTTP Server SSL Module denial of service$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2021-42717
2023-01-177.57.3Oracle HTTP Server SSL Module weak authentication$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2022-27782
2023-01-177.57.3Oracle HTTP Server Centralized Thirdparty Jars denial of service$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2018-25032
2023-01-179.89.6Oracle HTTP Server SSL Module memory corruption$25k-$100k$5k-$25kNot DefinedOfficial Fix0.00CVE-2022-2274
2023-01-179.89.6Oracle HTTP Server SSL Module weak authentication$25k-$100k$5k-$25kNot DefinedOfficial Fix0.00CVE-2022-31813
2023-01-179.89.6Oracle HTTP Server Centralized Thirdparty Jars information disclosure$25k-$100k$5k-$25kNot DefinedOfficial Fix0.02CVE-2022-25236
2022-10-195.35.2Oracle HTTP Server SSL Module denial of service$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2020-14155
2022-10-195.95.8Oracle HTTP Server SSL Module denial of service$5k-$25k$0-$5kNot DefinedOfficial Fix0.02CVE-2021-3537
2022-10-196.56.3Oracle HTTP Server Web Listener information disclosure$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2020-24977
2022-10-197.16.9Oracle HTTP Server OHS Config MBeans nieznana luka$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2022-21593

91 więcej wpisów nie jest pokazywanych

🔒 Login Required

You need to signup and login to see more of the remaining 91 results.

więcej wpisów autorstwa Oracle

PoprzedniPrzeglądKolejny

Interested in the pricing of exploits?

See the underground prices here!