Oracle Application Server 漏洞

时间轴

去年

版本

9.0.4.324
15.0.312
16.0.310
7.19
9.0.2.39

修正

Official Fix112
Temporary Fix0
Workaround3
Unavailable1
Not Defined91

易受攻击性

High1
Functional0
Proof-of-Concept91
Unproven0
Not Defined115

访问向量

Not Defined0
Physical0
Local30
Adjacent0
Network177

身份验证

Not Defined0
High1
Low40
None166

用户交互

Not Defined0
Required32
None175

C3BM Index

去年

CVSSv3 Base

≤10
≤20
≤32
≤413
≤514
≤656
≤716
≤845
≤928
≤1033

CVSSv3 Temp

≤10
≤20
≤33
≤415
≤528
≤644
≤735
≤834
≤926
≤1022

VulDB

≤10
≤20
≤32
≤413
≤514
≤656
≤715
≤845
≤927
≤1035

NVD

≤10
≤20
≤30
≤41
≤51
≤67
≤78
≤812
≤97
≤1011

CNA

≤10
≤20
≤30
≤40
≤51
≤61
≤70
≤81
≤91
≤101

供应商

≤10
≤20
≤30
≤40
≤50
≤63
≤71
≤85
≤96
≤1010

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

零日攻击

<1k0
<2k0
<5k5
<10k55
<25k75
<50k61
<100k9
≥100k2

本日攻击

<1k154
<2k22
<5k14
<10k8
<25k9
<50k0
<100k0
≥100k0

攻击市场容量

去年

🔴 CTI 活动

Affected Versions (105): 0.9.8, 1, 1.0, 1.0.1, 1.0.2, 1.0.2.0.1, 1.0.2.1s, 1.0.2.2, 1.1.8.26, 2, 2.0.0.1, 2.0.0.2, 2.1, 2.1.1, 3, 3.0.1, 3.0.2, 3.0.3, 3.0.4, 3.0.5, 3.0.6, 3.0.7, 3.1, 3.1.1, 3.1.2, 4.0, 4.0.8, 4.0.8.2, 5.1, 5.6.2, 6.0, 6.0.8.26 Ps17, 6.0.8.26(ps17), 6.1, 6.2, 7, 7.0, 7.0.4.3, 7.0.4.4, 7.1, 7.4.9, 8, 8.0, 8.1, 8.1.7, 8.1.9, 8.2, 8.3, 9, 9.0, 9.0.0.4, 9.0.1, 9.0.2, 9.0.2.0.1, 9.0.2.3, 9.0.3, 9.0.3.1, 9.0.4, 9.0.4.1, 9.0.4.2, 9.0.4.3, 9.2.0.1, 9.2.0.6, 9.2.1, 10.1.0.4.2, 10.1.0.5, 10.1.2, 10.1.2.0.1, 10.1.2.0.2, 10.1.2.2, 10.1.2.3, 10.1.3, 10.1.3.1, 10.1.3.2, 10.1.3.3, 10.1.3.4, 10.1.3.4.1, 10.1.4.1, 10g, 12.1.3, 13.1, 13.2, 13.3, 13.3.3, 13.4, 13.4.3, 14.0, 14.0.3, 14.0.3.26, 14.1, 14.1.3, 14.1.3.37, 14.1.3.46, 14.1.3.47, 15.0, 15.0.2, 15.0.3, 15.0.3.1, 15.0.3.115, 15.0.3.116, 16, 16.0, 16.0.3, 16.0.3.24, 16.0.3.26

Link to Product Website: https://www.oracle.com

软件类型: Application Server Software

已发布BaseTemp漏洞0day今天修正CTICVE
2023-07-186.56.3Oracle Retail Predictive Application Server RPAS Server 拒绝服务$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2023-20863
2023-07-187.06.9Oracle Communications Converged Application Server - Service Controller Third Party 拒绝服务$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2023-1436
2023-04-189.89.6Oracle Retail Predictive Application Server RPAS Server 内存损坏$25k-$100k$5k-$25kNot DefinedOfficial Fix0.02CVE-2022-37434
2023-04-188.18.0Oracle Retail Predictive Application Server RPAS Server 弱加密$25k-$100k$5k-$25kNot DefinedOfficial Fix0.00CVE-2020-35168
2023-01-179.89.6Oracle Communications Converged Application Server Core Remote Code Execution$25k-$100k$5k-$25kNot DefinedOfficial Fix0.00CVE-2023-21890
2022-10-196.56.3Oracle Retail Predictive Application Server RPAS Server 拒绝服务$0-$5k$0-$5kNot DefinedOfficial Fix0.02CVE-2022-22971
2022-10-197.57.3Oracle Communications Evolved Communications Application Server Platform 拒绝服务$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2020-36518
2022-10-197.57.3Oracle Communications Converged Application Server-Service Controller Platform 拒绝服务$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2021-28165
2022-04-196.66.4Oracle Communications Evolved Communications Application Server SDC/SCF 权限升级$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2021-44832
2021-10-195.55.4Oracle Retail Predictive Application Server Apache Ant 拒绝服务$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2021-36374
2021-10-197.87.6Oracle Retail Predictive Application Server Spring Framework 权限升级$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2021-22118
2021-10-195.35.2Oracle Communications Converged Application Server - Service Controller Apache Commons IO 信息公开$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2021-29425
2021-07-205.55.3Oracle Communications Evolved Communications Application Server Apache Groovy 信息公开$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2020-17521
2021-07-207.37.0Oracle Communications Evolved Communications Application Server Apache Commons BeanUtils 权限升级$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2019-10086
2021-07-207.57.2Oracle Communications Evolved Communications Application Server jackson-databind XML External Entity$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2020-25649
2021-04-216.56.2Oracle Retail Predictive Application Server RPAS Server 信息公开$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2019-3740
2021-04-217.37.0Oracle Retail Predictive Application Server RPAS Fusion Client 权限升级$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2019-10086
2021-04-217.57.2Oracle Retail Predictive Application Server RPAS Fusion Client 未知漏洞$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2020-11979
2021-04-217.77.3Oracle Retail Predictive Application Server RPAS Fusion Client Privilege Escalation$25k-$100k$0-$5kNot DefinedOfficial Fix0.00CVE-2020-5421
2021-04-217.57.2Oracle Application Server OpenSSL 拒绝服务$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2020-1967
2021-04-214.84.6Oracle Communications Converged Application Server SC Admin server 未知漏洞$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2020-27218
2021-01-195.95.8Oracle Retail Predictive Application Server RPAS Server 拒绝服务$5k-$25k计算Not DefinedOfficial Fix0.00CVE-2021-45105
2021-01-198.38.1Oracle Retail Predictive Application Server RPAS Server Remote Code Execution$25k-$100k$0-$5kNot DefinedOfficial Fix0.00CVE-2021-2351
2020-12-176.36.3Oracle Application Server Websocket 权限升级$5k-$25k$5k-$25kNot DefinedNot Defined0.00CVE-2020-25096
2020-10-203.73.6Oracle Retail Predictive Application Server RPAS Fusion Client 信息公开$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2020-9488

182 更多条目未显示

更多条目由 Oracle

Might our Artificial Intelligence support you?

Check our Alexa App!