Oracle Commerce 漏洞

时间轴

去年

版本

11.3.2	70
11.3.0	22
11.3.1	19
11.1	11
11.2	9

修正

Official Fix	105
Temporary Fix	0
Workaround	0
Unavailable	0
Not Defined	2

易受攻击性

High	3
Functional	0
Proof-of-Concept	2
Unproven	0
Not Defined	102

访问向量

Not Defined	0
Physical	0
Local	4
Adjacent	0
Network	103

身份验证

Not Defined	0
High	2
Low	17
None	88

用户交互

Not Defined	0
Required	28
None	79

CVSSv3 Base

≤1	0
≤2	0
≤3	0
≤4	3
≤5	5
≤6	16
≤7	22
≤8	36
≤9	12
≤10	13

CVSSv3 Temp

≤1	0
≤2	0
≤3	0
≤4	3
≤5	5
≤6	24
≤7	16
≤8	40
≤9	6
≤10	13

VulDB

≤1	0
≤2	0
≤3	0
≤4	3
≤5	4
≤6	17
≤7	21
≤8	36
≤9	13
≤10	13

NVD

≤1	0
≤2	0
≤3	0
≤4	2
≤5	3
≤6	9
≤7	16
≤8	29
≤9	10
≤10	12

CNA

≤1	0
≤2	0
≤3	0
≤4	2
≤5	1
≤6	4
≤7	6
≤8	5
≤9	4
≤10	1

供应商

≤1	0
≤2	0
≤3	0
≤4	1
≤5	2
≤6	4
≤7	5
≤8	5
≤9	2
≤10	3

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

零日攻击

<1k	0
<2k	0
<5k	4
<10k	25
<25k	59
<50k	7
<100k	10
≥100k	2

本日攻击

<1k	53
<2k	21
<5k	17
<10k	3
<25k	13
<50k	0
<100k	0
≥100k	0

Affected Versions (41): 3.0, 3.0.2, 3.1.1, 3.1.2, 4.0, 5.0, 5.1, 5.2, 5.3, 6, 6.0, 6.0.1, 6.1, 6.1.4, 6.2.2, 6.3, 6.4.1.2, 6.5, 6.5.1, 6.5.2, 9.4, 10.0, 10.0.3.5, 10.2, 10.2.0.5, 11, 11.0, 11.1, 11.1,0, 11.2, 11.2.0.1, 11.2.0.2, 11.2.0.3, 11.3, 11.3.1, 11.3.1.5, 11.3.2, 15.0, 15.1, 16.0, 16.0.1

Link to Product Website: https://www.oracle.com

已发布	Base	Temp	漏洞	0day	今天	易	修正	CTI	CVE
2024-04-17	4.8	4.7	Oracle Commerce Platform Remote Code Execution	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2024-21100
2024-01-16	3.3	3.2	Oracle Commerce Guided Search Workbench 拒绝服务	$0-$5k	$0-$5k	Not Defined	Official Fix	0.02	CVE-2022-33879
2024-01-16	7.2	7.1	Oracle Commerce Platform Endeca Integration 拒绝服务	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.07	CVE-2022-40152
2024-01-16	7.5	7.2	Oracle Commerce Guided Search Workbench 拒绝服务	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.05	CVE-2023-44487
2024-01-16	7.5	7.3	Oracle Commerce Guided Search Workbench 拒绝服务	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.02	CVE-2023-5072
2024-01-16	7.5	7.3	Oracle Commerce Guided Search Content Acquisition System 权限升级	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.04	CVE-2023-46589
2023-10-17	5.9	5.8	Oracle Commerce Guided Search Content Acquisition System 未知漏洞	$5k-$25k	$5k-$25k	Not Defined	Official Fix	0.00	CVE-2023-22043
2023-10-17	6.1	5.9	Oracle Commerce Guided Search Workbench 未知漏洞	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.03	CVE-2023-22029
2023-10-17	6.5	6.3	Oracle Commerce Guided Search Workbench 拒绝服务	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2023-20863
2023-10-17	6.5	6.2	Oracle Commerce Guided Search Content Acquisition System 信息公开	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2021-37533
2023-10-17	7.5	7.3	Oracle Commerce Guided Search Workbench 拒绝服务	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2023-28709
2023-10-17	7.7	7.6	Oracle Commerce Guided Search Endeca Application Controller 拒绝服务	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2022-41966
2023-07-18	5.6	5.5	Oracle Commerce Platform WebUI 跨网站脚本	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2023-28439
2023-07-18	6.2	6.1	Oracle Commerce Guided Search Experience Manager 跨网站脚本	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2021-41184
2023-07-18	6.5	6.3	Oracle Commerce Guided Search Endeca Application Controller 拒绝服务	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2022-23437
2023-07-18	7.3	7.1	Oracle Commerce Guided Search Experience Manager/Platform Services 权限升级	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2019-10086
2023-07-18	7.5	7.3	Oracle Commerce Platform 拒绝服务	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2023-24998
2023-07-18	6.8	6.7	Oracle Commerce Guided Search Experience Manager 拒绝服务	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2022-41881
2023-07-18	7.5	7.2	Oracle Commerce Guided Search Endeca Application Controller 未知漏洞	$5k-$25k	$5k-$25k	Not Defined	Official Fix	0.00	CVE-2022-45143
2023-07-18	7.5	7.3	Oracle Commerce Guided Search Endeca Application Controller 信息公开	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2021-40690
2023-04-18	6.5	6.3	Oracle Commerce Guided Search Content Acquisition System/Workbench 拒绝服务	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2022-23437
2023-04-18	7.2	7.1	Oracle Commerce Guided Search Workbench 拒绝服务	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2022-24729
2023-04-18	7.5	7.2	Oracle Commerce Guided Search Content Acquisition System/Workbench 拒绝服务	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2022-42003
2023-04-18	7.5	7.3	Oracle Commerce Guided Search Content Acquisition System/Workbench 权限升级	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.02	CVE-2022-45143
2023-04-18	7.2	7.1	Oracle Commerce Guided Search Content Acquisition System 拒绝服务	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2022-40152

82 更多条目未显示

🔒 Login Required

You need to signup and login to see more of the remaining 82 results.

更多条目由 Oracle

◂ 上一步一览下一步 ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!