Oracle Http Server 漏洞

时间轴

去年

版本

12.2.1.4.0	40
12.2.1.3.0	25
11.1.1.7.0	23
12.1.2.0	15
11.1.1.9.0	13

修正

Official Fix	108
Temporary Fix	0
Workaround	1
Unavailable	0
Not Defined	6

易受攻击性

High	4
Functional	0
Proof-of-Concept	25
Unproven	8
Not Defined	78

访问向量

Not Defined	0
Physical	0
Local	10
Adjacent	0
Network	105

身份验证

Not Defined	0
High	1
Low	10
None	104

用户交互

Not Defined	0
Required	19
None	96

C3BM Index

去年

CVSSv3 Base

≤1	0
≤2	0
≤3	0
≤4	8
≤5	10
≤6	44
≤7	10
≤8	23
≤9	4
≤10	16

CVSSv3 Temp

≤1	0
≤2	0
≤3	1
≤4	10
≤5	23
≤6	31
≤7	16
≤8	15
≤9	8
≤10	11

VulDB

≤1	0
≤2	0
≤3	0
≤4	9
≤5	9
≤6	44
≤7	11
≤8	23
≤9	3
≤10	16

NVD

≤1	0
≤2	0
≤3	0
≤4	2
≤5	0
≤6	10
≤7	7
≤8	14
≤9	4
≤10	13

CNA

≤1	0
≤2	0
≤3	0
≤4	1
≤5	0
≤6	2
≤7	1
≤8	2
≤9	0
≤10	1

供应商

≤1	0
≤2	0
≤3	0
≤4	1
≤5	0
≤6	6
≤7	2
≤8	4
≤9	1
≤10	1

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

零日攻击

<1k	0
<2k	0
<5k	1
<10k	47
<25k	45
<50k	9
<100k	10
≥100k	3

本日攻击

<1k	83
<2k	10
<5k	9
<10k	1
<25k	12
<50k	0
<100k	0
≥100k	0

攻击市场容量

去年

🔴 CTI 活动

Affected Versions (18): 1.3.22, 2.1, 2.2.9, 9.2.0.7, 9.2.0.8, 10.1.3.5, 11.1.1.5, 11.1.1.6, 11.1.1.7, 11.1.1.9, 11.1.2.1, 12.1.2, 12.1.3, 12.2.1.1, 12.2.1.2, 12.2.1.3, 12.2.1.4, 12.2.1.5

Link to Product Website: https://www.oracle.com

软件类型: Web Server

已发布	Base	Temp	漏洞	0day	今天	易	修正	CTI	CVE
2024-01-16	5.3	5.2	Oracle HTTP Server SSL Module 拒绝服务	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.04	CVE-2023-3817
2024-01-16	9.8	9.6	Oracle HTTP Server Third Party 内存损坏	$25k-$100k	$5k-$25k	Not Defined	Official Fix	0.04	CVE-2023-38545
2023-10-17	5.3	5.2	Oracle HTTP Server SSL Module 权限升级	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.04	CVE-2022-37436
2023-10-17	6.5	6.3	Oracle HTTP Server SSL Module 拒绝服务	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.02	CVE-2023-28484
2023-10-17	6.5	6.2	Oracle HTTP Server SSL Module 拒绝服务	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2023-2650
2023-10-17	7.5	7.3	Oracle HTTP Server Web Listener 信息公开	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.02	CVE-2023-22019
2023-07-18	7.5	7.3	Oracle HTTP Server Thirdparty 拒绝服务	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.02	CVE-2022-43680
2023-07-18	9.1	8.9	Oracle HTTP Server SSL Module 弱加密	$25k-$100k	$5k-$25k	Not Defined	Official Fix	0.03	CVE-2023-23914
2023-07-18	9.8	9.6	Oracle HTTP Server SSL Module 权限升级	$25k-$100k	$5k-$25k	Not Defined	Official Fix	0.02	CVE-2023-25690
2023-04-18	7.5	7.3	Oracle HTTP Server SSL Module 信息公开	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.03	CVE-2022-43551
2023-04-18	7.5	7.3	Oracle HTTP Server SSL Module 拒绝服务	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2021-34798
2023-04-18	7.8	7.6	Oracle HTTP Server SSL Module XML External Entity	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2022-40304
2023-04-18	9.8	9.6	Oracle HTTP Server SSL Module 内存损坏	$25k-$100k	$5k-$25k	Not Defined	Official Fix	0.00	CVE-2022-37434
2023-01-17	6.5	6.3	Oracle HTTP Server SSL Module 拒绝服务	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2022-29824
2023-01-17	7.5	7.3	Oracle HTTP Server SSL Module 拒绝服务	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2021-42717
2023-01-17	7.5	7.3	Oracle HTTP Server SSL Module 弱身份验证	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2022-27782
2023-01-17	7.5	7.3	Oracle HTTP Server Centralized Thirdparty Jars 拒绝服务	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2018-25032
2023-01-17	9.8	9.6	Oracle HTTP Server SSL Module 内存损坏	$25k-$100k	$5k-$25k	Not Defined	Official Fix	0.00	CVE-2022-2274
2023-01-17	9.8	9.6	Oracle HTTP Server SSL Module 弱身份验证	$25k-$100k	$5k-$25k	Not Defined	Official Fix	0.02	CVE-2022-31813
2023-01-17	9.8	9.6	Oracle HTTP Server Centralized Thirdparty Jars 信息公开	$25k-$100k	$5k-$25k	Not Defined	Official Fix	0.02	CVE-2022-25236
2022-10-19	5.3	5.2	Oracle HTTP Server SSL Module 拒绝服务	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2020-14155
2022-10-19	5.9	5.8	Oracle HTTP Server SSL Module 拒绝服务	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.02	CVE-2021-3537
2022-10-19	6.5	6.3	Oracle HTTP Server Web Listener 信息公开	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2020-24977
2022-10-19	7.1	6.9	Oracle HTTP Server OHS Config MBeans 未知漏洞	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2022-21593
2022-10-19	9.8	9.6	Oracle HTTP Server SSL Module 内存损坏	$100k 以及更多	$5k-$25k	Not Defined	Official Fix	0.02	CVE-2022-23943

90 更多条目未显示

🔒 Login Required

You need to signup and login to see more of the remaining 90 results.

更多条目由 Oracle

◂ 上一步一览下一步 ▸

Interested in the pricing of exploits?

See the underground prices here!