English
EN
Français
FR
Language
English
EN
Français
FR

CVE Vulnerabilities

Posts & Pages

No results found for ""

Try different keywords or check spelling

Search in CVE database, posts & pages • Press ESC to close

DNA View

Critical Severity Vulnerability

This vulnerability has been rated as Critical severity. Immediate action is recommended.

CVE-2017-5645

Critical
Low Medium High Critical
9.8
CVSS Score
Published: Apr 17, 2017
Last Modified: Apr 20, 2025
CWE: CWE-502

Vulnerability Description

In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code.

CVSS Metrics

Common Vulnerability Scoring System

Vector String:

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
N
Attack Complexity
L
Privileges Required
N
User Interaction
N
Scope
U
Confidentiality
H
Integrity
H
Availability
H

Known Affected Software

189 configuration(s) from 4 vendor(s)

log4j
Version:
2.3
CPE:
cpe:2.3:a:apache:log4j:2.3:*:*:*:*:*:*:*
log4j
Version:
2.8.1
CPE:
cpe:2.3:a:apache:log4j:2.8.1:-:*:*:*:*:*:*
log4j
Version:
2.8
CPE:
cpe:2.3:a:apache:log4j:2.8:-:*:*:*:*:*:*
log4j
Version:
2.0.1
CPE:
cpe:2.3:a:apache:log4j:2.0.1:*:*:*:*:*:*:*
log4j
Version:
2.1
CPE:
cpe:2.3:a:apache:log4j:2.1:-:*:*:*:*:*:*
log4j
Version:
2.7
CPE:
cpe:2.3:a:apache:log4j:2.7:-:*:*:*:*:*:*
log4j
Version:
2.0
CPE:
cpe:2.3:a:apache:log4j:2.0:-:*:*:*:*:*:*
log4j
Version:
2.4.0
CPE:
cpe:2.3:a:apache:log4j:2.4.0:*:*:*:*:*:*:*
log4j
Version:
2.6.2
CPE:
cpe:2.3:a:apache:log4j:2.6.2:-:*:*:*:*:*:*
log4j
Version:
2.6
CPE:
cpe:2.3:a:apache:log4j:2.6:-:*:*:*:*:*:*
log4j
Version:
2.2
CPE:
cpe:2.3:a:apache:log4j:2.2:*:*:*:*:*:*:*
log4j
Version:
2.0.2
CPE:
cpe:2.3:a:apache:log4j:2.0.2:*:*:*:*:*:*:*
log4j
Version:
2.4.1
CPE:
cpe:2.3:a:apache:log4j:2.4.1:*:*:*:*:*:*:*
log4j
Version:
2.5
CPE:
cpe:2.3:a:apache:log4j:2.5:-:*:*:*:*:*:*
log4j
Version:
2.3.2
CPE:
cpe:2.3:a:apache:log4j:2.3.2:rc1:*:*:*:*:*:*
log4j
Version:
2.6.1
CPE:
cpe:2.3:a:apache:log4j:2.6.1:-:*:*:*:*:*:*
log4j
Version:
2.3.1
CPE:
cpe:2.3:a:apache:log4j:2.3.1:rc1:*:*:*:*:*:*
oncommand_api_services
Version:
-
CPE:
cpe:2.3:a:netapp:oncommand_api_services:-:*:*:*:*:*:*:*
oncommand_workflow_automation
Version:
-
CPE:
cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*
snapcenter
Version:
-
CPE:
cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*
service_level_manager
Version:
-
CPE:
cpe:2.3:a:netapp:service_level_manager:-:*:*:*:*:*:*:*
oncommand_insight
Version:
-
CPE:
cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*
storage_automation_store
Version:
-
CPE:
cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*
identity_analytics
Version:
11.1.1.5.8
CPE:
cpe:2.3:a:oracle:identity_analytics:11.1.1.5.8:*:*:*:*:*:*:*
insurance_calculation_engine
Version:
10.2.1
CPE:
cpe:2.3:a:oracle:insurance_calculation_engine:10.2.1:*:*:*:*:*:*:*
insurance_rules_palette
Version:
11.1
CPE:
cpe:2.3:a:oracle:insurance_rules_palette:11.1:*:*:*:*:*:*:*
policy_automation
Version:
12.2.10
CPE:
cpe:2.3:a:oracle:policy_automation:12.2.10:*:*:*:*:*:*:*
retail_advanced_inventory_planning
Version:
15.0
CPE:
cpe:2.3:a:oracle:retail_advanced_inventory_planning:15.0:*:*:*:*:*:*:*
autovue_vuelink_integration
Version:
21.0.0
CPE:
cpe:2.3:a:oracle:autovue_vuelink_integration:21.0.0:*:*:*:*:*:*:*
endeca_information_discovery_studio
Version:
3.2.0
CPE:
cpe:2.3:a:oracle:endeca_information_discovery_studio:3.2.0:*:*:*:*:*:*:*
fusion_middleware_mapviewer
Version:
12.2.1.2
CPE:
cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.2:*:*:*:*:*:*:*
financial_services_loan_loss_forecasting_and_provisioning
Version:
8.0.5
CPE:
cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.0.5:*:*:*:*:*:*:*
retail_integration_bus
Version:
14.1.0
CPE:
cpe:2.3:a:oracle:retail_integration_bus:14.1.0:*:*:*:*:*:*:*
siebel_ui_framework
Version:
18.9
CPE:
cpe:2.3:a:oracle:siebel_ui_framework:18.9:*:*:*:*:*:*:*
api_gateway
Version:
11.1.2.4.0
CPE:
cpe:2.3:a:oracle:api_gateway:11.1.2.4.0:*:*:*:*:*:*:*
enterprise_manager_for_oracle_database
Version:
13.2.2
CPE:
cpe:2.3:a:oracle:enterprise_manager_for_oracle_database:13.2.2:*:*:*:*:*:*:*
retail_advanced_inventory_planning
Version:
14.0
CPE:
cpe:2.3:a:oracle:retail_advanced_inventory_planning:14.0:*:*:*:*:*:*:*
policy_automation_for_mobile_devices
Version:
10.4.7
CPE:
cpe:2.3:a:oracle:policy_automation_for_mobile_devices:10.4.7:*:*:*:*:*:*:*
communications_webrtc_session_controller
Version:
7.1
CPE:
cpe:2.3:a:oracle:communications_webrtc_session_controller:7.1:*:*:*:*:*:*:*
soa_suite
Version:
12.2.1.3.0
CPE:
cpe:2.3:a:oracle:soa_suite:12.2.1.3.0:*:*:*:*:*:*:*
soa_suite
Version:
12.2.2.0.0
CPE:
cpe:2.3:a:oracle:soa_suite:12.2.2.0.0:*:*:*:*:*:*:*
jdeveloper
Version:
12.1.3.0.0
CPE:
cpe:2.3:a:oracle:jdeveloper:12.1.3.0.0:*:*:*:*:*:*:*
insurance_rules_palette
Version:
10.0
CPE:
cpe:2.3:a:oracle:insurance_rules_palette:10.0:*:*:*:*:*:*:*
policy_automation_for_mobile_devices
Version:
12.1.0
CPE:
cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.1.0:*:*:*:*:*:*:*
bi_publisher
Version:
11.1.1.7.0
CPE:
cpe:2.3:a:oracle:bi_publisher:11.1.1.7.0:*:*:*:*:*:*:*
retail_extract_transform_and_load
Version:
19.0
CPE:
cpe:2.3:a:oracle:retail_extract_transform_and_load:19.0:*:*:*:*:*:*:*
enterprise_manager_for_mysql_database
Version:
12.1.0.2.0
CPE:
cpe:2.3:a:oracle:enterprise_manager_for_mysql_database:12.1.0.2.0:*:*:*:*:*:*:*
policy_automation_for_mobile_devices
Version:
12.2.3
CPE:
cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.3:*:*:*:*:*:*:*
enterprise_manager_for_mysql_database
Version:
13.2.2.0.0
CPE:
cpe:2.3:a:oracle:enterprise_manager_for_mysql_database:13.2.2.0.0:*:*:*:*:*:*:*
utilities_work_and_asset_management
Version:
1.9.1.2.12
CPE:
cpe:2.3:a:oracle:utilities_work_and_asset_management:1.9.1.2.12:*:*:*:*:*:*:*
banking_platform
Version:
2.6.1
CPE:
cpe:2.3:a:oracle:banking_platform:2.6.1:*:*:*:*:*:*:*
communications_instant_messaging_server
Version:
10.0.1.3.0
CPE:
cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1.3.0:*:*:*:*:*:*:*
fusion_middleware_mapviewer
Version:
12.2.1.3
CPE:
cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.3:*:*:*:*:*:*:*
flexcube_investor_servicing
Version:
12.1.0
CPE:
cpe:2.3:a:oracle:flexcube_investor_servicing:12.1.0:*:*:*:*:*:*:*
policy_automation_for_mobile_devices
Version:
12.2.1
CPE:
cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.1:*:*:*:*:*:*:*
retail_predictive_application_server
Version:
15.0.3
CPE:
cpe:2.3:a:oracle:retail_predictive_application_server:15.0.3:*:*:*:*:*:*:*
configuration_manager
Version:
12.1.2.0.2
CPE:
cpe:2.3:a:oracle:configuration_manager:12.1.2.0.2:*:*:*:*:*:*:*
policy_automation
Version:
10.4.7
CPE:
cpe:2.3:a:oracle:policy_automation:10.4.7:*:*:*:*:*:*:*
communications_converged_application_server_-_service_controller
Version:
6.1
CPE:
cpe:2.3:a:oracle:communications_converged_application_server_-_service_controller:6.1:*:*:*:*:*:*:*
policy_automation_for_mobile_devices
Version:
12.1.1
CPE:
cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.1.1:*:*:*:*:*:*:*
policy_automation
Version:
12.1.1
CPE:
cpe:2.3:a:oracle:policy_automation:12.1.1:*:*:*:*:*:*:*
policy_automation_for_mobile_devices
Version:
12.2.4
CPE:
cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.4:*:*:*:*:*:*:*
enterprise_manager_base_platform
Version:
12.1.0.5
CPE:
cpe:2.3:a:oracle:enterprise_manager_base_platform:12.1.0.5:*:*:*:*:*:*:*
tape_library_acsls
Version:
8.4
CPE:
cpe:2.3:a:oracle:tape_library_acsls:8.4:*:*:*:*:*:*:*
financial_services_hedge_management_and_ifrs_valuations
Version:
8.0.5
CPE:
cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:8.0.5:*:*:*:*:*:*:*
jd_edwards_enterpriseone_tools
Version:
9.2
CPE:
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2:*:*:*:*:*:*:*
policy_automation
Version:
12.2.7
CPE:
cpe:2.3:a:oracle:policy_automation:12.2.7:*:*:*:*:*:*:*
in-memory_performance-driven_planning
Version:
12.2
CPE:
cpe:2.3:a:oracle:in-memory_performance-driven_planning:12.2:*:*:*:*:*:*:*
retail_integration_bus
Version:
14.0.0
CPE:
cpe:2.3:a:oracle:retail_integration_bus:14.0.0:*:*:*:*:*:*:*
siebel_ui_framework
Version:
18.7
CPE:
cpe:2.3:a:oracle:siebel_ui_framework:18.7:*:*:*:*:*:*:*
autovue_vuelink_integration
Version:
21.0.1
CPE:
cpe:2.3:a:oracle:autovue_vuelink_integration:21.0.1:*:*:*:*:*:*:*
financial_services_regulatory_reporting_with_agilereporter
Version:
8.0.9.2.0
CPE:
cpe:2.3:a:oracle:financial_services_regulatory_reporting_with_agilereporter:8.0.9.2.0:*:*:*:*:*:*:*
policy_automation
Version:
12.2.1
CPE:
cpe:2.3:a:oracle:policy_automation:12.2.1:*:*:*:*:*:*:*
siebel_ui_framework
Version:
18.8
CPE:
cpe:2.3:a:oracle:siebel_ui_framework:18.8:*:*:*:*:*:*:*
policy_automation_for_mobile_devices
Version:
12.2.6
CPE:
cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.6:*:*:*:*:*:*:*
retail_service_backbone
Version:
16.0
CPE:
cpe:2.3:a:oracle:retail_service_backbone:16.0:*:*:*:*:*:*:*
financial_services_behavior_detection_platform
Version:
6.1.1
CPE:
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:6.1.1:*:*:*:*:*:*:*
enterprise_manager_for_peoplesoft
Version:
13.1.1.1
CPE:
cpe:2.3:a:oracle:enterprise_manager_for_peoplesoft:13.1.1.1:*:*:*:*:*:*:*
policy_automation_for_mobile_devices
Version:
12.2.7
CPE:
cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.7:*:*:*:*:*:*:*
rapid_planning
Version:
12.1
CPE:
cpe:2.3:a:oracle:rapid_planning:12.1:*:*:*:*:*:*:*
policy_automation
Version:
12.2.2
CPE:
cpe:2.3:a:oracle:policy_automation:12.2.2:*:*:*:*:*:*:*
enterprise_manager_for_mysql_database
Version:
13.2.1.0.0
CPE:
cpe:2.3:a:oracle:enterprise_manager_for_mysql_database:13.2.1.0.0:*:*:*:*:*:*:*
primavera_gateway
Version:
16.2
CPE:
cpe:2.3:a:oracle:primavera_gateway:16.2:*:*:*:*:*:*:*
retail_open_commerce_platform
Version:
6.0.0
CPE:
cpe:2.3:a:oracle:retail_open_commerce_platform:6.0.0:*:*:*:*:*:*:*
primavera_gateway
Version:
16.2.11
CPE:
cpe:2.3:a:oracle:primavera_gateway:16.2.11:*:*:*:*:*:*:*
application_testing_suite
Version:
13.3.0.1
CPE:
cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:*
timesten_in-memory_database
Version:
11.2.2.8.49
CPE:
cpe:2.3:a:oracle:timesten_in-memory_database:11.2.2.8.49:*:*:*:*:*:*:*
enterprise_manager_for_mysql_database
Version:
12.1.0.3.0
CPE:
cpe:2.3:a:oracle:enterprise_manager_for_mysql_database:12.1.0.3.0:*:*:*:*:*:*:*
insurance_rules_palette
Version:
10.2
CPE:
cpe:2.3:a:oracle:insurance_rules_palette:10.2:*:*:*:*:*:*:*
communications_webrtc_session_controller
Version:
7.0
CPE:
cpe:2.3:a:oracle:communications_webrtc_session_controller:7.0:*:*:*:*:*:*:*
identity_management_suite
Version:
12.2.1.3.0
CPE:
cpe:2.3:a:oracle:identity_management_suite:12.2.1.3.0:*:*:*:*:*:*:*
enterprise_manager_base_platform
Version:
13.2.0.0
CPE:
cpe:2.3:a:oracle:enterprise_manager_base_platform:13.2.0.0:*:*:*:*:*:*:*
policy_automation
Version:
12.2.8
CPE:
cpe:2.3:a:oracle:policy_automation:12.2.8:*:*:*:*:*:*:*
policy_automation
Version:
12.2.3
CPE:
cpe:2.3:a:oracle:policy_automation:12.2.3:*:*:*:*:*:*:*
flexcube_investor_servicing
Version:
12.4.0
CPE:
cpe:2.3:a:oracle:flexcube_investor_servicing:12.4.0:*:*:*:*:*:*:*
flexcube_investor_servicing
Version:
12.3.0
CPE:
cpe:2.3:a:oracle:flexcube_investor_servicing:12.3.0:*:*:*:*:*:*:*
retail_open_commerce_platform
Version:
6.0.1
CPE:
cpe:2.3:a:oracle:retail_open_commerce_platform:6.0.1:*:*:*:*:*:*:*
bi_publisher
Version:
12.2.1.3.0
CPE:
cpe:2.3:a:oracle:bi_publisher:12.2.1.3.0:*:*:*:*:*:*:*
in-memory_performance-driven_planning
Version:
12.1
CPE:
cpe:2.3:a:oracle:in-memory_performance-driven_planning:12.1:*:*:*:*:*:*:*
financial_services_lending_and_leasing
Version:
12.5.0
CPE:
cpe:2.3:a:oracle:financial_services_lending_and_leasing:12.5.0:*:*:*:*:*:*:*
policy_automation_for_mobile_devices
Version:
12.2.8
CPE:
cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.8:*:*:*:*:*:*:*
communications_pricing_design_center
Version:
12.0
CPE:
cpe:2.3:a:oracle:communications_pricing_design_center:12.0:*:*:*:*:*:*:*
retail_integration_bus
Version:
16.0
CPE:
cpe:2.3:a:oracle:retail_integration_bus:16.0:*:*:*:*:*:*:*
insurance_rules_palette
Version:
10.1
CPE:
cpe:2.3:a:oracle:insurance_rules_palette:10.1:*:*:*:*:*:*:*
goldengate
Version:
12.3.2.1.1
CPE:
cpe:2.3:a:oracle:goldengate:12.3.2.1.1:*:*:*:*:*:*:*
enterprise_data_quality
Version:
12.2.1.3.0
CPE:
cpe:2.3:a:oracle:enterprise_data_quality:12.2.1.3.0:*:*:*:*:*:*:*
weblogic_server
Version:
10.3.6.0.0
CPE:
cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:*
policy_automation
Version:
12.2.6
CPE:
cpe:2.3:a:oracle:policy_automation:12.2.6:*:*:*:*:*:*:*
retail_open_commerce_platform
Version:
5.3.0
CPE:
cpe:2.3:a:oracle:retail_open_commerce_platform:5.3.0:*:*:*:*:*:*:*
policy_automation_connector_for_siebel
Version:
10.4.6
CPE:
cpe:2.3:a:oracle:policy_automation_connector_for_siebel:10.4.6:*:*:*:*:*:*:*
identity_management_suite
Version:
11.1.2.3.0
CPE:
cpe:2.3:a:oracle:identity_management_suite:11.1.2.3.0:*:*:*:*:*:*:*
policy_automation
Version:
12.2.0
CPE:
cpe:2.3:a:oracle:policy_automation:12.2.0:*:*:*:*:*:*:*
peoplesoft_enterprise_fin_install
Version:
9.2
CPE:
cpe:2.3:a:oracle:peoplesoft_enterprise_fin_install:9.2:*:*:*:*:*:*:*
bi_publisher
Version:
12.2.1.4.0
CPE:
cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:*:*:*:*:*:*:*
retail_service_backbone
Version:
15.0
CPE:
cpe:2.3:a:oracle:retail_service_backbone:15.0:*:*:*:*:*:*:*
insurance_calculation_engine
Version:
10.1.1
CPE:
cpe:2.3:a:oracle:insurance_calculation_engine:10.1.1:*:*:*:*:*:*:*
enterprise_manager_for_fusion_middleware
Version:
13.2.0.0
CPE:
cpe:2.3:a:oracle:enterprise_manager_for_fusion_middleware:13.2.0.0:*:*:*:*:*:*:*
insurance_policy_administration
Version:
10.2
CPE:
cpe:2.3:a:oracle:insurance_policy_administration:10.2:*:*:*:*:*:*:*
retail_integration_bus
Version:
15.0
CPE:
cpe:2.3:a:oracle:retail_integration_bus:15.0:*:*:*:*:*:*:*
policy_automation_for_mobile_devices
Version:
12.2.0
CPE:
cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.0:*:*:*:*:*:*:*
retail_service_backbone
Version:
14.1
CPE:
cpe:2.3:a:oracle:retail_service_backbone:14.1:*:*:*:*:*:*:*
primavera_gateway
Version:
17.12.7
CPE:
cpe:2.3:a:oracle:primavera_gateway:17.12.7:*:*:*:*:*:*:*
utilities_advanced_spatial_and_operational_analytics
Version:
2.7.0.1
CPE:
cpe:2.3:a:oracle:utilities_advanced_spatial_and_operational_analytics:2.7.0.1:*:*:*:*:*:*:*
bi_publisher
Version:
11.1.1.9.0
CPE:
cpe:2.3:a:oracle:bi_publisher:11.1.1.9.0:*:*:*:*:*:*:*
primavera_gateway
Version:
17.12.0
CPE:
cpe:2.3:a:oracle:primavera_gateway:17.12.0:*:*:*:*:*:*:*
flexcube_investor_servicing
Version:
14.0.0
CPE:
cpe:2.3:a:oracle:flexcube_investor_servicing:14.0.0:*:*:*:*:*:*:*
financial_services_hedge_management_and_ifrs_valuations
Version:
8.0.4
CPE:
cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:8.0.4:*:*:*:*:*:*:*
enterprise_manager_for_oracle_database
Version:
12.1.0.8
CPE:
cpe:2.3:a:oracle:enterprise_manager_for_oracle_database:12.1.0.8:*:*:*:*:*:*:*
banking_platform
Version:
2.6.2
CPE:
cpe:2.3:a:oracle:banking_platform:2.6.2:*:*:*:*:*:*:*
policy_automation
Version:
12.2.4
CPE:
cpe:2.3:a:oracle:policy_automation:12.2.4:*:*:*:*:*:*:*
retail_extract_transform_and_load
Version:
13.2
CPE:
cpe:2.3:a:oracle:retail_extract_transform_and_load:13.2:*:*:*:*:*:*:*
policy_automation
Version:
12.2.9
CPE:
cpe:2.3:a:oracle:policy_automation:12.2.9:*:*:*:*:*:*:*
weblogic_server
Version:
12.2.1.4.0
CPE:
cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*
soa_suite
Version:
12.1.3.0.0
CPE:
cpe:2.3:a:oracle:soa_suite:12.1.3.0.0:*:*:*:*:*:*:*
retail_extract_transform_and_load
Version:
13.0
CPE:
cpe:2.3:a:oracle:retail_extract_transform_and_load:13.0:*:*:*:*:*:*:*
jdeveloper
Version:
12.2.1.3.0
CPE:
cpe:2.3:a:oracle:jdeveloper:12.2.1.3.0:*:*:*:*:*:*:*
weblogic_server
Version:
14.1.1.0.0
CPE:
cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*
retail_extract_transform_and_load
Version:
13.1
CPE:
cpe:2.3:a:oracle:retail_extract_transform_and_load:13.1:*:*:*:*:*:*:*
enterprise_manager_for_fusion_middleware
Version:
12.1.0.5
CPE:
cpe:2.3:a:oracle:enterprise_manager_for_fusion_middleware:12.1.0.5:*:*:*:*:*:*:*
insurance_rules_palette
Version:
11.0
CPE:
cpe:2.3:a:oracle:insurance_rules_palette:11.0:*:*:*:*:*:*:*
communications_service_broker
Version:
6.0
CPE:
cpe:2.3:a:oracle:communications_service_broker:6.0:*:*:*:*:*:*:*
policy_automation
Version:
12.1.0
CPE:
cpe:2.3:a:oracle:policy_automation:12.1.0:*:*:*:*:*:*:*
jd_edwards_enterpriseone_tools
Version:
4.0.1.0
CPE:
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:4.0.1.0:*:*:*:*:*:*:*
financial_services_profitability_management
Version:
6.1.1
CPE:
cpe:2.3:a:oracle:financial_services_profitability_management:6.1.1:*:*:*:*:*:*:*
policy_automation_for_mobile_devices
Version:
12.2.5
CPE:
cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.5:*:*:*:*:*:*:*
retail_clearance_optimization_engine
Version:
14.0.5
CPE:
cpe:2.3:a:oracle:retail_clearance_optimization_engine:14.0.5:*:*:*:*:*:*:*
enterprise_manager_for_mysql_database
Version:
12.1.0.4.0
CPE:
cpe:2.3:a:oracle:enterprise_manager_for_mysql_database:12.1.0.4.0:*:*:*:*:*:*:*
policy_automation_for_mobile_devices
Version:
12.2.2
CPE:
cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.2:*:*:*:*:*:*:*
flexcube_investor_servicing
Version:
12.0.4
CPE:
cpe:2.3:a:oracle:flexcube_investor_servicing:12.0.4:*:*:*:*:*:*:*
identity_manager_connector
Version:
9.0
CPE:
cpe:2.3:a:oracle:identity_manager_connector:9.0:*:*:*:*:*:*:*
insurance_policy_administration
Version:
11.0
CPE:
cpe:2.3:a:oracle:insurance_policy_administration:11.0:*:*:*:*:*:*:*
enterprise_manager_for_peoplesoft
Version:
13.2.1.1
CPE:
cpe:2.3:a:oracle:enterprise_manager_for_peoplesoft:13.2.1.1:*:*:*:*:*:*:*
weblogic_server
Version:
12.1.3.0.0
CPE:
cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:*:*:*:*:*:*:*
communications_online_mediation_controller
Version:
6.1
CPE:
cpe:2.3:a:oracle:communications_online_mediation_controller:6.1:*:*:*:*:*:*:*
enterprise_manager_for_mysql_database
Version:
13.2
CPE:
cpe:2.3:a:oracle:enterprise_manager_for_mysql_database:13.2:*:*:*:*:*:*:*
insurance_policy_administration
Version:
10.0
CPE:
cpe:2.3:a:oracle:insurance_policy_administration:10.0:*:*:*:*:*:*:*
insurance_policy_administration
Version:
10.1
CPE:
cpe:2.3:a:oracle:insurance_policy_administration:10.1:*:*:*:*:*:*:*
rapid_planning
Version:
12.2
CPE:
cpe:2.3:a:oracle:rapid_planning:12.2:*:*:*:*:*:*:*
primavera_gateway
Version:
16.2.0
CPE:
cpe:2.3:a:oracle:primavera_gateway:16.2.0:*:*:*:*:*:*:*
policy_automation
Version:
12.2.5
CPE:
cpe:2.3:a:oracle:policy_automation:12.2.5:*:*:*:*:*:*:*
communications_pricing_design_center
Version:
11.1
CPE:
cpe:2.3:a:oracle:communications_pricing_design_center:11.1:*:*:*:*:*:*:*
policy_automation_for_mobile_devices
Version:
12.2.9
CPE:
cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.9:*:*:*:*:*:*:*
primavera_gateway
Version:
17.12.6
CPE:
cpe:2.3:a:oracle:primavera_gateway:17.12.6:*:*:*:*:*:*:*
configuration_manager
Version:
12.1.2.0.5
CPE:
cpe:2.3:a:oracle:configuration_manager:12.1.2.0.5:*:*:*:*:*:*:*
policy_automation_for_mobile_devices
Version:
12.2.10
CPE:
cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.10:*:*:*:*:*:*:*
jdeveloper
Version:
11.1.1.9.0
CPE:
cpe:2.3:a:oracle:jdeveloper:11.1.1.9.0:*:*:*:*:*:*:*
banking_platform
Version:
2.6.0
CPE:
cpe:2.3:a:oracle:banking_platform:2.6.0:*:*:*:*:*:*:*
weblogic_server
Version:
12.2.1.3.0
CPE:
cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*
primavera_gateway
Version:
17.12
CPE:
cpe:2.3:a:oracle:primavera_gateway:17.12:*:*:*:*:*:*:*
financial_services_loan_loss_forecasting_and_provisioning
Version:
8.0.4
CPE:
cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.0.4:*:*:*:*:*:*:*
goldengate_application_adapters
Version:
12.3.2.1.1
CPE:
cpe:2.3:a:oracle:goldengate_application_adapters:12.3.2.1.1:*:*:*:*:*:*:*
fuse
Version:
1.0
CPE:
cpe:2.3:a:redhat:fuse:1.0:*:*:*:*:*:*:*
enterprise_linux
Version:
7.0
CPE:
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:intel64:*
enterprise_linux
Version:
7.3
CPE:
cpe:2.3:o:redhat:enterprise_linux:7.3:*:*:*:*:*:*:*
enterprise_linux_server_eus
Version:
7.6
CPE:
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*
enterprise_linux_workstation
Version:
7.0
CPE:
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:x64:*
enterprise_linux_server_tus
Version:
7.4
CPE:
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*
enterprise_linux_server_eus
Version:
7.4
CPE:
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
enterprise_linux
Version:
6.7
CPE:
cpe:2.3:o:redhat:enterprise_linux:6.7:*:*:*:*:*:*:*
enterprise_linux_server_aus
Version:
7.4
CPE:
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
enterprise_linux
Version:
7.4
CPE:
cpe:2.3:o:redhat:enterprise_linux:7.4:*:*:*:*:*:*:*
enterprise_linux_server_tus
Version:
7.6
CPE:
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
enterprise_linux
Version:
7.5
CPE:
cpe:2.3:o:redhat:enterprise_linux:7.5:*:*:*:*:*:*:*
enterprise_linux_server
Version:
7.0
CPE:
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:x64:*
enterprise_linux
Version:
6.0
CPE:
cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:intel64:*
enterprise_linux
Version:
7.6
CPE:
cpe:2.3:o:redhat:enterprise_linux:7.6:*:*:*:*:*:*:*
enterprise_linux_server_aus
Version:
7.6
CPE:
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
enterprise_linux_desktop
Version:
7.0
CPE:
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:x64:*
enterprise_linux_server_eus
Version:
7.5
CPE:
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
This vulnerability affects 189 software configuration(s). Ensure you patch all affected systems.

References & Resources

Severity Details

9.8
out of 10.0
Critical

Weakness Type (CWE)

CWE-502 Top 25 #15

Deserialization of Untrusted Data

Description
The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.
Exploit Likelihood
Medium
Typical Severity
Medium
OWASP Top 10
A08:2021-Software/Data Integrity Failures
Abstraction Level
Base
View CWE Details on MITRE

Key Information

Published Date
April 17, 2017

External Resources

NIST
NIST NVD
National Vulnerability Database
MT
MITRE CVE
Official CVE record