Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- CVE# Product Component Protocol Remote
- Exploit
- without
- Auth.? CVSS VERSION 3.0 RISK (see Risk Matrix Definitions) Supported Versions Affected Notes
- Base
- Score Attack
- Vector Attack
- Complex Privs
- Req'd User
- Interact Scope Confid-
- entiality Inte-
- grity Avail-
- ability
- CVE-2017-10352 Oracle WebLogic Server WLS - Web Services HTTP Yes 9.9 Network Low None None Changed Low Low High 12.2.1.3.0
- CVE-2017-5461 Oracle Directory Server Enterprise Edition Admin Console (Sun Security Libraries) HTTP Yes 9.8 Network Low None None Un-
- changed High High High 11.1.1.7.0
- CVE-2017-5461 Oracle iPlanet Web Server Security (NSS) Multiple Yes 9.8 Network Low None None Un-
- changed High High High 7.0
- CVE-2017-5645 Oracle WebLogic Server Sample apps (Apache Log4j) TCP/UDP Yes 9.8 Network Low None None Un-
- changed High High High 10.3.6.0.0, 12.1.3.0.0, 12.2.1.2.0, 12.2.1.3.0
- CVE-2016-0635 Oracle Identity Manager Security HTTP No 8.8 Network Low Low None Un-
- changed High High High 11.1.2.3.0
- CVE-2015-7501 Oracle Identity Manager Connector CA ACF2 (Apache Commons Collections) HTTP No 8.8 Network Low Low None Un-
- changed High High High 9.0.4.20.6, 9.0.4.21.0, 9.0.4.25.4
- CVE-2015-7501 Oracle Identity Manager Security (Apache Commons Collections) HTTP Yes 8.6 Network Low None None Un-
- changed High Low Low 11.1.2.3.0
- CVE-2017-10068 Oracle Business Intelligence Enterprise Edition Analytics Web Dashboards HTTP Yes 8.2 Network Low None Required Changed High Low None 12.2.1.3.0
- CVE-2018-2711 Oracle JDeveloper Security Framework HTTP Yes 8.2 Network Low None Required Changed High Low None 11.1.1.2.4, 11.1.1.7.0, 11.1.1.7.1, 11.1.1.9.0, 12.1.3.0.0
- CVE-2016-2107 Oracle Mobile Security Suite Internal Development (OpenSSL) HTTPS Yes 8.2 Network Low None None Un-
- changed Low None High 3.0.1
- CVE-2018-2564 Oracle WebCenter Content Content Server HTTP Yes 8.2 Network Low None Required Changed Low High None 11.1.1.9.0
- CVE-2018-2596 Oracle WebCenter Content Content Server HTTP Yes 8.2 Network Low None Required Changed Low High None 11.1.1.9.0, 12.2.1.2.0, 12.2.1.3.0
- CVE-2016-1182 Oracle WebCenter Portal Security Framework (Apache Struts 1) HTTP Yes 8.2 Network Low None None Un-
- changed None Low High 11.1.1.9.0, 12.2.1.2.0, 12.2.1.3.0
- CVE-2018-2713 Oracle WebCenter Portal WebCenter Spaces Application HTTP Yes 8.2 Network Low None Required Changed Low High None 11.1.1.9.0, 12.2.1.2.0, 12.2.1.3.0
- CVE-2017-12617 Oracle Endeca Information Discovery Integrator Other Issues (Apache Tomcat) HTTP Yes 8.1 Network High None None Un-
- changed High High High 3.1.0, 3.2.0
- CVE-2017-12617 Oracle Tuxedo System and Applications Monitor tsam-General (Apache Tomcat) HTTP Yes 8.1 Network High None None Un-
- changed High High High 12.1.3.0.0
- CVE-2018-2601 Oracle Internet Directory Oracle Directory Services Manager HTTP No 8.0 Network High High None Changed High High High 11.1.1.7.0, 11.1.1.9.0, 12.2.1.3.0
- CVE-2017-9798 Oracle HTTP Server Web Listener HTTP Yes 7.5 Network Low None None Un-
- changed High None None 11.1.1.7.0, 11.1.1.9.0, 12.1.3.0.0, 12.2.1.2.0, 12.2.1.3.0
- CVE-2015-7940 Oracle WebCenter Portal Security Framework (Bouncy Castle Java package) HTTP Yes 7.5 Network Low None None Un-
- changed High None None 11.1.1.9.0, 12.2.1.2.0, 12.2.1.3.0
- CVE-2018-2715 Oracle Business Intelligence Enterprise Edition BI Platform Security HTTP No 6.5 Network Low Low None Un-
- changed High None None 12.2.1.2.0, 12.2.1.3.0
- CVE-2017-10262 Oracle Access Manager Web Server Plugin HTTPS Yes 5.9 Network High None None Un-
- changed High None None 11.1.2.3.0
- CVE-2017-3732 Oracle Access Manager Web Server Plugin (OpenSSL) HTTPS Yes 5.9 Network High None None Un-
- changed High None None 10.1.4.3.0
- CVE-2016-2179 Oracle Business Intelligence Enterprise Edition Analytics Server (OpenSSL) HTTPS Yes 5.3 Network Low None None Un-
- changed None None Low 11.1.1.7.0, 11.1.1.9.0, 12.2.1.2.0, 12.2.1.3.0
- CVE-2018-2561 Oracle HTTP Server Web Listener HTTP Yes 5.3 Network Low None None Un-
- changed None None Low 11.1.1.7.0, 11.1.1.9.0, 12.1.3.0.0, 12.2.1.2.0, 12.2.1.3.0
- CVE-2018-2625 Oracle WebLogic Server Web Services HTTP Yes 5.3 Network Low None None Un-
- changed Low None None 12.1.3.0.0, 12.2.1.3.0, 12.2.1.2.0
- CVE-2017-10273 Oracle JDeveloper Deployment None No 4.7 Local High High Required Changed Low Low Low 11.1.1.7.0, 11.1.1.7.1, 11.1.1.9.0, 11.1.2.4.0, 12.1.3.0.0, 12.2.1.2.0
- CVE-2018-2584 Oracle WebCenter Sites Advanced UI HTTP No 4.3 Network Low Low None Un-
- changed Low None None 11.1.1.8.0
- Additional CVEs addressed are below:
- The fix for CVE-2015-7501 also addresses CVE-2015-4852.
- The fix for CVE-2016-1182 also addresses CVE-2014-0114 and CVE-2016-1181.
- The fix for CVE-2016-2107 also addresses CVE-2016-2105, CVE-2016-2106 and CVE-2016-2109.
- The fix for CVE-2016-2179 also addresses CVE-2016-2107.
- The fix for CVE-2016-6304 also addresses CVE-2016-2177, CVE-2016-2178, CVE-2016-2179, CVE-2016-2180, CVE-2016-2181, CVE-2016-2182, CVE-2016-2183, CVE-2016-6302, CVE-2016-6303, CVE-2016-6305, CVE-2016-6306, CVE-2016-6307, CVE-2016-6308, CVE-2016-6309 and CVE-2016-7052.
- The fix for CVE-2017-3732 also addresses CVE-2016-2177, CVE-2016-2178, CVE-2016-2179, CVE-2016-2180, CVE-2016-2181, CVE-2016-2182, CVE-2016-2183, CVE-2016-6302, CVE-2016-6303, CVE-2016-6304, CVE-2016-6305, CVE-2016-6306, CVE-2016-6307, CVE-2016-6308, CVE-2016-6309, CVE-2016-7052, CVE-2016-7055, CVE-2017-3730, CVE-2017-3731 and CVE-2017-3733.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement