CVE-2015-3253 Oracle Communications BRM - Elastic Charging Engine Security (Ap

1. CVE-2015-3253 Oracle Communications BRM - Elastic Charging Engine Security (Apache Groovy) HTTP Yes 9.8 Network Low None None Un-
2. changed High High High 7.5
3. CVE-2017-5645 Oracle Communications BRM - Elastic Charging Engine Security (Apache Log4j) HTTP Yes 9.8 Network Low None None Un-
4. changed High High High 7.5
5. CVE-2017-5645 Oracle Communications Convergent Charging Controller Notifications Gateway (Apache Log4j) TCP Yes 9.8 Network Low None None Un-
6. changed High High High 6.0
7. CVE-2017-5645 Oracle Communications Network Charging and Control Notifications Gateway (Apache Log4j) TCP Yes 9.8 Network Low None None Un-
8. changed High High High 6.0
9. CVE-2017-5645 Oracle Communications Services Gatekeeper Security (Apache Log4j) HTTP Yes 9.8 Network Low None None Un-
10. changed High High High 5.1, 6.0
11. CVE-2016-5385 Oracle Communications User Data Repository Security (PM&C) Multiple Yes 8.1 Network High None None Un-
12. changed High High High 10.x, 12.x
13. CVE-2018-2570 Oracle Communications Unified Inventory Management Portal HTTP No 6.3 Network Low Low None Un-
14. changed Low Low Low 7.2.4.2.x, 7.3
15. CVE-2018-2567 Oracle Communications Order and Service Management Portal HTTP Yes 6.1 Network Low None Required Changed Low Low None 7.2.4.1.x, 7.2.4.2.x, 7.3.0.x.x, 7.3.0.1.x
16. CVE-2013-2566 Oracle Communications Application Session Controller Security TLS Yes 5.9 Network High None None Un-
17. changed High None None 3.x
18. CVE-2018-2571 Oracle Communications Unified Inventory Management Portal HTTP No 5.4 Network Low Low None Un-
19. changed Low Low None 7.2.4.2.x, 7.3
20.  
21.  
22. Additional CVEs addressed are below:
23.  
24. The fix for CVE-2013-2566 also addresses CVE-2015-2808.
25. The fix for CVE-2015-3253 also addresses CVE-2016-6814.
26. The fix for CVE-2016-5385 also addresses CVE-2016-2518, CVE-2016-2550, CVE-2016-4449, CVE-2016-5387 and CVE-2016-7977.