CVE-2019-17573

🗓️ 16 Jan 2020 17:50:42Reported by apacheType

Apache CXF /services page XSS vulnerabilit

Reporter	Title	Published	Views	Family All 76
IBM Security Bulletins	Security Bulletin: Vulnerabilities in IBM WebSphere Liberty affects IBM Waston Machine Learning Accelerator	18 Jan 202107:09	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in the IBM HTTP Server and IBM WebSphere Application Server used in IBM WebSphere Application Server in IBM Cloud	16 Jun 202013:32	–	ibm
IBM Security Bulletins	Security Bulletin: IBM QRadar SIEM is vulnerable to Using Components with Known Vulnerabilities	7 Oct 202020:49	–	ibm
IBM Security Bulletins	Security Bulletin: Rational Asset Analyzer (RAA) is affected by a WebSphere Application Server vulnerability	1 Jul 202001:42	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in IBM Websphere Liberty affects IBM LKS Administration and Reporting Tool and Agent	14 Apr 202005:16	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM WebSphere Application Server Liberty affect IBM Spectrum Protect Plus	31 Aug 202019:36	–	ibm
IBM Security Bulletins	Security Bulletin: Speech to Text, Text to Speech ICP, WebSphere Application Server Liberty Fix	12 Jan 202321:59	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in Websphere Liberty server (WLP) affects IBM Cloud Application Business Insights	22 Dec 202006:06	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in IBM WebSphere Application Server Liberty affect BM Spectrum Control (CVE-2019-17573, CVE-2019-12406)	23 Mar 202222:07	–	ibm
IBM Security Bulletins	WebSphere Application Server and IBM HTTP Server Security Bulletin List	13 Jul 202218:04	–	ibm

NVD

Vulners

Node

apache cxfRange3.2.0–3.2.12

apache cxfRange3.3.0–3.3.5

Node

oracle commerce_guided_searchMatch11.3.2

oracle communications_element_managerMatch8.1.1

oracle communications_element_managerMatch8.2.0

oracle communications_element_managerMatch8.2.1

oracle communications_session_report_managerMatch8.1.1

oracle communications_session_report_managerMatch8.2.0

oracle communications_session_report_managerMatch8.2.1

oracle communications_session_route_managerMatch8.1.1

oracle communications_session_route_managerMatch8.2.0

oracle communications_session_route_managerMatch8.2.1

oracle flexcube_private_bankingMatch12.0.0

oracle flexcube_private_bankingMatch12.1.0

oracle retail_order_brokerMatch15.0

[
  {
    "product": "CXF",
    "vendor": "Apache",
    "versions": [
      {
        "status": "affected",
        "version": "All versions of Apache CXF prior to 3.3.5 and 3.2.12."
      }
    ]
  }
]

Source	Link
lists	www.lists.apache.org/thread.html/r51fdd73548290b2dfd0b48f7ab69bf9ae064dd100364cd8a15f0b3ec%40%3Cdev.cxf.apache.org%3E
lists	www.lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E
lists	www.lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E
lists	www.lists.apache.org/thread.html/r51fdd73548290b2dfd0b48f7ab69bf9ae064dd100364cd8a15f0b3ec%40%3Cannounce.apache.org%3E
oracle	www.oracle.com/security-alerts/cpuApr2021.html
lists	www.lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E
lists	www.lists.apache.org/thread.html/r81a41a2915985d49bc3ea57dde2018b03584a863878a8532a89f993f%40%3Cusers.cxf.apache.org%3E
openwall	www.openwall.com/lists/oss-security/2020/11/12/2
lists	www.lists.apache.org/thread.html/rf3b50583fefce2810cbd37c3d358cbcd9a03e750005950bf54546194%40%3Cannounce.apache.org%3E
lists	www.lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E

21 Nov 2024 04:32Current

5.7Medium risk

Vulners AI Score5.7

CVSS 24.3

CVSS 3.16.1

EPSS0.13981

CWE-79